CMGT400 Week 2 Team Assignment Kudler Fine Foods IT Security Report Top Threats
Top Threats
CMGT/400
Area of System
Threat
Potential Vulnerability
Web site or network.
Denial of Service or DoS.
This will slow the system down considerably or cause the whole network to not function at all which will deny customer access to the service.
Customer and Company Emails
Phishing attempts
Phishing is when a person tries to trick either the customer or company that the email is legit and comes from a legitimate source and try to ask the customer for their account information.
Database
Back door attack
This is when the hacker places a back door that could be done by installing a program that can give the hacker unlimited access to the database anytime which could compromise any important data such as customer personal information or even company information.
The customer reward site or network
Spoofing
There are multiple versions of spoofing but this is when the hacker inputs a false header on the packet so it will trick the receiving network that the packet is from a legitimate source. This could send in harmful packets that could damage the network and allow hackers to gain access to the network.
Customer account information for the rewards program
Poor passwords/dictionary attack
This is when a hacker runs a program that will go through all the words in the dictionary and add any special characters such as numbers to try and guess the passwords. This can compromise the customer’s account information, so educating a customer on how to make strong passwords should be recommended.
CMGT/400
Area of System
Threat
Potential Vulnerability
Web site or network.
Denial of Service or DoS.
This will slow the system down considerably or cause the whole network to not function at all which will deny customer access to the service.
Customer and Company Emails
Phishing attempts
Phishing is when a person tries to trick either the customer or company that the email is legit and comes from a legitimate source and try to ask the customer for their account information.
Database
Back door attack
This is when the hacker places a back door that could be done by installing a program that can give the hacker unlimited access to the database anytime which could compromise any important data such as customer personal information or even company information.
The customer reward site or network
Spoofing
There are multiple versions of spoofing but this is when the hacker inputs a false header on the packet so it will trick the receiving network that the packet is from a legitimate source. This could send in harmful packets that could damage the network and allow hackers to gain access to the network.
Customer account information for the rewards program
Poor passwords/dictionary attack
This is when a hacker runs a program that will go through all the words in the dictionary and add any special characters such as numbers to try and guess the passwords. This can compromise the customer’s account information, so educating a customer on how to make strong passwords should be recommended.