company’s financial status has matured and its network has
expanded at a rapid pace, its network security has not kept up
with the company growth.
GFI’s network is fairly stabilized as it has not experienced
many outages due to network failures. GFI has hired three (3)
network engineers to keep up with the network growth and the
bandwidth demand by the company employees and the
clients. However, the company has not hired any security
personnel who can take care of the operational security
responsibility.
The trusted computing base (TCB) internal network in the
Global Finance, Inc. Network Diagram hosts the company’s
mission critical systems without which the company’s
operations and financial situation would suffer. The Oracle
database and email systems are among the most intensively
used application servers in the company. GFI cannot afford
system outages because its cash flow and financial systems
heavily depend on the network stability. GFI has experienced
DOS network attacks twice this year and its Oracle database
and email servers had been down for a week. The recovery
process required GFI to use $25,000 to restore its operations
back to normal. GFI estimated the loss from these network
attacks at more than $100,000 including lost customer
confidence.
Write a twelve to fifteen (12-15) page formal risk assessment
proposal and redraw the above diagram of a secure and riskmitigating model in which you: