IT544-1: Determine vulnerabilities in both systems and application software configurations.
Unit 3 Assignment:
Purpose
You are in the role of a cybersecurity manager and are a new hire for a medium-sized global organization (500 people) that manufactures components for autonomous automobile vendors. The organization also has one government contract. You have received the go ahead from upper management to kick off a data security project. The goal of the project is to understand where all the critical and confidential data and data systems are located, describe the types of possible threats targeting the critical and confidential data, determine why the threats exist, and determine why the enterprise systems may be vulnerable to cyberattack and where vulnerabilities may lie.
You are going to write a paper describing the overarching goal of the project that includes at least three examples so that the project manager can get a clear understanding of the goals.
Assignment Scenario:
By conducting research, select three types of enterprise systems, including at least one that operates in the cloud. All systems store some confidential data in their data store.
System 1: Stores confidential information in a relational database system like Microsoft SQL Server or Oracle DBMS that resides on premise.
System 2: Stores confidential information in the cloud using a NoSQL (Not Only SQL) database technology like Mondo DB or Apache Cassandra.
System 3: Stores big data in a big data database (like AWS Dynamo DB or Azure Cosmos DB), hybrid on premise/cloud and overseas.
All systems are accessible using a browser, and each enterprise system has a mobile application that can be used to access data from the enterprise system.
Assignment Instructions:
Create a header for each system. Under the header for each system:
Describe vulnerabilities and threats that specifically target confidentiality on the data-driven system and its associated infrastructure. While some threats might apply to all of the systems, describe one threat that is more likely for each scenario and consider the different security issues for each type of database (e.g., a NoSQL database distributes data across many servers). Consider and discuss at least one of the following for each system:
Built-in Protection
Authorization and Authentication
Encryption
SQL Injection
Determine why the threats you describe exist, and determine at least two data/database vulnerabilities in each of the systems.
Determine one known malicious software that could confiscate confidential information from the database system and scenario
Assignment Requirements:
3–4 pages of content (exclusive of title page, etc.), double-spaced in 12pt Times New Roman font, using correct APA formatting and including a title page, table of contents, abstract, and reference page(s).
At least 3 credible sources
No spelling error
No grammar error
No APA errors.
For more information on APA style formatting, go to Academic Writer, formerly APA Style Central, under the Academic Tools area of this course.
Also review the university policy on plagiarism. If you have any questions, please contact your professor.