Defensive computer security involves focusing on reactive measures to breaches and includes processes such as finding system vulnerabilities, patching security flaws, and retiring software that introduces excess risks into an environment. For this assignment, you will be given a networked information system with an access control matrix. You need to conduct a risk assessment by evaluating network security threats, physical media vulnerabilities, and auditing system security. You will then deliver a 1,000-1,500 work report detailing the types of risks discovered. Your report should also include the creation of a contingency plan for breach or failure.

Scenario

The Book Blazer publishing company just found out they may have been hacked! They have been concerned for quite some time that a competitor has been stealing book ideas from their content management system (CMS). As the city's premier security consultant, they retain you to verify whether this is true or not. You are given an architecture diagram of the CMS which consists of :

1. Web server to house the web site front-end

2. Application server to provide data processing functions

3. SQL server to house content metadata

4. File server on which the content is stored

6. VPN appliance so employees can reach the CMS from outside.