Scope and Approach of Threat Assessment 4
EFIS Critical Concerns 4
Executive Overview 5
EFIS High Risk Threats by Category 6
Software Installation and Maintenance 7
Authorized Users 7
Outsider Attacks 8
Physical Threats 8
General Threat Background 8
Potential Attackers and Avenues of Attack 9
EFIS Specific Vulnerabilities 11
Asset Management Vulnerabilities 12
Customer Support Help Desk Vulnerabilities 12
Legacy System Access Vulnerabilities 13
E-mail Vulnerabilities 13
Network Vulnerabilities 14
Physical Security Vulnerabilities 15
Certifiers Recommendation 15
References 16
Appendix 17
1. PHE and HTI Analysis 17
2. EFIS Information Protection Policy (IPP) 19
3. Information Management Model (IMM) 21
4. System Identification Profile (SIP) 23
5. DIACAP Scorecard 25
6. Plan of Action and Milestones (POA&M) 28
The purpose of the assessment is to identify threats or potential attacks to the Department of Electronic Government, Electronic-Facilities......
Join Now or Login to view the rest of this paper.
Approximate Word Count: 5739
Approximate Pages: 23 (260 words per double-spaced page) |