- 必须确定资产。在这种情况下，资产是传递的信息和存储的数据。计算机、物理结构(如设备、存储介质、路由器等)被认为是物理资产(Denning, 1999)。
3.然后必须创建网络的安全概要文件。在安全概要文件中，需要标识网络信任边界、数据流和入口点(Tipton & Krause, 2003)。在给定的网络中，网络内的信任边界可能比它与万维网连接的边界更宽松。入口点可能与html浏览器一样简单。
A threat can be defined as an occurrence that has the potential to damage or compromise organization assets. The assets of the organization are that of the information it has. According to threat modeling:
- The assets have to be identified. In this case the assets are the information being passed and the data being stored. Computers, the physical architecture such as the equipment, the storage media the routers and more are considered as the physical assets (Denning, 1999).
- An architecture overview has to then be created. This is the network diagram in section 3.
- The security profile of the network must then be created. In the security profile, the network trust boundaries, the data flow and entry points are to be identified (Tipton & Krause, 2003). In the given network, the trust boundaries within the network might be more relaxed than the one where it connects with the World Wide Web. Entry points might be as simple as an html browser.
- Identify threats: Two threats have been identified in this case, which are the denial of service attacks and the unauthorized information disclosure attacks.
- Document threats: Threats have to be documented completely with a risk management and mitigation plan.
Scenario 1: In the case of the Dos attacks, the attacker will start with one successful entry point. It would be a workstation in the network. Only after getting complete control over the workstation, the attacker would then establish contact with the server within the network (it could be any of the servers or all three of them). The denial of service attack may or may not be accompanied with the theft of information. In normal cases, the attack only brings down the network, bringing down critical information services from server to the stakeholders. This throws network users into chaos.
Scenario 2: A hacker who manages to compromise and enter the network would gain information access that he is not supposed to get. An alternative scenario would be a student who unknowingly shares his id or password to the network when he is not supposed to; resulting in a third party malicious user gaining access to information he is not supposed to have.