Evaluate network security status: Risk evaluation table
Evaluate risks and recommended actions
Use this sample risk evaluation table to itemise possible risks to the security of a system or network. Recommend actions to correct and mitigate any risks you identify.
System or Network Component / Results and findings / Concerns or Issues / Recommended ActionIdentify the network system or component
(Example: Finance database server, windows 2000) / Physical environment
(Listhere your findings about the physical security of the system)
(Example: insecure computer room) / (Example: Anyone can walk in and access the computer and console. They could copy or delete information and damage the hardware) / (Example: Lock the computer room and only authorised people have keys)
Access configurations
(This includes authentication systems, electronic access to the system, operating system configurations for access)
(Example: Password length is set to 4 characters) / (Example: Password complexity is low. Passwords could be easily cracked) / (Example: Change system requirements for longer and complex passwords)
Authorised users and access levels
(List of authorised user and what they can do and access on the system)
(Example: Default permission set on all files for everyone accessing the server) / (Example: Default permission is to read all files. Secure information cannot be changed or deleted by unauthorised people but anyone logged in can see it) / (Example: Do not use default permissions. Develop required permissions for each group of users and implement)
Process or procedural assessment
(List any failings in procedures or work practices. This includes the way the system or network is used.)
(Example: Users are leaving logged in computers unattended) / (Example: Anyone can gain access when authorised user is away from desk) / (Example: Set password protected screensavers to activate after 5 minutes and educate user about the need for security)
Vulnerability test results
(List test results from specific tests or test utilities like penetration tests, network scans, etc)
(for example operating system ’buffer overflow may cause arbitrary code to execute) / (Example: results of code may leave server open to remote control by unauthorised people) / (Example: Apply vendor supplied security patch to server)
Existing Countermeasures
(List existing specific countermeasures for the system and any failings of these)
(Example: Anti Virus software) / (Example: Antivirus software is 3 months out of date. The server is vulnerable to the latest virus) / (Example: Update the antivirus software and develop procedures to ensure regular update)
© State of New South Wales, Department of Education and Training 2006- 1 -