Belmont State Bank is a sizable bank with numerous branches that are linked to a central computer system. Certain branches are connected via dedicated circuits while others utilize the dial-up telephone network. Each branch has an assortment of client computers and ATMs that are connected to a server.
The server stores the daily transaction data for each branch and transmits it multiple times throughout the day to the central computer system. Each teller at a branch uses a four-digit numeric password, and their computers are programmed to accept only authorized transactions.
Conduct a risk assessment:
- System and server may have delayed data because of update not in timely.
- Business continuity can be interrupted by disruptions that are minor and temporary, but some may also result in the destruction of data.
- Password are too short and seldom changed, it will be a vulnerability of entire system and lack of overload handling mechanism.
- Messages transmission between all branches must be forwarded by central computer system, under this kind of situation; it is easy to concentrate on a centralized attack by latching and invading the server. Additionally, messages are forwarded by centralized server cost too much bandwidth. Malicious attacks will cause the bandwidth bottlenecks on the server-side and buffer overflow at the same time.
