Belmont State Bank is a large bank with hundreds of branches that are connected to a central computer system. Some branches are connected over dedicated circuits and others use the dial-up telephone network. Each branch has a variety of client computers and ATMs connected to a server.
The server stores the branch’s daily transaction data and transmits it several times during the day to the central computer system. Tellers at each branch use a four-digit numeric password, and each teller’s computer is transaction-coded to accept only its authorized transactions.
Perform a risk assessment:
- System and server may have delayed data because of update not in timely.
- Business continuity can be interrupted by disruptions that are minor and temporary, but some may also result in the destruction of data.
- Password are too short and seldom changed, it will be a vulnerability of entire system and lack of overload handling mechanism.
- Messages transmission between all branches must be forwarded by central computer system, under this kind of situation; it is easy to concentrate on a centralized attack by latching and invading the server. Additionally, messages are forwarded by centralized server cost too much bandwidth. Malicious attacks will cause the bandwidth bottlenecks on the server-side and buffer overflow at the same time.