ITM 301 Chapter Notes - Chapter 11: Proxy Server, Network Administrator, Port Forwarding

Every organization should assess its security risks by conducting a posture assessment that identifies vulnerabilities and rates the severity of threats and their potential consequences. Network administrators use the results of posture assessments to close gaps in security. If the assessment is conducted by a consulting company that has been accredited by an agency that sets network security standards, the assessment qualifies as a security audit. One of the most common methods by which an intruder gains access to a network is to simply ask users for their passwords. This strategy is commonly called social engineering because it involves manipulating social relationships to gain access. Phishing, a related tactic, involves luring users into revealing information that would allow intruders to gain access to secured network resources. A security policy identifies an organization"s security goals, risks, levels of authority, designated security coordinator and team members, responsibilities for each team member, responsibilities for each employee, and strategies for addressing security breaches.