Please enable JavaScript.
Coggle requires JavaScript to display documents.
SEVEN DOMAINS OF IT INFRASTRUCTUR - Coggle Diagram
SEVEN DOMAINS OF IT INFRASTRUCTUR
USER DOMAIN
Includes people or employees their personal data, salary info, contacts
VULNERABILITIES
Weak Passwords
SOCIAL ENGINEERING
Lack of User Awareness
THREATS
Unauthorized access, data breaches
IMPACTS
DATA Loss, Unauthorized system access, compromised User accounts
WORKSTATION DOMAIN
ASSETS
Data Stored on workstations, software applications
THREATS
MALWARE, DATA LEAKAGE
VULNERABILITIES
Computers that aren't patched can be exploited. If they don't have antivirus software. They can become affected.
RISKS
Users can bring malware from home on USB Flash Drives or can download malware from the internet. The primary protection for computers is to ensure that antivirus software is installed
LAN-DOMAIN
THREATS
The routers have ACL's have access control lists used to control what traffic is allowed through them. They can be modified. They are subject to
DOS
(Denial of Service) attacks
and DDOS Distributed Denial of Service Attacks
VULNERABILITIES
Any data on the network that is not stored with proper access controls is vulnerable. Unsecured wireless access points
ASSETS
Data being transmitted over the network. Network devices (switches and routers)
RISKS
INSIDER THREAT
WEAK authentication and access controls
LAN-to-WAN DOMAIN
VULNERABILITIES
Insecure Firewall Configuration
Unencrypted data transmission
THREATS
DOS ATTACKS
DATA INTERCEPTION
Connection point b/w internal LAN and external networks
ASSETS
Firewall systems
Data transmitted
WAN DOMAIN
VULNERABILITIES
Insecure network connections, weak encryption protocols
A primary method of protection for systems in the WAN Domain is the use of a
demilitarized zone (DMZ)
. A DMZ uses two firewalls, one of which has direct access to the Internet and the other direct access to the internal network. The area between the two firewalls is called the DMZ.
REMOTE ACCESS DOMAIN
It connects users to the organization's IT infrastructure. Critical for staff members who work in the field or from home
Wifi hotspots make it easy for the users to connect to a VPN to access email and other applications to access data but it poses them to risks.
RISKS
An organization utilizing a VPN server also needs to be aware of the risks associated with the VPN server having an IP address that is publicly available from anywhere on the Internet, which makes it susceptible to attacks from anywhere in the world
SYSTEM / APPLICATION DOMAIN
The application domain comprises of any server-based applications including email servers and database servers.
Email Server -
Microsoft Exchange
Web Server -
Apache
VULNERABILITY
Database Servers can be subject to SQL injection attacks. In an SQL injection attack the attacker can read the entire database abd can also modify it