SURVEY OF SECURITY IN LOCAL AREA NETWORK 1994
I'm an international student currently studying in Hawaii
Pacific University under the program of MSIS ( Master of Science in
Information Systems). In order to complete my study and obtain my
master degree, the final task is to complete my professional paper.
The survey I posted on May 23 ended with two responses. I do
not intend to irritate all the readers here, but this is so urgent
that I do really need your help to finish this task. Please take
time to complete this survey.
As all indications point to a continual growth of LAN, my
study focuses on security problems. The purpose of this study is to
advance a set of remedies attached with cost-benefit analysis to
help the LAN administrator to allocate the limited resources to
effectively and efficiently safeguard the IS resources in a LAN
The population which participates in this survey focuses on
the LAN administrators that are currently in charge of the
management of LANs in the university. Participants from other
organizations are also welcome. I'll post the final analysis and
recommendation here as a return favor.
The classifications of the information in the following
questionnaires are correspondent to the literature review. The
information to be collected is divided into general information,
penetration causes and security process three categories.
I. General Information
1. What is the nature of the business? (use X to mark the answer)
____ A Government
____ B Public Utilities
____ C Education
____ D Others
2. How many nodes are working in your LAN? (Please fill the number)
3. How many years of work experience do you have in computing area?
4. How many years of work experience do you have in LAN management?
II. Penetration Causes
5. What is the total number of penetrations or incidents happening
6. What is the average system downtime?
7.a. What is the percentage of the penetrations or incidents
resulted from the human threats?
7.b. Under human threats, what is the percentage of intentional
8. What is the percentage of the penetrations or incidents resulted
from a natural disaster? ( Nature disasters include all the
unexpected incidents that occur to disturb or even destroy the data
processing in an LAN environment, such as fire disaster, power
disturbance, lightning, hurricane, flood, or bombing.)
9. What is the percentage of the penetrations or incidents resulted
from the failure of hardware and software? (The failure of hardware
and software means an unexpected occurrence resulted from the
generic failure of the hardware or software instead of the
intentional destruction, such as a virus attack or Trojan Horse.)
10. Except the three penetration routes listed above, what could be
other penetration causes that endanger your LAN security? (Please
III. Security Processes
11. What is the percentage of resources allocated to physical
controls? (Physical controls include prevention from theft, the
wiring, electrical power supply, fire protection and control, and
computer room layouts.)
12. What is the percentage of penetrations resulted from the
inadequate physical controls?
13. What is the percentage of resources allocated in access
controls? (The access controls include restricting unauthorized
access to data sets, object code programs, source code programs,
and network and communication facilities. The processes in this
category contain log-on controls, remote access control, multi
level security, encryption and decryption, distributing and
limiting the access.)
14. What is the percentage of penetrations resulted from inadequate
15. What is the percentage of resources allocated in application
controls? (Application Controls include those controls imbedded in
the software of a specific application system. Usually, they are
implemented during the development of the application, such as
check point restart, maintaining log files, Validating input data,
Testing the proper execution of programs, and DOS shell system.)
16. What is the percentage of penetrations resulting from the
inadequate application controls?
17. What is the percentage of resources allocated in responding
18. What is the percentage of penetrations resulting from the
attack of viruses?
19. What is the percentage of resources allocated in performing a
20. What is the percentage of penetrations resulted from an
inadequate backup planning?
Please take time to fill these questionnaires, and send it to
my E-mail address before June 6, 1994. Any comments or suggestion
Thanks for your help.