To compete in today's fast-paced competitive environment, organizations are increasingly allowing contractors, partners, visitors and guests to access their internal enterprise networks.These users may connect to the network through wired ports in conference rooms or offices, or via wireless access points. In allowing this open access for third parties, LANs become(6) .Third parties can introduce risk in a variety of ways from connecting with an infected laptop to unauthorized access of network resources to(7)activity. For many organizations, however,the operational complexity and costs to ensure safe third party network access have been prohibitive. Fifty-two percent of surveyed CISOs state that they currently use a moat and castle's security approach, and admit that defenses inside the perimeter are weak. Threats from internal users are also increasingly a cause for security concerns. Employees with malicious intent can launch (8) of service attacks or steal (9) information by snooping the network. As they access the corporate network, mobile and remote users inadvertently can infect the network with (10) and worms acquired from unprotected public networks. Hackers masquer-ading as internal users can take advantage of weak internal security to gain access to confidential information. 空白处(7)应选择()









解析: 分析为了适应当今的快速竞争环境,组织正逐步允许承包商、合作伙伴、访问者和顾客访问它们的企业内部网络,这些用户可以在会议室或办公室通过有线端口连接网络,或通过无线访问点。在这种允许第三方进行的开放式访问中,局域网变得难以防守。第三方可能以各种方式带来风险,从用一台受感染的膝上型计算机到连接未授权访问的网络资源进行恶意活动。然而,对很多组织而言,考虑到操作的复杂性和保证系统安全的成本,第三方网络访问是禁止的。接受调查的注册信息安全管理人员中,有52%的人表示他们目前使用防火墙,而且承认在内部的防御措施是脆弱的。来自内部用户的威胁也正在逐步成为安全考虑的一个因素。怀有恶意的员工可能发起拒绝服务攻击或通过窥探网络窃取机密信息。当移动的和远程的用户访问网络时,他们一不小心就会使网络感染来自未受保护的公众网络的病毒和蠕虫。黑客伪装成内部用户,会利用脆弱的内部安全获得访问机密信息的权限。
