Page 128 - Courses
P. 128
IT Essentials — Assessing Infrastructure and Networks
DMZ Placement Within a Network
Source: IIA GTAG: “IT Essentials for Internal Auditors”
Does that mean that devices that only pass through one of the two firewalls are not as protected as
the devices on our internal network?
Yes. As you can see, all our critical servers and databases are behind the second firewall. Only client-
facing webservers and devices that perform authentication and inspection are located in the DMZ.
Network Challenges and Risks
Networks have many components, and each organization will have a unique network structure.
Having an effective network can significantly impact an organization’s operations. An internal
auditor’s understanding of the network architecture is key to understanding the risks and challenges
associated with the networks. There are numerous challenges/risks related to an organization’s
network that internal auditors should be aware of, which can include but are not limited to:
Ensuring proper identification of all external-facing services provided by the organization.
Ensuring sufficient network security.
Ensuring that network components are secured and configured according to organizational
policies that are aligned to applicable regulations and industry best practices.
Monitoring the dark web for compromised emails/passwords and verifying that passwords
are changed frequently.
Ensuring appropriate anti-malware and anti-phishing software are deployed.
Conducting mandatory employee awareness training.
Ensuring appropriate access.
Ensuring that access to switches is restricted and that technicians routinely maintain and
update them for functionality. Switch ports should be continuously monitored and unused
ports should be disabled.
Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.
