Hello
I need your opinions in this particular scenario
In my corporate there are several and adequate controls to prevent an intruder from Accessing the Corporate LAN. But as per recent security audit review, there is question about what if an internal user turned to be a hacker. Now every security Administrator may be facing the same issue. I think we can discuss and brainstorm this through the thread. I need to disscuss these
1. What all a user can do with L2 Secuirty - like intercepting packets in switch
2. How can he make use of the vulnerabilities in the user applications like Adobe, Word and server side exploits ( throgh open ports in client machines)
3. How can user attack Server Applications like AD, Exchange etc
4. If there is is file system encryption like MS EFS, can the hacker able to steal data
Thanks,
Anish