-------------------------------------------------
Week 1 Laboratory

How to Identify Threats & Vulnerabilities in an IT Infrastructure

Learning Objectives and Outcomes
Upon completing this lab, students will be able to: * Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. * Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure * Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization * Prioritize the identified critical, major, and minor software vulnerabilities

Christopher Plummer

Week 1 Lab: Assessment Worksheet

Part A – List of Risks, Threats, and Vulnerabilities

Commonly Found in an IT Infrastructure

Overview

One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.

Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted by the risk, threat, or vulnerability. Risk – Threat – Vulnerability | Primary Domain Impacted | Unauthorized access from pubic Internet | LAN/WAN Domain | User destroys data in application and deletesall files | User Domain | Hacker