Premium Essay

Is4680 Unit 4

In:

Submitted By wappah
Words 629
Pages 3
Purpose:
The purpose of this document is to outline the potential risks to XYZ Health Care. The company has decided that the current plan is out of date and needs to be updated. This report will identify the possible threats and vulnerability. This will also include the identify tactical, strategy, analysis, and risk mitigation procedure.
Risk Analysis:
To establishes the value of the hardware and software that the IT department uses to conduct business. (Servers, routers, switches, and firewalls.)
Identify Threats and Vulnerabilities to Assets:
This section identifies hardware that is vulnerable to failure due to age or natural lifespan. The improper identification of this could lead to data loss or the inability to access assets. This will not allow the company to meet its responsibilities which can result in loss of profits and/or violating the SLA (Service Level Agreement).
Next to hardware failure is software failure. Much like hardware failure, it cannot be completely mitigated as it will happen eventually. Like hardware failure as well, if a program cannot be accessed the data cannot be transferred, created, stored, or processed. This again leads to loss of work, which can result in loss of profits and/or violating the SLA (Service Level Agreement).With the above threats being listed, the threat of data loss is immense. Data loss is the loss of any data that could take a sizable time investment to recoup. This could be from a failure on the hardware or software level, but also from a malicious network intruder. Identify the Impact of the Risk:
With hardware and software failure being listed, the risk of server crashes is present. Every server should have redundancy to pick up the workload if one goes down. The redundancy will allow for the continuity of business with little or no loss of work product

The possibility of server vulnerability

Similar Documents

Premium Essay

Research

...Unit 8 Lab 8: Auditing the Remote Access Domain for Compliance Larry Sanchez IS4680 5/12/2014 Remote Access Domain, when using this you are access resources that our outside you organizational resources to access your organizations network. A lot of this accessing of resources compromises of sensitive data. This makes it a lot more accessible to attackers or hackers due to the perimeter of the network being so far extended and the attackers or hackers could be able to find a breach in the network perimeter. Having a weak VPN that has no layers of security can and will give hackers or attackers the window of opportunity that they need to get to our network. We need to watch what kind of software that our user's are using. If our remote users are using different software than what we have at our company headquarters than there could be a possible risk. The software can be suspicious, especially if the user downloaded it from the Internet. the software in question could lead to incoming viruses and worms that can affect our network. This can create holes in the security that has been set up. Configuration settings can lead a user to let in viruses and worms also. If the remote user does know how to set up their configuration settings on their machines than anything that they send or receive can be a potential risk, threat, and vulnerability to our network. Once an employee takes their laptop home they are no longer protected by the organizations firewalls. This can...

Words: 716 - Pages: 3

Premium Essay

Test

...of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP...

Words: 2305 - Pages: 10

Premium Essay

Audit

...NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION Student Lab Manual © Jones & Bartlett Learning, LLC © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT Auditing IT Infrastructures for Compliance © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION IS4680 © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett©Learning, LLC Learning, LLC, an Ascend Learning Company Bartlett Current Version Date: 11/21/2011 © Jones & Learning, LLC Copyright 2013 by Jones & Bartlett www.jblearning.com! NOT FOR SALE OR DISTRIBUTION NOT FOR SALE OR DISTRIBUTION All Rights Reserved. -1- ...

Words: 30948 - Pages: 124