Lab 2 Assessment Worksheet 1. A. Denial of Service attack on organization’s email server
Medium Risk
B. Fire destroys primary data center
High Risk
C. Loss of Production Data
High Risk 2. For the above identified threats and vulnerabilities, which of the following COBIT P09 Risk Management control objectives are effective? 3. A. Denial of Service attack on organization’s email server
Threat to Availability
B. Fire Destroys Data Center
Threat to Integrity and Availability
C. Loss of Production Data
Threat to Integrity and Availability 4. Effectiveness, Efficiency, Compliance, and Reliability secondary. 5. A. Denial of Service
Information- Information would not be able to be accessed to end users from outside the primary server control. By adding firewalls and limiting access to certain IPs, the risk can be lessened.
Applications- Deny access to necessary applications needed by the organization. Can be mitigated as stated above by firewall procedures to limit IPs.
Infrastructure- Access from remote terminals will be very limited. Firewalls should be installed to help limit which IPs have access.
People- Will have limited access to the organization’s server. Contact their local IT manager to give them access to the server by allowing their IP through.
B. Fire Destroys Data Center
Information- Information will be destroyed by the fire. Back up data to an offsite server/hard drive to have a fall back plan.
Applications- Applications will be destroyed in the fire. Back up necessary applications with information to be able to be called upon when needed.
Infrastructure- Equipment can be irreparably damaged in the fire. Install countermeasures to prevent fires.
People- People can be seriously harmed or die from the fire. Train in simple firefighting techniques.
C. Loss of Production Data
Information- Information will be lost.