Week 1 Laboratory How to Identify Threats & Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: • Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. • Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure • Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to
Words: 590 - Pages: 3
Week 1 Laboratory How to Identify Threats & Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. * Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure * Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk
Words: 546 - Pages: 3
Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with
Words: 934 - Pages: 4
Lab 2 - Align Risks, Threats, and Vulnerabilities to COBIT PO9 Risk Mgmt. Controls Part 1 4. Discuss the primary goal of the COBIT v4.1 framework. Provide a basic description of cobit. * The purpose of Control Objectives for Information and related Technology (COBIT) is to provide management and business process owners with an information technology (IT) governance model that helps in delivering value from IT and understanding and managing the risks associated with IT. COBIT helps bridge
Words: 4162 - Pages: 17
policy helps to mitigate the risks and threats the business encounters. However, unless a company happens to be in the information security industry, the task of identifying, assessing, and categorizing the myriad of risks can be an overwhelming one. Thankfully, a company’s IT infrastructure can be divided in a logical manner to more easily sort the risks. These divisions are the seven IT domains. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities
Words: 1159 - Pages: 5
Lab #2 – Student Steps: Student steps needed to perform Lab #2 – Align Risk, Threats, & Vulnerabilities to the COBIT Risk Management Controls: 1. Connect your removable hard drive or USB hard drive to a classroom workstation. 2. Boot up your classroom workstation and DHCP for an IP host address. Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -11- Student Lab Manual 3. Login to your classroom
Words: 381 - Pages: 2
Critical Infrastructure Protection Pamela S. York CIS502, Dr. Glenn Hines 2/14/15 Abstract The explosion of the accessibility of information and data via the today’s Web has brought along the concern and need for cyber security. With these issues of cyber security has also come the need to protect national informational assets from hackers and such who utilize the Web as a means to attack information that can aid in cyber terrorism. Information professionals are now looking to measures of
Words: 1329 - Pages: 6
tasks: * Identify risks, threats, and vulnerabilities in the 7 domains of a typical IT infrastructure * Review existing IT security policies as part of a policy framework definition * Align IT security policies throughout the 7 domains of a typical IT infrastructure as part of a layered security strategy * Identify gaps in the IT security policy framework definition * Recommend other IT security policies that can help mitigate all known risks, threats, and vulnerabilities throughout
Words: 1625 - Pages: 7
________________________________________________________________ Overview In this lab, you defined the purpose of an IT risk management plan, you defined the scope for an IT risk management plan that encompasses the seven domains of a typical IT infrastructure, you related the risks, threats, and vulnerabilities to the plan, and you created an IT risk management plan outline that incorporates the five major parts of an IT risk management process. Lab Assessment Questions & Answers 1. What is the goal or objective of an IT
Words: 434 - Pages: 2
Risk, Treats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. Risk Factors a. Remote communications from home office (MEDIUM Risk) b. LAN server OS has known software vulnerability (HIGH Risk) c. User downloads an unknown e-mail attachment (HIGH Risk) 2. COBIT Risk Management * No. * Yes, the identified software vulnerabilities relate to risk context for both internal and external access. * Yes, the identified software vulnerabilities themselves are events
Words: 794 - Pages: 4