| LAB 4 * A. Healthcare provider under HIPPA compliance law * Risk-Threat-Vulnerability | Primary Domain Impacted | Risk Impact/Factor | Unauthorized access from public Internet | LAN-WAN | Major | User destroys data in application and deletes all files | USER | Minor | Hacker penetrates your IT infrastructure and gains access to you internal network | SYSTEM APPLICATION | Critical | Intra-office employee romance gone bad | USER | Minor | Fire destroys primary data center |
Words: 296 - Pages: 2
Lab 6 1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities? It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on. 2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive
Words: 759 - Pages: 4
1. You must be aware of what the risks, threats, and vulnerabilities are to your infrastructure so that you know where the most attention is needed 2. Setting up security measures through various means. Forcing users to update password every X number of days. Educating users. Firewalls Anti-malware 3. Common things such as user activity can be a huge risk, so it’s best to consider all options as potential threats with some being higher and lower than others. 4. Disable auto-run
Words: 290 - Pages: 2
Lab Assessment Questions 1. How do documented back-up and recovery procedures help achieve RTO? * By documenting and implementing backup and recovery procedures, the process for recovery is much more efficient, helping with the time portion of RTO. By having effective backup and recovery procedures you should have the necessary resources to restore systems from backups and a repeatable process that is known to succeed in achieving RTO. 2. True or False. To achieve an RTO of
Words: 467 - Pages: 2
Gregory Swinehart IS 3110 Risk Management in Information Technology Security Week 1 Assignment 1 Risk one: Application Server Host Threat: Denial of service or distributed denial of service attack Vulnerability: The organization doesn’t use intrusion detection system Impact: Depending on the attack, the credibility of the company could be affected Harmful Event or Loss: Lost of productivity due to unable to access applications and services Likelihood of Occurrence: 24/7 Risk Management
Words: 474 - Pages: 2
Risk Management Plan Purpose of this Plan Senior management at the Defense Logistics Information Services (DLIS) has decided to update the former risk management plan and requested for us to develop a new risk management plan. The plan will provide specific guidelines and regulations to ensure risk management is adhered by at all levels. This plan will be developed to reduce the loss of data and prevent any future risks, while complying with all federal and state rules and regulations. Scope
Words: 1341 - Pages: 6
Defense Logistics Information Service (DLIS) Outline I. Introduction a. Scope b. Assign to departments c. Risk Matrix d. Risk mitigation plan e. Impact Analysis II. (BIA) f. Departments g. Business Impact h. Costs Analysis III. Recommendations (BIA) i. Business Impact Analysis Results j. Maximum Acceptable Outage IV. (DLIS) Business Continuity Plan a. Purpose b. Scope c
Words: 1790 - Pages: 8
For YieldMore Executives, We here in your IT department have recently audited our infrastructure for our company’s network. Upon the review we did find several threats and vulnerabilities. First off is the fact we do not have a backup system in place for any natural disaster to our headquarters. This is an exploit found in the systems and application domain that can cripple our whole company. A second system found in one of the production center could be able to be installed in case of said
Words: 361 - Pages: 2
Application of Risk Management Techniques Risks Windows Vista, while relatively current is still a lacking OS when compared to Windows 7. All desktops connect to an industry standard switch via an Ethernet cable. While this can be a risk, it is not a sizable risk. (Minimal Risk) The two large production facilities are connected to the headquarters via an external ISP. Even with the firewalls in place, there is no accountability if the connection they contract is in use by anyone else. I would
Words: 973 - Pages: 4
IS3110 Risk Management in Info Tech Security Malware and Viruses: Probability = 8, Impact = 9 Malware is short for malicious software. It is used to disrupt normal computer operation, gather sensitive information, or gain access to private computer systems. Viruses are a type of malware. Other types include, ransom ware, worms, trojan horses, key loggers, spyware, adware, and rogue security software. Malware impacts productivity, increases support costs, and can result in the compromise or
Words: 375 - Pages: 2
