A security risk assessment identifies threats and vulnerabilities of IT assets. Further assessment identifies the likelihood that a potential threat will occur or that a vulnerability will be exploited. The elements of an IT Security Risk Assessment include identifying risks, evaluating likelihood of the risk being realized and weighting the potential impact to the company based on costs both out of pocket, future and lost opportunity. Also the potential effect on reputation, down time of computer
Words: 288 - Pages: 2
write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with
Words: 681 - Pages: 3
certain websites, databases, and not being able to access the internet or intranet at all that you normally access. The major downfall of having the proper network security is the cost of it. Examples of expenses are but not limited to software, sonic walls, firewalls, and even a trained professional to maintain it all. When it comes to security you will have to be numb about the expenses of it. Failure to keep your network secure and or well maintained could lead to costly consequences legal wise, and
Words: 1233 - Pages: 5
(WAN). This domain is where all data travels into and out of the IT infrastructure. There are many threats and risks here, as the attack could come from inside the network or it could be trying to get into the network. Threats With this domain as the buffer between two other domains it gets the majority of the traffic through it. Some of the treats, risks, and vulnerabilities are as follows. Threats from people, this could be misconfigured equipment, equipment not being used correctly, unauthorized
Words: 904 - Pages: 4
Risks, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls 1. a. Unauthorized access from public internet - HIGH b. User destroys data in application and deletes all files - LOW c. Workstation OS has a known software vulnerability – HIGH d. Communication circuit outages - MEDIUM e. User inserts CD’s and USB hard drives with personal photos, music and videos on organization owned computers - MEDIUM 2. a. PO9.3 Event Identification – Identify threats with
Words: 934 - Pages: 4
occur when a threat exposes a vulnerability Threat—A threat is any activity that represents a possible danger. • Vulnerability—A vulnerability is a weakness. • Loss—A loss results in a compromise to business functions or assets. Assets can have both tangible and intangible values. The tangible value is the actual cost of the asset. The intangible value is value that cannot be measured by cost, Tangible includes • Computer systems—Servers, desktop PCs, and mobile computers are all tangible
Words: 3234 - Pages: 13
LAYERED SECURITY SOLUTION EXECUTIVE SUMMARY Executive Summary The security measures in reducing threats in the User Domain are; the computers should be protected with strong passwords, enforce security policies in each department, and ban employees from inserting USB drives in the company’s computers. The security experts can mitigate the threats in the Workstation Domain by ensuring the operating system is the latest, patch known vulnerabilities in software soon as they are identified, each
Words: 346 - Pages: 2
Security Threats Vulnerability can be defined as “a security exposure that results from a product weakness that the product developer did not intend to introduce and should fix once it is discovered” (Microsoft TechNet, 2014). There are possibility that the two databases could have vulnerabilities such as a weakness in the technology, configuration or security policies. The vulnerabilities can lead to potential risks in the personnel records systems. Security risks can be described as actions
Words: 474 - Pages: 2
Case Study: Mobile Device Security and Other Threats Strayer University Authors Note This paper was prepared for CIS 502 – Theories of Security Management Abstract Mobile communication and computing devices are integral part of today’s business. This provides the executives the opportunity to work from virtually anywhere anytime and became one of the most valuable tools to make business communications. However, due to the nature and size of the device and communication methods, the devices
Words: 1993 - Pages: 8
the network and security configuration to determine threats and weakness to the existing system has been completed. A list of the top five associated threats for the Server, Workstations, and Website are outlined below. The following memo discusses the likelihood of the threats occurrence and recommended security controls and countermeasures that should be used to mitigate these threats. Shown illustrated below are network drawings of the current configuration and a proposed security solution. The
Words: 2179 - Pages: 9
