Lab report 6_Info risk.docx - LAB REPORT 6 Info Risk and...

This preview shows page 1 - 6 out of 10 pages.

LAB REPORT # 6Info Risk and ManagementLab Report – 6By Mohana Potturi
LAB REPORT # 6Question – In your Lab report file, organize the qualitative risk assessment data according to the following – Executive summaryPrioritization of identified risks, threats, and vulnerabilities identified throughout the IT infrastructure.Refer to the below table. The table has classification and prioritization based on different domains of IT infrastructure.Risks, Threats, and VulnerabilitiesPrimary Domain ImpactedRisk Impact/ FactorUnauthorized access from public InternetRemote Access Domain1User destroys data in application and deletes all filesSystems/ Applications Domain2Hacker penetrates your IT infrastructure and gains access to your internal networkUser Domain1IntraOffice employee romance gone badUser Domain3Fire destroys primary data centerSystems/ Application Domain1Service provider service level agreement (SLA) is not achievedWAN Domain3Workstation operating system (OS) has a known software vulnerabilityWorkstation Domain2Unauthorized access to organization-owned Workstation & User Domain3
LAB REPORT # 6workstationsLoss of production dataSystems/ Application Domain2Denial of service attack on organization Demilitarized Zone (DMZ) and e-mail serverLAN to WAN Domain1Remote communications from home officeRemote Access Domain2Local Area Network (LAN) server OS has a known softwarevulnerabilityLAN Domain1User downloads and clicks on an unknown e-mail attachmentUser Domain1Workstation browser has a software vulnerabilityWorkstation Domain3Mobile employee needs secure browser access to sales-order entry systemRemote Access Domain3Service provider has a major network outageWAN Domain2Weak ingress/egress traffic- filtering degrades performanceLAN to WAN Domain3User inserts CDs and USB hard drives with personal photos, music and videos on organization-owned computerUser Domain2Virtual Private Network (VPN) tunneling between remote computer and ingress/egress router is neededLAN to WAN Domain2Wireless Local Area Network (WLAN) access points are needed for LAN connectivity within a warehouseLAN Domain3Need to prevent eavesdropping LAN Domain1
LAB REPORT # 6on WLAN due to customer privacy data accessDenial of service (DoS)/ distributed denial of service (DDoS) attack from Wide Area Network (WAN)/ InternetWAN Domain1
LAB REPORT # 6Question – In your Lab report file, organize the qualitative risk assessment data according to the following – Short-term remediation steps for critical “1” risks, threats and vulnerabilities.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture