Lab 3A Developing a Risk-Mitigation Plan Outline for an IT Infrastructure.docx

This preview shows page 1 - 5 out of 9 pages.

Lab: Developing a Risk-Mitigation Plan Outline for an IT Infrastructure Ivan Ramirez-Garcia Baker College
Lab Report File 3. Using the following table, review the results of your assessment in Performing a Qualitative Risk Assessment for an IT Infrastructure lab in this lab manual. In addition, review the results of how you categorized and prioritized the risks for the IT infrastructure in that lab. Risks, threats and Vulnerabilities Primary Domain Impacted Risk Impact/Factor Unauthorized access from Public Internet WAN Domain 2 Hacker Penetrates IT infrastructure and gains access to your internal network LAN-to-Wan Domain 1 Intraoffice Employee Romance Gone Bad User Domain 3 Fire Destroys Primary Data Center System/Application Domain 2 Service Provider Service Level Agreement (SLA) is not achieved System/Application Domain 1 Workstation Operating System (OS) has a known software vulnerability Workstation Domain 2 Unauthorized access to organization-owned workstations Workstation Domain 3 Loss of Production Data System/Application Domain 3 Denial of Service attack on organization Demilitarized Zone (DMZ) and an e-mail server LAN-to-WAN Domain 2 Remote Communications from home office Remote Communications Domain 3 Local Area Network (LAN) Server OS has a known software vulnerability LAN Domain 2 User downloads and clicks on an unknown e- User Domain 3
mail attachment Workstation browser has a software vulnerability Workstation Domain 2 Mobile employees need secure browser access to sales-order entry system System/Application Domain 1 Service Provider has a major network outage WAN Domain 2 Weak ingress/egress traffic degrades performance Lan-to-WAN Domain 3 User inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned workstations Workstation Domain 2 Virtual Private Network (VPN) tunneling between the remote computer and ingress/egress router is needed Remote Communications Domain 3 Wireless Local Area Network (WLAN) access points are needed for Local Area Network (LAN) connectivity within a warehouse LAN domain 3 Needs to prevent eavesdropping on WLAN due to customer privacy data access LAN domain 1 Denial of Service (DoS), /Distributed Denial of Service (DDoS) attack from the Wide Area Network (WAN)/Internet LAN-to-WAN Domain 2 4. In your Lab Report File, organize the qualitative risk assessment data according to the following: Review the executive summary from the Performing a Qualitative Risk Assessment for an IT Infrastructure lab in this lab manual
Organize all of the “1” risks, threats, and vulnerabilities identified through the seven domains of a typical IT Infrastructure The table above shows a table from a previous lab. The steps I used to categorize and priority these risks is pretty simple and were taken from the said previous lab. I gave the assessment of 1,

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture