100%(9)9 out of 9 people found this document helpful
This preview shows page 1 - 5 out of 9 pages.
Lab: Developing a Risk-Mitigation Plan Outline for an IT InfrastructureIvan Ramirez-GarciaBaker College
Lab Report File3. Using the following table, review the results of your assessment in Performing a Qualitative Risk Assessment for an IT Infrastructure lab in this lab manual. In addition, review the results of how you categorized and prioritized the risks for the IT infrastructure in that lab.Risks, threats and VulnerabilitiesPrimary Domain ImpactedRisk Impact/FactorUnauthorized access from Public InternetWAN Domain2Hacker Penetrates IT infrastructure and gains access to your internal networkLAN-to-Wan Domain1Intraoffice Employee Romance Gone BadUser Domain3Fire Destroys Primary Data CenterSystem/Application Domain2Service Provider Service Level Agreement (SLA) is not achievedSystem/Application Domain1Workstation Operating System (OS) has a known software vulnerabilityWorkstation Domain2Unauthorized access to organization-owned workstationsWorkstation Domain3Loss of Production DataSystem/Application Domain3Denial of Service attack on organization Demilitarized Zone (DMZ) and an e-mail serverLAN-to-WAN Domain2Remote Communications from home officeRemote Communications Domain3Local Area Network (LAN) Server OS has a known software vulnerabilityLAN Domain2User downloads and clicks on an unknown e-User Domain3
mail attachmentWorkstation browser has a software vulnerabilityWorkstation Domain2Mobile employees need secure browser access to sales-order entry systemSystem/Application Domain1Service Provider has a major network outageWAN Domain2Weak ingress/egress traffic degrades performanceLan-to-WAN Domain3User inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned workstationsWorkstation Domain2Virtual Private Network (VPN) tunneling between the remote computer and ingress/egress router is neededRemote Communications Domain3Wireless Local Area Network (WLAN) access points are needed for Local Area Network (LAN) connectivity within a warehouseLAN domain3Needs to prevent eavesdropping on WLAN due to customer privacy data accessLAN domain1Denial of Service (DoS), /Distributed Denial of Service (DDoS) attack from the Wide Area Network (WAN)/InternetLAN-to-WAN Domain24. In your Lab Report File, organize the qualitative risk assessment data according to the following:Review the executive summary from the Performing a Qualitative Risk Assessment for an IT Infrastructure lab in this lab manual
Organize all of the “1” risks, threats, and vulnerabilities identified through the seven domains of a typical IT InfrastructureThe table above shows a table from a previous lab. The steps I used to categorize and priority these risks is pretty simple and were taken from the said previous lab. I gave the assessment of 1,