Week6 Lab Report Jain Surbhi_003019025.docx - Info Security...

This preview shows page 1 - 5 out of 11 pages.

Info Security & Risk Management ISOL 533-05 Surbhi Jain University of the Cumberlands ISOL 533-05 Week#6 Lab Report Developing a Risk-Mitigation Plan Outline for an IT Infrastructure Info Security & Risk Management Dr. Billy Chestnut 08/09/2020
Info Security & Risk Management ISOL 533-05 In your Lab report file, organize the qualitative risk assessment data according to the following: Executive summary Prioritization of identified risks, threats, and vulnerabilities identified throughout the IT infrastructure. Risks, Threats, and Vulnerabilities Primary Domain Impacted Risk Impact/ Factor Unauthorized access from public Internet Remote Access Domain 1 User destroys data in application and deletes all files Systems/ Applications Domain 2 Hacker penetrates your IT infrastructure and gains access to your internal network User Domain 1 IntraOffice employee romance gone bad User Domain 3 Fire destroys primary data center Systems/ Application Domain 1 Service provider service level agreement (SLA) is not achieved WAN Domain 3 Workstation operating system (OS) has a known software vulnerability Workstation Domain 2 Unauthorized access to Workstation & User Domain 3
Info Security & Risk Management ISOL 533-05 organization-owned workstations Loss of production data Systems/ Application Domain 2 Denial of service attack on organization Demilitarized Zone (DMZ) and e-mail server LAN to WAN Domain 1 Remote communications from home office Remote Access Domain 2 Local Area Network (LAN) server OS has a known software vulnerability LAN Domain 1 User downloads and clicks on an unknown e-mail attachment User Domain 1 Workstation browser has a software vulnerability Workstation Domain 3 Mobile employee needs secure browser access to sales-order entry system Remote Access Domain 3 Service provider has a major network outage WAN Domain 2 Weak ingress/egress traffic- filtering degrades performance LAN to WAN Domain 3 User inserts CDs and USB hard drives with personal photos, music and videos on User Domain 2
Info Security & Risk Management ISOL 533-05 organization-owned computer Virtual Private Network (VPN) tunneling between remote computer and ingress/egress router is needed LAN to WAN Domain 2 Wireless Local Area Network (WLAN) access points are needed for LAN connectivity within a warehouse LAN Domain 3 Need to prevent eavesdropping on WLAN due to customer privacy data access LAN Domain 1 Denial of service (DoS)/ distributed denial of service (DDoS) attack from Wide Area Network (WAN)/ Internet WAN Domain 1 Organize all of the critical “1” risks, threats, and vulnerabilities identified throughout the seven domains of a typical IT infrastructure.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture