Week 5 CIRT planning
1. Describe how a CIRT plan helps an organization mitigate risk.
a. The CIRT plan helps an organization prepare for incidents. When prepared, the
organization is able to respond to the incidents much qu
Week 2 Laboratory
Perform a Qualitative Risk Assessment for an IT Infrastructure
Learning Objectives and Outcomes
Upon completing this lab, students will be able to:
Define the purpose and objectives of an IT risk assessment
A backup site or work area recovery site is a location where an organization can relocate following a disaster, such as fire, flood,
terrorist threat or other disruptive event.
A backup, or alternate, site can be another data center location operated by t
IS3110: Risk Management in Information Technology Security Week 1 Assignment 1
To YieldMore Executives,
After auditing the infrastructure of the companys network. Upon the review we find
threats and vulnerabilities. There is not backup syst
MA3110: Statistics Module 1 Exercise
a. Population - Collection of all individuals or items under consideration in a statistical study.
b. Sample A part of the population from which information is obtained.
Descriptive - It is a sum
1. What is the goal and purpose of a BIA?
a. Determine Criticality, Estimate maximum downtime, Evaluate Resource Requirements
2. Why is a business impact analysis (BIA) an important first step in defining a business
Business Continuity Planning
Imagine that one Saturday afternoon, a member of the cleaning crew accidently starts a fire in the
back room while illegally smoking a cigarette and not properly disposing of the butt. Once the fire
1. What are the differences between ZeNmap GUI (Nmap) and Nessus?
a. NMAP is primarily a host detection and port discovery tool. Instead of using Nessus to
look for specific vulnerabilities against a known quantity of host
Week 3 Assignment 1
Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
a. As IT professionals, we must be aware of what the risks, threats, and vulnerabilities are
to our infrastructure so
After our meeting today, Im putting together a risk assessment to go further in-depth about the
possible risks involved. With the 30% growth that is expected, another system administrator would be
required in ord
Risk Threat Vulnerability
Unauthorized access from pubic Internet
User destroys data in application and deletes
Hacker penetrates your IT infrastructure
and gains access to your internal network
Fire destroys primary data cent
Week 1 Assignment 2
Implementing Payment Card Industry Data Security Standard
Best practices for implementing Payment Card Industry Data Security Standard, also known as
PCI DSS, there are a lot of steps that need to be
Week 1 Assignment 1
17 September 2014
Application of Risk Management
RisksWindows Vista is no longer supported by Microsoft, and needs to be updated to Windows 7. Upgrading
the workstations to Windows 7 from Vista is a small risk, but