Assesment 2

729 Words Oct 7th, 2014 3 Pages
7

Lab #1 - Assessment Worksheet Identifying Threats and Vulnerabilities in an IT Infrastructure
CSS 250 Security Risk Management Course Name and Number: _____________________________________________________

Kristopher Brown Student Name: ________________________________________________________________ Cheryl Frederick Instructor Name: ______________________________________________________________
10/13/2014 Lab Due Date: ________________________________________________________________

Overview In this lab, you identified known risks, threats, and vulnerabilities, and you organized them. Finally, you mapped these risks to the domain that was impacted from a risk management perspective. Lab Assessment Questions & Answers
1.
…show more content…
Major, HIPPPA investigates and fines companies that have IT security problems, but its not a work stoppage, nor is it a minor cost.

Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

8 | LAB #1 Identifying Threats and Vulnerabilities in an IT Infrastructure

5. Of the three System/Application Domain risks, threats, and vulnerabilities identified, which one requires a disaster recovery plan and business continuity plan to maintain continued operations during a catastrophic outage?
The fire to primary data center

6. Which domain represents the greatest risk and uncertainty to an organization? the hacker that has penetrated

7. Which domain requires stringent access controls and encryption for connectivity to corporate resources from home?
Remote Access

8. Which domain requires annual security awareness training and employee background checks for sensitive positions to help mitigate risks from employee sabotage?
USER?

9. Which domains need software vulnerability assessments to mitigate risk from software vulnerabilities?
Workstation and Remote Access

10. Which domain requires acceptable use policies (AUPs) to minimize unnecessary user-initiated Internet traffic and can be monitored and controlled by Web content filters?
Workstation

11. In which domain do you implement Web content filters?
Workstation

12. If you implement a Wireless LAN