Assessment Of The Risk Assessment

2136 Words9 Pages
Part – 1 - Risk Assessment The first process in the risk management is Risk Assessment. Risk Assessment is used to determine the risk associated with the organization. The output of the risk assessment is helpful in identifying the controls for reducing or eliminating the risk . Scenario The system given to us is Enterprise Medco Records, known as Medco, which contains patient data. Medco is running 24 X 7 days. Physicians in case of emergency use it for treating patients with life threatening problem The risk assessment is to be performed on this system and the steps are as follows Step 1: System Characterization System Characterization is the first step in the risk assessment process. In this step we analyze the system…show more content…
2.1.2 Threats to Server 1 - Microsoft Exchange Server The threats cause to Microsoft Exchange Server is human threats. Microsoft Exchange Server has email security threats such spam and viruses. The email threat is caused • Not choosing suitable digital certificates. The digital certificates are important for secure Internet communications • The client access servers should reside in a private network. The client server has access to directory and mailbox servers, which opens several ports for communication. The open port is a threat for security risks. • Virus is one of the threat to the Microsoft Exchange Server. 2.1.2 Threats to Server 2 - Domain Controller The sources of threats caused to Domain Controller are human threats. The threats to domain controllers are • Access to the security database. • Copy the security database to be viewed and examined at a later stage. • Accessing the security database and changing the rights, and giving unauthorized access. 2.1.3 Threats to Server 3 – Citrix Server The source of threats caused to the Citrix Server is human threats. The three threats caused to the Citrix Server for secure communication is eavesdropping, Misrouting and Data Manipulation. • Eavesdropping: The messages that are transmitted over the network are read. Passing of sensitive information like a user id’s and password are a threat to security. • Misrouting: The information that is transmitted can be

More about Assessment Of The Risk Assessment

Open Document