User Account

All Pages

Assess the vulnerabilities by focusing on the root causes

Assignment Help Management Information Sys
Reference no: EM133697027

Assignment:

The Acme Corporation

The following vulnerabilities were identified during a recent internal PCI DSS audit conducted by the Acme Corporation. As the risk assessor, you are expected to assess the vulnerabilities by focusing on the root causes.

Critical vulnerabilities exist on servers due to a lack of patch management procedures.

Employees routinely store critical information in cleartext on their local workstations. There is no system where employees can store critical information securely, nor has management budgeted for any such system to be created.

Acme has an information security policy document that contains the following password policy:

2.2 Password Policy

2.2.1 All employees shall have a password for information services and computers they have been using.

2.2.2 Employees shall not share their passwords with other employees.

2.2.3 Employees shall not write their passwords on paper.

2.2.4 Employees shall not use their personal password in the computer and services of the Acme.

A production server has been discovered to contain a test account created when the server was in a staging environment. The same server contains user accounts that have been inactive for more than 90 days. The most important discovery was that the IT department has not assigned an individual or team to manage the administration of user accounts.

Acme has not been regularly monitoring and testing its IT infrastructure.

Given the scenario provided above, identify the level of the risk assessment you will perform.

Your risk assessment may cover multiple tiers. Using the NIST SP800-30 three-tier risk management hierarchy, Technical and tactical risks are classified as Tier 3, while nontechnical, organizational, and strategic risks are classified as Tier 1, and the operational business processes that connect the two are classified as Tier 2.

For example, will the scenario involve all three stages of the risk assessment, such as Tier 1,2 and 3? Or two tiers, or one.

Reference no: EM133697027

Questions Cloud

Evaluate an organization of your choosing : Using the Organizational Culture Assessment tool, evaluate an organization of your choosing. Your explanation may be included on a separate document.
Collaboration between acute and post-acute care settings : Summarize the benefits of collaboration between acute and post-acute care settings. What are the consequences of failing to coordinate between levels of care?
Why was wort clarified-racked and aerated before pitching : Why was the wort clarified/racked and aerated before pitching?
How did slavery and resistance to slavery develop in america : How does DNA and science support African heritage, history, and identity? How did slavery and resistance to slavery develop in America?
Assess the vulnerabilities by focusing on the root causes : The following vulnerabilities were identified during a recent internal PCI DSS audit conducted by the Acme Corporation.
Atherosclerotic heart disease with angina : The patient. was admitted due to atherosclerotic heart disease with angina. Comorbidities included NSTEMI, CAD, hypertension, and hyperlipidemia.
What is the goal for her blood pressure : What is the goal for her blood pressure? what medication would you prescribe to treat her blood pressure? what education would you prescribe?
Discuss the relevance to nursing practice : Professional standard (AKA Standards of Professional Performance) from the ANA Standards of Practice and discuss the relevance to nursing practice.
Diabetes mellitus and chronic hypertension : Heart failure can be caused by many factors including a natural consequence of aging and conditions such as diabetes mellitus and chronic hypertension.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd