Reference no: EM131192172
Assignment: Performing a Qualitative Risk Assessment for an IT Infrastructure
Overview
In this lab, you defined the purpose of an IT risk assessment, you aligned identified risks, threats, and vulnerabilities to an IT risk assessment that encompasses the seven domains of a typical IT infrastructure, you classified the risks, threats, and vulnerabilities, and you prioritized them.
Finally, you wrote an executive summary that addresses the risk assessment findings, risk assessment impact, and recommendations to remediate areas of noncompliance.
Lab Assessment Questions & Answers
1. What is an IT risk assessment's goal or objective?
2. Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?
3. What was your rationale in assigning a "1" risk impact/risk factor value of "Critical" to an identified risk, threat, or vulnerability?
4. After you had assigned the "1," "2," and "3" risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the "1," "2," and "3" risk elements? What would you say to executive management about your final recommended prioritization?
5. Identify a risk-mitigation solution for each of the following risk factors:
a. User downloads and clicks on an unknown e-mail attachment
b. Workstation OS has a known software vulnerability
c. Need to prevent eavesdropping on WLAN due to customer privacy data access
d. Weak ingress/egress traffic-filtering degrades performance
e. DoS/DDoS attack from the WAN/Internet
f. Remote access from home office
g. Production server corrupts database.
|
Charges between the terminals of a battery
: What from of energy is used to maintain an imbalance of charges between the terminals of a battery?
|
|
List and explain the essential psychological tests
: List and explain the essential psychological tests and screening instruments that would assist the forensic mental health professional in conducting a CST evaluation. Be sure that you provide enough information to thoroughly explain the theory beh..
|
|
Instances of suspicious intrusive activities
: Identify a scenario where two instances of suspicious intrusive activities were detected in a computer information system. The two activities might or might not be of the same type (i.e., spam, phishing, DOS, etc.).
|
|
What gives rise to the currency exposure at aifs
: What gives rise to the currency exposure at AIFS?- What are the two random variables that Archer-Lock and Tabaczynski have to deal with?
|
|
What is an it risk assessments goal or objective
: What is an IT risk assessment's goal or objective? Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?
|
|
Matter are present inside the container
: A 50.0 g piece of CO2(s) (i.e. "dry ice") is sealed inside a0.250 L container held at 20°C. Based on the phase diagram of CO2(Figure 11.42 in the textbook), what state(s) of matter are present inside the container?
|
|
How was your professional work impacted by the stressor
: In this portion of the paper, you should provide information from the textbook and an additional source identified from the CSU Library to analyze the impact that the stressful event could have placed upon your health, future goals, and motivation..
|
|
Supply chain management is the purchasing strategy
: One of the most strategic decisions facing a company in supply chain management is the purchasing strategy. In most industries, cost of raw materials and procured components consume a significant portion of the company's budget.
|
|
Deployment services and the windows automated installation
: For a highly virtualized data center, how does this change the deployment options available from traditional data centers? Is there any benefit or need in using some of the traditional deployment options (e.g., disk imaging using software like Gho..
|