|
Week 2 Laboratory
Perform a Qualitative Risk Assessment for an IT Infrastructure Learning Objectives and Outcomes Lab #4: Assessment Worksheet Perform a Qualitative Risk Assessment for an IT Infrastructure Overview The following risks, threats, and vulnerabilities were found in an IT infrastructure. Consider the scenario of a Healthcare provider under HIPPA compliance law and what compliance to HIPPA involves. 1. Given the list below, perform a qualitative risk assessment: Risk – Threat – Vulnerability Primary Domain Impacted Risk Impact/Factor Unauthorized access from pubic Internet User destroys data in application and deletes Hacker penetrates your IT infrastructure Intra-office employee romance gone bad Fire destroys primary data center Service provider SLA is not achieved Workstation OS has a known software Unauthorized access to organization owned Risk – Threat – Vulnerability Primary Domain Impacted Risk Impact/Factor Loss of production data Denial of service attack on organization Remote communications from home office User downloads and clicks on an unknown Workstation browser has software vulnerability Mobile employee needs secure browser access Service provider has a major network outage Weak ingress/egress traffic filtering User inserts CDs and USB hard drives VPN tunneling between remote computer WLAN access points are needed for LAN Need to prevent eavesdropping on WLAN DoS/DDoS attack from the WAN/Internet 2. Next, for each of the identified risks, threats, and vulnerabilities, prioritize them by listing a “1”, “2”, and “3” next to each risk, threat, vulnerability in the “Risk Impact/Factor” column. “1” = Critical, “2” = Major, “3” = Minor. Use the following qualitative risk impact/risk factor metrics: 3. Craft an executive summary for management using the following 4-paragraph format. The executive summary must address the following topics: Week 2 Lab: Assessment Worksheet Perform a Qualitative Risk Assessment for an IT Infrastructure Overview Answer the following Assessment Worksheet questions pertaining to your qualitative IT risk assessment you performed. Lab Assessment Questions & Answers 1. What is the goal or objective of an IT risk assessment? 2. Why is it difficult to conduct a qualitative risk assessment for an IT infrastructure? 3. What was your rationale in assigning “1” risk impact/ risk factor value of “Critical” for an identified risk, threat, or vulnerability? 4. When you assembled all of the “1” and “2” and “3” risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the “1”, “2”, and “3” risk elements? What would you say to executive management in regards to your final recommended prioritization? |
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more