Week 1 Laboratory
How to Identify Threats & Vulnerabilities in an IT Infrastructure
Learning Objectives and Outcomes
Upon completing this lab, students will be able to: * Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. * Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure * Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization * Prioritize the identified critical, major, and minor software vulnerabilities
Week 1 Lab: Assessment Worksheet
Part A – List of Risks, Threats, and Vulnerabilities
Commonly Found in an IT Infrastructure
Overview
One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.
Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted by the risk, threat, or vulnerability. Risk – Threat – Vulnerability | Primary Domain Impacted | Unauthorized access from pubic Internet | WAN Domain | User destroys data in application and deletesall files | System/Application Domain | Hacker penetrates your IT infrastructureand gains access to your internal network | WAN Domain | Fire destroys primary data center |