IS3110 Lab 6
Lab 6
1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on.
2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management?
Setting up security measures through various means includes the following:
Forcing users to update password every X number of days.
Educating the users.
Firewalls - Anti-malware
3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities?
Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. You will have to rank some risk higher than the others.
4. What risk mitigation solutions do you recommend for handling the following risk element?
A user inserts a CD or USB hard drive with personal photos, music, and videos on organization owned computers. A good antivirus program and have all devices scanned as soon as they are plugged in. Educate employees Disable optical drives/USB ports.
5. What is security baseline definition?
A baseline is a starting point or a standard. Within IT, a baseline provides a standard focused on a specific technology used within an organization. When applied to security policies, the baseline represents the minimum security settings that must be applied.
6. What questions do you have for executive management in order to finalize your IT risk mitigation plan? What is the budget? What are their priorities?
Disclose all your thoughts on the matter. Also show them other options and how you came to your conclusion, make sure the executive
1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on.
2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management?
Setting up security measures through various means includes the following:
Forcing users to update password every X number of days.
Educating the users.
Firewalls - Anti-malware
3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities?
Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. You will have to rank some risk higher than the others.
4. What risk mitigation solutions do you recommend for handling the following risk element?
A user inserts a CD or USB hard drive with personal photos, music, and videos on organization owned computers. A good antivirus program and have all devices scanned as soon as they are plugged in. Educate employees Disable optical drives/USB ports.
5. What is security baseline definition?
A baseline is a starting point or a standard. Within IT, a baseline provides a standard focused on a specific technology used within an organization. When applied to security policies, the baseline represents the minimum security settings that must be applied.
6. What questions do you have for executive management in order to finalize your IT risk mitigation plan? What is the budget? What are their priorities?
Disclose all your thoughts on the matter. Also show them other options and how you came to your conclusion, make sure the executive