IS3110 Unit 6 Lab 1 Develop a Risk Mitigation Plan
Jonathan Abreu
IS3110 Risk Management in Information Security
Unit 6 Lab 1 Develop a Risk Mitigation Plan Outline for an IT Infrastructure
Lab Assessment Questions & Answers
1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities? It is important to because you must be aware of what the risks, threats, and vulnerabilities are to your infrastructure. You need this so that you know where to focus your attention.
2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management? Set up the following security measures: Forcing users to update password every X number of days. Educating the users. Firewalls - Anti-malware.
3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities? Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. Some risks will have to be ranked higher than the others.
4. What questions do you have for executive management in order to finalize your IT risk mitigation plan? Disclose all your thoughts on the matter. Also show them other options and how you came to your conclusion, make sure the executive management agrees.
5. What is the most important risk mitigation requirement you uncovered and want to communicate to executive management? In your opinion, why is this the most important risk mitigation requirement? Remote Access is the most important risk mitigation requirement that needs to be communicated to executive management because it presents the most risk.
6. Based on your IT mitigation plan, what is the difference between short-term and long term risk mitigation tasks and on-going duties? Short-term are risks that can be fixed rapidly and will (more than likely) not have long term effects on the long
IS3110 Risk Management in Information Security
Unit 6 Lab 1 Develop a Risk Mitigation Plan Outline for an IT Infrastructure
Lab Assessment Questions & Answers
1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities? It is important to because you must be aware of what the risks, threats, and vulnerabilities are to your infrastructure. You need this so that you know where to focus your attention.
2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management? Set up the following security measures: Forcing users to update password every X number of days. Educating the users. Firewalls - Anti-malware.
3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities? Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. Some risks will have to be ranked higher than the others.
4. What questions do you have for executive management in order to finalize your IT risk mitigation plan? Disclose all your thoughts on the matter. Also show them other options and how you came to your conclusion, make sure the executive management agrees.
5. What is the most important risk mitigation requirement you uncovered and want to communicate to executive management? In your opinion, why is this the most important risk mitigation requirement? Remote Access is the most important risk mitigation requirement that needs to be communicated to executive management because it presents the most risk.
6. Based on your IT mitigation plan, what is the difference between short-term and long term risk mitigation tasks and on-going duties? Short-term are risks that can be fixed rapidly and will (more than likely) not have long term effects on the long