Nt1310 Unit 3 Assignment 1
Analysis and explanation of the threat and vulnerability pairs and their likelihood of occurrence. The chart explains the aspects of the vulnerabilities and threats. b\Because we have no data on these threats on the amount of occurrences we cannot assign an impact rating or a probability rating in which is high medium an low (reference page 121 of book)
Vulnerability
Threat
Probability
Impact
Suggested Mitigation Steps
Lack of network security controls
Denial of service attacks
High
High
Enforce security controls
Unencrypted data
Eavesdropping and Interception of data
Low
High
Enforce security controls
Insufficient patch management
Exploiting weaknesses
Medium
High
Enforce security controls
Weak Passwords
Unauthorized system access
Low
High
Enforce security controls
Insufficient backups
Unrecoverable data due to natural or human error
High
High
Sufficient back ups training
Lack of user monitoring
Unauthorized users performing access to sensitive data
High
High
Monitoring control software
Lack of logging and monitoring controls
Unchecked data viewing or alteration
Low
High
Enforce security controls
Monitoring control software …show more content…
The reason is simple the company produces fertilizers and with in fertilizers is a highly sought after component by terrorists. This component is nitrates. The second factor I used to select the mitigation/avoidance technique is that some of the locations are in tornado ally and or near rivers and previously flooding areas. A transfer method in all regards if possible outsource what can be outsourced thru web services will be done so as it is the least costly most effective method of backup, off site location, redundancy, encryption and security available by type of function or service IE accounting, HR /Intuit, Web site, Training, email,
Vulnerability
Threat
Probability
Impact
Suggested Mitigation Steps
Lack of network security controls
Denial of service attacks
High
High
Enforce security controls
Unencrypted data
Eavesdropping and Interception of data
Low
High
Enforce security controls
Insufficient patch management
Exploiting weaknesses
Medium
High
Enforce security controls
Weak Passwords
Unauthorized system access
Low
High
Enforce security controls
Insufficient backups
Unrecoverable data due to natural or human error
High
High
Sufficient back ups training
Lack of user monitoring
Unauthorized users performing access to sensitive data
High
High
Monitoring control software
Lack of logging and monitoring controls
Unchecked data viewing or alteration
Low
High
Enforce security controls
Monitoring control software …show more content…
The reason is simple the company produces fertilizers and with in fertilizers is a highly sought after component by terrorists. This component is nitrates. The second factor I used to select the mitigation/avoidance technique is that some of the locations are in tornado ally and or near rivers and previously flooding areas. A transfer method in all regards if possible outsource what can be outsourced thru web services will be done so as it is the least costly most effective method of backup, off site location, redundancy, encryption and security available by type of function or service IE accounting, HR /Intuit, Web site, Training, email,