Student Lab ManualLab 9 Assessment WorksheetPart
Student Lab Manual
Lab #9 -Assessment Worksheet
Part A - Risks, Threats, & Vulnerabilities in the Seven Domains of a Typical IT Infrastructure
Overview
For each of the identified risks, threats, and vulnerabilities -review the following chart to determine which domain from the seven domains of a typical IT infrastructure is impacted.
Risk - Threat - Vulnerability
Primary Domain Impacted
Unauthorized access from public Internet
User destroys data inapplication and deletes all files
Hacker penetrates your IT infrastructure and gains access to your internal network
Intra-office employee romance gone bad Fire destroys primary data center Communication circuit outages
Workstation OS has a known software vulnerability
Unauthorized access to organization owned Workstations
Loss of production data
Denial of service attack on organization e-mail Server
Remote communications from home office
LAN server OS bas a known software vulnerability
User downloads an unknown e -mail attachment
Workstation browser bas software vulnerability Service provider has a major network outage
Weak ingress/egress traffic filtering degrades Performance
User inserts CDs and USB bard drives
with personal photos, music, and videos on organization owned computers
VPN tunneling between remote computer and ingress/egress router
WLAN access points are needed for LAN connectivity
within a warehouse
Need to prevent rogue users from unauthorized WLAN access
Lab #9 -Assessment Worksheet
Part B – Sample IT Security Policy Framework Definition
Overview
Given the following IT security policy framework definition, specify which policy probably can cover the identified risk. threat, or vulnerability. If there is none, then identify that as a gap. Insert your recommendation for an IT security policy that can eliminate the gap. See handout provided by instructor.
...A..s..se..t,,... l'<liley Staacbrck Standards
Lab #9 -Assessment Worksheet
Part A - Risks, Threats, & Vulnerabilities in the Seven Domains of a Typical IT Infrastructure
Overview
For each of the identified risks, threats, and vulnerabilities -review the following chart to determine which domain from the seven domains of a typical IT infrastructure is impacted.
Risk - Threat - Vulnerability
Primary Domain Impacted
Unauthorized access from public Internet
User destroys data inapplication and deletes all files
Hacker penetrates your IT infrastructure and gains access to your internal network
Intra-office employee romance gone bad Fire destroys primary data center Communication circuit outages
Workstation OS has a known software vulnerability
Unauthorized access to organization owned Workstations
Loss of production data
Denial of service attack on organization e-mail Server
Remote communications from home office
LAN server OS bas a known software vulnerability
User downloads an unknown e -mail attachment
Workstation browser bas software vulnerability Service provider has a major network outage
Weak ingress/egress traffic filtering degrades Performance
User inserts CDs and USB bard drives
with personal photos, music, and videos on organization owned computers
VPN tunneling between remote computer and ingress/egress router
WLAN access points are needed for LAN connectivity
within a warehouse
Need to prevent rogue users from unauthorized WLAN access
Lab #9 -Assessment Worksheet
Part B – Sample IT Security Policy Framework Definition
Overview
Given the following IT security policy framework definition, specify which policy probably can cover the identified risk. threat, or vulnerability. If there is none, then identify that as a gap. Insert your recommendation for an IT security policy that can eliminate the gap. See handout provided by instructor.
...A..s..se..t,,... l'<liley Staacbrck Standards