Performing a Qualitative Risk Assessment for an IT Infrastructure computer science assignment help

/in /by

Assessment Worksheet 

Use —-file:///C:/Users/Jamie/Downloads/Lab05_SLMx_Risk20.pdf 

use all the questions

Performing a Qualitative Risk Assessment for an IT Infrastructure

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you defined the purpose of an IT risk assessment, you aligned identified risks, threats,

and vulnerabilities to an IT risk assessment that encompasses the seven domains of a typical IT

infrastructure, you classified the risks, threats, and vulnerabilities, and you prioritized them.

Finally, you wrote an executive summary that addresses the risk assessment findings, risk

assessment impact, and recommendations to remediate areas of noncompliance.

Lab Assessment Questions & Answers

1. What is an IT risk assessment’s goal or objective?

2. Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?

3. What was your rationale in assigning a “1” risk impact/risk factor value of “Critical” to an

identified risk, threat, or vulnerability?

4. After you had assigned the “1,” “2,” and “3” risk impact/risk factor values to the identified risks,

threats, and vulnerabilities, how did you prioritize the “1,” “2,” and “3” risk elements? What

would you say to executive management about your final recommended prioritization?

5. Identify a risk-mitigation solution for each of the following risk factors:

a. User downloads and clicks on an unknown e-mail attachment

b. Workstation OS has a known software vulnerability

c. Need to prevent eavesdropping on WLAN due to customer privacy data access

d. Weak ingress/egress traffic-filtering degrades performance

e. DoS/DDoS attack from the WAN/Internet

f. Remote access from home office

g. Production server corrupts database

Part 2

Use ——file:///C:/Users/Jamie/Downloads/Lab06_SLMx_Risk20.pdf

Assessment Worksheet

Developing a Risk-Mitigation Plan Outline for an IT Infrastructure

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

In this lab, you identified the scope for an IT risk-mitigation plan, you aligned the plan’s major

parts with the seven domains of an IT infrastructure, you defined the risk-mitigation steps, you

defined procedures and processes needed to maintain a security baseline for ongoing mitigation,

and you created an outline for an IT risk-mitigation plan.

Lab Assessment Questions & Answers

1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?

2. Based on your executive summary produced in the Performing a Qualitative Risk Assessment for

an IT Infrastructure lab in this lab manual, what is the primary focus of your message to executive

management?

3. Given the scenario for your IT risk-mitigation plan, what influence did your scenario have on

prioritizing your identified risks, threats, and vulnerabilities?

4. What risk-mitigation solutions do you recommend for handling the following risk element: User

inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned

computers?

5. What is a security baseline definition?

6. What questions do you have for executive management to finalize your IT risk-mitigation plan?

7. What is the most important risk-mitigation requirement you uncovered and want to communicate

to executive management? In your opinion, why is this the most important risk-mitigation

requirement?

8. Based on your IT risk-mitigation plan, what is the difference between short-term and long-term

risk-mitigation tasks and ongoing duties?

9. For which of the seven domains of a typical IT infrastructure is it easy to implement riskmitigation

solutions but difficult to monitor and track effectiveness?

10. Which of the seven domains of a typical IT infrastructure usually contains privacy data in

systems, servers, and databases?

11. Which of the seven domains of a typical IT infrastructure can access privacy data and also store it

on local hard drives and disks?

12. Why is the Remote Access Domain the most risk-prone of all in a typical IT infrastructure?

13. When considering the implementation of software updates, software patches, and software fixes,

why must you test the upgrade or software patch before you implement it as a risk-mitigation

tactic?

14. Are risk-mitigation policies, standards, procedures, and guidelines needed as part of your longterm

risk-mitigation plan? Why or why not?

15. If an organization under a compliance law is not in compliance, how critical is it for your

organization to mitigate this noncompliance risk element?

 
Do you need a similar assignment done for you from scratch? We have qualified writers to help you. We assure you an A+ quality paper that is free from plagiarism. Order now for an Amazing Discount!
Use Discount Code "Newclient" for a 15% Discount!

NB: We do not resell papers. Upon ordering, we do an original paper exclusively for you.