Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Risks threats and vulnerabilities commonly found in the workstation domain

04/01/2021 Client: saad24vbs Deadline: 2 Day

Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -3-


Laboratory #1 Lab 1: How to Identify Threats & Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to:


• Identify common risks, threats, and vulnerabilities found throughout the seven domains of a


typical IT infrastructure


• Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure


• Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the


organization from a risk assessment perspective


• Prioritize the identified critical, major, and minor risks, threats, and software vulnerabilities found


throughout the seven domains of a typical IT infrastructure


Required Setup and Tools This is a paper-based lab and does not require the use of the ISS “mock” IT infrastructure or virtualized


server farm.


The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for


this lab. Students will need access to Lab #1 – Assessment Worksheet Part A (a list of 21 risks, threats,


and vulnerabilities commonly found in an IT infrastructure) and must identify which of the seven


domains of a typical IT infrastructure the risk, threat, or vulnerability impacts.


In addition, Microsoft Word is a required tool for the student to craft an executive summary for


management summarizing the findings and alignment of the identified risks, threats, and vulnerabilities


that were found. Recommended Procedures Lab #1 – Student Steps: Student steps needed to perform Lab #1 – Identify Threats and Vulnerabilities in an IT Infrastructure:


1. Connect your removable hard drive or USB hard drive to a classroom workstation.


2. Boot up your classroom workstation and DHCP for an IP host address.


3. Login to your classroom workstation and enable Microsoft Word.


4. Review Figure 1 – Seven Domains of a Typical IT Infrastructure.


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -4-


5. Discuss how risk can impact each of the seven domains of a typical IT infrastructure: User,


Workstation, LAN, LAN-to-WAN, WAN, Remote Access, Systems/Applications Domains.


6. Work on Lab #1 – Assessment Worksheet Part A. Part A is a matching exercise that requires the


students to align the risk, threat, or vulnerability with one of the seven domains of a typical IT


infrastructure where there is a risk impact or risk factor to consider. Students may work in small


groups of two or three.


7. Have the students perform Lab #1 – Assessment Worksheet


8. Answer Lab #1 – Assessment Questions and submit.


Figure 1 – Seven Domains of a Typical IT Infrastructure


Deliverables


Upon completion of Lab #1 – Identify Threats and Vulnerabilities in an IT Infrastructure, students are


required to provide the following deliverables as part of this lab:


1. Lab #1 – Assessment Worksheet Part A. Identification and mapping of 21 risks, threats, and


vulnerabilities to the seven domains of a typical IT infrastructure


2. Lab #1 - Assessment Questions and Answers


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -5-


Evaluation Criteria and Rubrics The following are the evaluation criteria and rubrics for Lab #1 that the students must perform:


1. Was the student able to identify common risks, threats, and vulnerabilities found throughout the


seven domains of a typical IT infrastructure? – [ 25%]


2. Was the student able to align risks, threats, and vulnerabilities to one of the seven domains of a


typical IT infrastructure accurately? – [ 25%]


3. Given a scenario in Part A, was the student able to prioritize risks, threats, and vulnerabilities


based on their risk impact to the organization? – [ 25%]


4. Was the student able to prioritize the identified critical, major, and minor risks, threats, and


software vulnerabilities? – [ 25%]


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -6-


Lab #1: Assessment Worksheet


Part A – List of Risks, Threats, and Vulnerabilities


Commonly Found in an IT Infrastructure


Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________ Overview


The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing


patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT


infrastructure is primarily impacted by the risk, threat, or vulnerability.


Risk – Threat – Vulnerability Primary Domain Impacted Unauthorized access from public Internet


User destroys data in application and deletes all files


Hacker penetrates your IT infrastructure and gains access to your internal network


Intra-office employee romance gone bad


Fire destroys primary data center


Communication circuit outages


Workstation OS has a known software vulnerability


Unauthorized access to organization owned


Workstations


Loss of production data


Denial of service attack on organization e-mail Server


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -7-


Risk – Threat – Vulnerability Primary Domain Impacted Remote communications from home office


LAN server OS has a known software vulnerability User downloads an unknown e –mail attachment Workstation browser has software vulnerability Service provider has a major network outage Weak ingress/egress traffic filtering degrades Performance User inserts CDs and USB hard drives with personal photos, music, and videos on organization owned computers VPN tunneling between remote computer and ingress/egress router WLAN access points are needed for LAN connectivity within a warehouse Need to prevent rogue users from unauthorized WLAN access


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -8-


Lab #1: Assessment Worksheet


Identify Threats and Vulnerabilities in an IT Infrastructure


Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________ Overview


One of the most important first steps to risk management and implementing a risk mitigation strategy is to


identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of


a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk


management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities


and map them to the domain that these impact from a risk management perspective.


Lab Assessment Questions


Given the scenario of a healthcare organization, answer the following Lab #1 assessment questions from a risk management perspective:


1. Healthcare organizations are under strict compliance to HIPPA privacy requirements which require


that an organization have proper security controls for handling personal healthcare information (PHI)


privacy data. This includes security controls for the IT infrastructure handling PHI privacy data.


Which one of the listed risks, threats, or vulnerabilities can violate HIPPA privacy requirements? List


one and justify your answer in one or two sentences.


2. How many threats and vulnerabilities did you find that impacted risk within each of the seven


domains of a typical IT infrastructure?


User Domain:


Workstation Domain:


LAN Domain:


LAN-to-WAN Domain:


WAN Domain:


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -9-


Remote Access Domain:


Systems/Application Domain:


3. Which domain(s) had the greatest number of risks, threats, and vulnerabilities?


4. What is the risk impact or risk factor (critical, major, minor) that you would qualitatively assign to the


risks, threats, and vulnerabilities you identified for the LAN-to-WAN Domain for the healthcare and


HIPPA compliance scenario?


5. Of the three Systems/Application Domain risks, threats, and vulnerabilities identified, which one


requires a disaster recovery plan and business continuity plan to maintain continued operations during


a catastrophic outage?


6. Which domain represents the greatest risk and uncertainty to an organization?


7. Which domain requires stringent access controls and encryption for connectivity to corporate


resources from home?


8. Which domain requires annual security awareness training and employee background checks for


sensitive positions to help mitigate risk from employee sabotage?


9. Which domains need software vulnerability assessments to mitigate risk from software


vulnerabilities?


10. Which domain requires AUPs to minimize unnecessary User initiated Internet traffic and can be


monitored and controlled by web content filters?


Student Lab Manual


Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -10-


11. In which domain do you implement web content filters?


12. If you implement a wireless LAN (WLAN) to support connectivity for laptops in the Workstation


Domain, which domain does WLAN fall within?


13. A bank under Gramm-Leach-Bliley-Act (GLBA) for protecting customer privacy has just


implemented their online banking solution allowing customers to access their accounts and perform


transactions via their computer or PDA device. Online banking servers and their public Internet


hosting would fall within which domains of security responsibility?


14. Customers that conduct online banking using their laptop or personal computer must use HTTPS:, the


secure and encrypted version of HTTP: browser communications. HTTPS:// encrypts webpage data


inputs and data through the public Internet and decrypts that webpage and data once displayed on


your browser. True or False.


15. Explain how a layered security strategy throughout the 7-domains of a typical IT infrastructure can


help mitigate risk exposure for loss of privacy data or confidential data from the Systems/Application


Domain.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Top Essay Tutor
Helping Hand
University Coursework Help
Writer Writer Name Offer Chat
Top Essay Tutor

ONLINE

Top Essay Tutor

I have more than 12 years of experience in managing online classes, exams, and quizzes on different websites like; Connect, McGraw-Hill, and Blackboard. I always provide a guarantee to my clients for their grades.

$65 Chat With Writer
Helping Hand

ONLINE

Helping Hand

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$60 Chat With Writer
University Coursework Help

ONLINE

University Coursework Help

Hi dear, I am ready to do your homework in a reasonable price.

$62 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Long term objectives and strategies - Naive method forecasting excel - How to write a book review of a novel - Mg car club geelong - Genogram emotional symbols - Bowen family systems theory powerpoint - Which market targeting strategy is virgin america following - Phet 2d motion and vectors simulations lab answers - Recruit select and induct staff assessment answers - Ethical hacking - Examples of marketing myopia today - The project scope document is valuable for establishing - Self Reflective - Analysis of energy sources lab report - Brooklands vip pet products - Project plan - Lb - Followership and servant leadership compare and contrast army - Let it go tab - What is word building in english grammar - Pile driving blow count - Guyan machinery a west virginia manufacturing corporation - Which company has the highest percentage of fixed assets - 900 words plus 2 pages - 1st federal savings and loan valdosta ga - 2 Response to Discussion questions - Hospital network design project pdf - How do things move - How to open project mc2 composition book without bracelet - Zones of regulation parent letter - Approaches to psychology worksheet answers - Tweak nic sheff quotes - Good girls - Caerphilly county borough schools - A lady of letters analysis - The communication process involves all of the following except - My topic person (Joesph M. Juran) - E-business#3-ECOM421 - Week 6 - An oil rig searches for and finds oil reservoirs quizlet - Icd 10 pcs root operation groups - Marine vessel operation - Impact and trends regarding health care access quality technology - Chapter 9 Review Questions - The deaf society sydney - Henry molaison case study - The pulley george herbert sparknotes - Hospital network design project pdf - How to prepare political science for css - North star casino jobs - Otisline - Sadler commission report - Phoenix edge hv 160 - Scientific apparatus makers association symbols - Animal farm chapter summaries - 3 little pigs materials - La película ____ / mala / la historia del cine - Briefly describe your family's economic background - Sci 207 week 3 rough draft - The language you cry in - Co operative registration forms - The chemistry of diet sodas and the effect on bone structure - Bhopal disaster ethics - Teaching emotion recognition autism worksheets - Microsemi libero free license - Examples of perception checking statements - 8 paragraph due asap - The deep river by head summary - History of California - A writers reference 7th edition by diana hacker - Case Study (JMW4) - Discussion - CMGT - 4 pages needed due by 15 hours - Fpr4k nm 6x10sr f - Income tax act mauritius - Think like a freak chapter 7 quizlet - Cite give me liberty eric foner - Hr business partner model presentation - The negative effects of homework - Binomial theorem on ti 84 - Esure car insurance vandalism - How to identify a precipitation reaction - Citing a chapter in a book apa - Woolworths car insurance drive less pay less - Primary and secondary deviance - Ssf wisdom scholarship 2018 results - +91[++]9414601882 lOvE prOblEm sOlutiOn vashikaran spEcialist uk - Warner lambert stock price history - Reading summary and respond - How to explain emotive language - Dr lavrik lenoir city tn - Hbr marketing in the age of alexa - Examples of conflict in the crucible - The iep process spd 200 - English - Tan 120 unit circle - Four uses of comparative data in healthcare organizations - The death of ivan ilyich discussion questions - Peak to peak voltage oscilloscope