Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

What fills security gaps and software weaknesses

08/01/2021 Client: saad24vbs Deadline: 12 Hours

Week3


Project Part 1-Task 2 – Risk Assessment


Course: Information Security and Risk Management (ISOL533-03)


Name: Sai Vishal Goud Muddam


Student ID: 002852328


Instructor: Dr. Amelia Phillips


EXECUTIVE SUMMARY


One of the most important first steps to risk management plan is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountability for risk management.


The Risk Management plan covers the Risks, Threats, and weakness of the Health Network, Inc. (Health Network)


Risk Management plan: Risk Management is the process of reducing the risk of harm to the patients, staff, and associations. It includes exercises that encompass preventive action or mitigation of events to reduce poor results, or financial and proficient loses.


Risk Assessment: All risks recognized will be assessed to perceive the extent of possible undertaking results. Capacity will be used to make sense of which risks are the top priority to look for after and respond to and which threats can be ignored. The likelihood and impact of occasion for each recognized risk will be assessed by the undertaking chief, with commitment from the project team using the going with system. The purpose of risk assessment incorporates the avoidance related risks, and this should constantly be the goal, it won't commonly be attainable by and by. Where transfer of risks is past the domain of creative ability, the risks should be reduced, and the remaining risks should be controlled. At a later stage, as a noteworthy part of a study program, such leftover risk will be reassessed and the probability of transfer of the risk.


Follow these risk management steps to improve your risk management process:


Plan: understanding the authoritative objectives, external and internal condition.


Identify the risk: When you and your team have accumulated possible issues, make a project risk log or undertaking risk enroll for clear, after and checking of dangers all through a project. A project risk log, moreover, insinuated as an undertaking risk enlisted, is a fundamental piece of any compelling danger the board procedure. As a persistent database of each undertaking potential risk's, it empowers you administer current dangers just as fills in as a sort of viewpoint point on past errands as well. By laying out your risk register with the best possible information focuses, you and your group can rapidly and accurately identify and assess possible threats to any project.


Analyze the risk: During this progression, your team will evaluate the probability and fallout of each hazard to pick where to focus first. Elements, for instance, potential money related misfortune to the affiliation, time lost, and seriousness of impact all have an impact in looking at each hazard. In putting each hazard under the amplifying instrument, you'll also uncover any fundamental issues over an endeavor and further refine the risk management process for future activities.


Respond: At the point when every single reasonable course of action is recorded, pick the one that is well while in transit to achieve needed outcomes. Find the required resources, for instance, work power and financing, and get the essential buy in. Senior organization will likely need to confirm the game plan, and associates ought to be instructed and arranged if indispensable. continuously Set up a formal system to execute the game plan truly and dependably over the affiliation and stimulate specialists.


Monitor: Here we must play out the correspondence among the team and accomplices is essential with respect to persistent observing of potential risks. Furthermore, remembering that it may feel like you're gathering felines every so often, with your risk management process and its relating project risk register set up, checking those moving targets advances toward getting to be something besides unsafe business.


RISKS - THREATS – WEAKNESSES WITHIN EACH DOMAIN


User Domain: Any client who can access to our organization data systems comes into this domain.


Risks: At the point when User gets angry can devastate and erase every one of the information in application. Most likelihood of visiting the hazardous sites and download and introduce the malicious software. unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization.


WorkStation domain: Workstation is only a client's PC like desktop, laptop which worked under the network.


Risks: Workstation is vulnerable and open to malicious software. If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data. We should refresh patches to the operating system, software and antivirus up to date.


LAN Domain: Lan refers to local area network is a group of computers, routers, switches connected to a trusted network zone within the firewall.


Risks: Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure. Attackers uses sniffers to capture and read all the data within the packets.


LAN to WAN Domain: Domain which connects the local area network to wide area network by providing the firewalls and boundary protection between trusted and untrusted zones.


Risks: An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address. Heavy flow of incoming and outgoing packets of traffic may reduce the performance issues.


WAN Domain: Defines wide area network which uses semiprivate lines from telecommunication companies.


Risks: Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users. Moreover, chances of security risks are high while uploading the software’s through FTP.


System / Application Domain: Domain refers to a server which hosts a user access application like database, oracle, mail servers WebSphere.


Risks: Because of security gaps and software weakness servers might receive a cyber-attack by attacker who wants to corrupt and destroy the data.


Remote Access Domain: Domain which refers to users who works remotely from their private network over a public network through VPN.


Risks: Remote access is the easy way of accessing the unprotected connections by attackers. Chances are high while authentication (credentials)and data transfer through VPN.


Risk – Threat - Weakness


Domain Impacted


Risk Impact / Factor


Risk: Chances are high while authentication (credentials)and data transfer through VPN. Threat : It is easy way of accessing the unprotected connections by attackers. Weakness : Unauthorized access from public internet


Remote Access Domain


2 Major


Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker. Threat : Users who have full access to data lead to data manipulation. Weakness : Doctor destroys data in application, deletes all files, and gains access to internal network


System/Application


1 Critical


Risk : An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address. Threat : Hacker penetrates IT infrastructure through modem bank and gain access to internal network. Weakness : Hacker penetrates IT infrastructure through modem bank


LAN – to - WAN


1 Critical


Risk : Most likelihood of visiting the hazardous sites and download and introduce the malicious software. Threat : Unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization. Weakness : A technician inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned computers


User


3 Minor


Risk : Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure. Threat : Attackers uses sniffers to capture and read all the data within the packets Weakness : LAN server OS has a known software vulnerability


LAN


3 Minor


Risk : If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data Threat: Workstation is vulnerable and open to malicious software Weakness : Unauthorized access to organization-owned workstations


Workstation


1 Critical


Risk : Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users Threat : Security risks are high while uploading the software’s through FTP. Weakness : Service provider has a major network outage


WAN


1 Critical


Risk : Chances are high while authentication (credentials)and data transfer through VPN Threat : It is easy way of accessing the unprotected connections by attackers. Weakness : Remote communications from office


Remote Access Domain


2 Major


Risk : Servers may receive the cyber-attacks (DOS) by hackers who wants to make system and network unavailable to users Threat : Security risks are high while uploading the software’s through FTP. Weakness : Communication circuit outages


WAN


2 Major


Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker Threat : Users who have full access to data lead to data manipulation Weakness : Denial of service attack on organization’s e-mail server


System/Application


1 Critical


Risk : Most likelihood of visiting the hazardous sites and download and introduce the malicious software. Threat : Unknowingly without their insight bring virus from USB drives which infects different PCs and whole organization Weakness : Intraoffice employee romance gone bad


User


3 Minor


Risk : If the system is infected malware may infect single system or entire organization through network and failure of hard drive may cause losing the data Threat : Workstation is vulnerable and open to malicious software Weakness : Workstation operating system (OS) has a known software vulnerability


Workstation


3 Minor


Risk : Any virus enters through Lan infect all the systems. Date which is transferred outside of network is not secure Threat : Attackers uses sniffers to capture and read all the data within the packets Weakness : Need to prevent rogue users from unauthorized WLAN access


LAN


3 Minor


Risk : An unnecessary open of firewall ports gives a way for hackers to access the internet from outside using a public IP address Threat : Hacker penetrates IT infrastructure through modem bank and gain access to internal network Weakness : Weak ingress/egress traffic-filtering degrades performance


LAN – to - WAN


1 Critical


Risk : Because of security gaps and software weakness servers might receive a cyber-attack by attacker Threat : Users who have full access to data lead to data manipulation Weakness : Loss of production data server


System/Application


1 Critical


Compliance Laws and Regulations


Health Network, Inc must comply with explicit laws and regulations to guarantee information security. Basically, the organization must exhibit the centrality of shielding information regarding all the customer. Moreover, with most organizations, the laws of government information security the official's security data regarding all the clients. Similarly, with most organizations, the laws of government information security the board showing are fundamental and Health Network, Inc. Must submit to them. FISMA helps relationship in ensuring that their information is secure. Medical coverage likelihood and duty act is the laws that Health Network must kept up due to the information set away in HNetExchange, HNetPay, and HNetConnect. HIPPA laws are basic in verifying wellbeing information. Moreover, Health Network must ahere to Work Health and security Act, Privacy Obligations and Government Information Act. Also, Payment card industry information security standard, Public interest disclosure, and state records act are vital.


References:


The seven domains of a typical IT Infrastructure. (n.d.). Retrieved from https://sis.binus.ac.id/2018/01/15/the-seven-domain-of-a-typical-it-infrastructure/


(n.d.). Retrieved from https://stevevincent.info/ITS305_2016_2.htm


What is Risk Management? What are the 5 Risk Management Steps in a Sound Risk Management Process? (2018, December 24). Retrieved from https://www.managementstudyhq.com/risk-management-steps-in-risk-management-process.html


Dcosta, A. (2018, November 18). An Example of a Risk Management Plan for Use on Any Project. Retrieved from https://www.brighthubpm.com/risk-management/5141-risk-management-plan-examples/

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

University Coursework Help
Helping Hand
Top Essay Tutor
Writer Writer Name Offer Chat
University Coursework Help

ONLINE

University Coursework Help

Hi dear, I am ready to do your homework in a reasonable price.

$102 Chat With Writer
Helping Hand

ONLINE

Helping Hand

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$100 Chat With Writer
Top Essay Tutor

ONLINE

Top Essay Tutor

I have more than 12 years of experience in managing online classes, exams, and quizzes on different websites like; Connect, McGraw-Hill, and Blackboard. I always provide a guarantee to my clients for their grades.

$105 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Walt disney world swot analysis - Target corporation financial statements 2016 - Security Paper - Ordering and seriation activities for preschoolers - Scope and sequence australian curriculum - Nissan case study milestone 2 - Direct or inverse variation - How to read resistors 4 band - Common base year financial statements - Describe the relationship between health care cost and quality - What is rhythm in poetry - Discussion Board Chapter 11 - Rochester midland corporation uk - I remember you was conflicted lyrics - Accounting information systems final exam - Soc 515 human trafficking - Why did puberty blues end - Business Administration & International Business Essay - 6103 Week 6 Discussion - Physical, Emotional, and Spiritual Well-Being - CFO Report - Case study-Marketing Research - +91-8306951337 get your love back by vashikaran IN Udaipur - The language you cry in - Adventure speech for 2 minutes - Distance vs displacement worksheet - History of astronomy ppt - Jeux - Bobby dazzler cockney slang - The container store swot analysis - Oil tank cleaning procedure - Verbal and nonverbal communication and listening skills paper - Where do you enter cheat codes for bloody roads california - Work breakdown structure for planning a vacation - The table below shows the monthly cost of producing vintage model cars for collectors. - Bonanza card game rules - Grandma wolf private peaceful - Edexcel history past papers - Responses - Business ethics: case study 5 - 4 Responses Sep 03 - Properties of materials stage 3 - C06 Week 6 Threaded Discussion - 3 5 6 improper fraction - Managerial accounting heisinger and hoyle - CCM-3 - The garden spot charlottesville virginia - Clinitek status error codes - Population health and epidemiology - Best vi cheat sheet - Hemophilia pedigree chart royal family - Difference between qualitative and quantitative research sampling strategies - Qdx f px - Questions and answers about respect - Paired t test spss laerd - 8 troon road rosebud - Agriculture machine with name and uses - Individual success plan - Dhl express box 5 - Youtube calgary stampede chuckwagon race - Nourish your little piggies foot mask - How far does the average paper airplane fly - Discussion and Assignment - Comsats institute of information technology virtual campus - Manpower vera bradley - Australian curriculum achievement standards - WAS THE INDUSTRIAL REVOLUTION A PUBLIC HEALTH DISASTER OR BOON?" DISCUSS - Greenberg and baron 2008 - Art history research paper outline template - Maths genie trigonometry answers - The drummer boy of shiloh quiz - The house of thebes - Neurodevelopmental and neurocognitive disorders paper psy 410 - Science in the news assignment - Presented below is information related to ivan calderon corp. for the year 2014. - Key concepts of risk and quality management in healthcare - How to setup windows live mail on android phone - Business law assignment - Arduino mega 2560 input voltage - College athletes should not be paid speech outline - Nitro reader 3 download - Modulus 11 check digit - Coulombs law lab - What is case mix index used for - 2017 2018 baldrige excellence framework pdf - Virgin media bundle builder - Convert watts to amperage - Resident evil 4 manic brent - Ati active learning template basic concept management of care - Week 9 assignment data mining - Under armour ratios - Principles of pathophysiology bullock and hales - Make a referral my aged care - South kingstown tax assessor - Vc medical abbreviation physical therapy - Lms ugrad - Why do lumberjacks make good music worksheet answers - Water treatment 2 reed bed reading answers - Week 3 Discussion - Which of the following is the strongest electrolyte - How to write a nursing diagnosis in pes format