Risk Assessment for an IT Infrastructure

Date:  2021-03-11 20:46:09
2 pages  (304 words)
Back to list
This essay has been submitted by a student.
This is not an example of the work written by our professional essay writers.

2. Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?

If this sample essay on"Risk Assessment for an IT Infrastructure" doesn’t help,
our writers will!

Contacting an analysis of information technology availability risk is cumbersome due to unplanned an events that counters how available the marginal aspects of the systems since the general objective risk analysis procedures hardly do they avail credible solutions meant to handle the emerging problems

3. What was your rationale in assigning a 1 risk impact/risk factor value of Critical to anidentified risk, threat, or vulnerability?

Critical risks are those that need urgency in mitigating since any delay may lead to serious collapse of the system hence hampering the generation functionality of the infrastructure.

4. After you had assigned the 1, 2, and 3 risk impact/risk factor values to the identified risks,threats, and vulnerabilities, how did you prioritize the 1, 2, and 3 risk elements? Whatwould you say to executive management about your final recommended prioritization?

Priority in assigning the risk value is based on the impact the risk has to the infrastructure. The risks with the bigger values do not have a serious impact as the one with lesser values like 1 or 2.

5. Identify a risk-mitigation solution for each of the following risk factors:a. User downloads and clicks on an unknown e-mail attachment

activate filtering of content as well as scanning

b. Workstation OS has a known software vulnerability

Update application software as well as security patches

c. Need to prevent eavesdropping on WLAN due to customer privacy data access

Use encryption as well as VPN tunnels for end to end secure IP connection

d. Weak ingress/egress traffic-filtering degrades performance

Apply and enforce strict security monitoring controlse. DoS/DDoS attack from the WAN/Internet

Apply and enforce filters to exterior IP

f. Remote access from home office

Apply and enforce organizations data classification standards

g. Production server corrupts database

Use workstation antivirus and malicious code policies as well as standards to safeguard the server data bases.

If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal: