2. Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?
Contacting an analysis of information technology availability risk is cumbersome due to unplanned an events that counters how available the marginal aspects of the systems since the general objective risk analysis procedures hardly do they avail credible solutions meant to handle the emerging problems
3. What was your rationale in assigning a 1 risk impact/risk factor value of Critical to anidentified risk, threat, or vulnerability?
Critical risks are those that need urgency in mitigating since any delay may lead to serious collapse of the system hence hampering the generation functionality of the infrastructure.
4. After you had assigned the 1, 2, and 3 risk impact/risk factor values to the identified risks,threats, and vulnerabilities, how did you prioritize the 1, 2, and 3 risk elements? Whatwould you say to executive management about your final recommended prioritization?
Priority in assigning the risk value is based on the impact the risk has to the infrastructure. The risks with the bigger values do not have a serious impact as the one with lesser values like 1 or 2.
5. Identify a risk-mitigation solution for each of the following risk factors:a. User downloads and clicks on an unknown e-mail attachment
activate filtering of content as well as scanning
b. Workstation OS has a known software vulnerability
Update application software as well as security patches
c. Need to prevent eavesdropping on WLAN due to customer privacy data access
Use encryption as well as VPN tunnels for end to end secure IP connection
d. Weak ingress/egress traffic-filtering degrades performance
Apply and enforce strict security monitoring controlse. DoS/DDoS attack from the WAN/Internet
Apply and enforce filters to exterior IP
f. Remote access from home office
Apply and enforce organizations data classification standards
g. Production server corrupts database
Use workstation antivirus and malicious code policies as well as standards to safeguard the server data bases.
Cite this page
Risk Assessment for an IT Infrastructure. (2021, Mar 11). Retrieved from https://proessays.net/essays/risk-assessment-for-an-it-infrastructure
so we do not vouch for their quality
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Google Leadership
- MSc Degree in Electronic Communications and Computer Engineering
- Culture Web and the Strategy of Adnams Essay
- Expand on My Colleague's Strategy for Culturally Sensitive and Appropriate Partnerships
- Essay Sample on Auditing Plan/Balanced Scorecard
- Expository Essay on Cybercrime - Deepfakes
- Essay Example on Mentorship: Unlocking Your Potential Through Knowledge Sharing
