Preview

Unit 1 Assignment 1 Application of Risk Management Techniques

Good Essays
Open Document
Open Document
388 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Unit 1 Assignment 1 Application of Risk Management Techniques
1. Threats and Vulnerabilities
a. Windows Vista
b. Two large production facilities connected to headquarters via external ISP
c. Sales connects with VPN thru their own internet
2. Risk management techniques
a. Mitigation – modify the technical environment and train the employees
b. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
c. Avoidance – eliminating the source of the risk and eliminating the exposure of assets to the risk
3. Windows Vista is outdated. This company needs to update all their machines to Windows 7 or 8. There aren’t any updates coming for Windows Vista anymore therefore they are putting their company at risk everyday that they keep Vista. Also, it’s stated that the workstations connect via industry standard managed switches. This may not be a high risk but it is still a risk.
The remote production facilities are connected to headquarters via routers T-1 (1.54 mbps telecomm circuit) LAN connections provided by an external ISP and share an internet connection through a firewall at headquarters. They do have firewalls in place; however there are still threats in place. Anyone could breach this firewall and use their system since it’s an external ISP.
Individual sales personnel connect to the system using a VPN which is great however they have to connect using their own individual internet connection typically in a home office. This puts them and the company at risk because again anyone could breach this internet connection. There needs to be multiple layers of security and firewalls protecting the information.
4. To prevent risk or threats of any kind you must safeguard all information stored on the database server. Employees have private information regarding business and customers stored on the database server and the loss or accidental leak of data could be a major hit to the company. This is why it is so important to use the risk management techniques of avoidance, transfer,

You May Also Find These Documents Helpful

  • Satisfactory Essays

    To minimize the risks associated with investing is, Familiarize yourself with the different types of risk. Most…

    • 521 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    To secure the network and ensure a degree of protection from external intrusion, the first step is to ensure it is a private network and each host in the different remote locations is part of the private network; this minimizes the intrusion from public networks. Through the use of firewalls in the central computer network enforces authentication of all users in the network thus minimizing internal and external unauthorised access (Stallings, 2007).…

    • 349 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Manage Risk

    • 6382 Words
    • 19 Pages

    b) Risk management: The identification, analysis, assessment, control, and avoidance, minimization, or elimination of unacceptable risks.…

    • 6382 Words
    • 19 Pages
    Powerful Essays
  • Satisfactory Essays

    ISSC 363 Week 2 Quiz

    • 320 Words
    • 2 Pages

    Which of the following is not one of the objectives of a risk management plan?…

    • 320 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    In this article there was a philosophy of risk. This philosophy gave the actions that should be considered when putting the philosophy into action.…

    • 1082 Words
    • 5 Pages
    Better Essays
  • Good Essays

    Vpn Solutions

    • 571 Words
    • 3 Pages

    •Imagine you are a consultant called upon by a large U.S. corporation having more than 10,000 employees nationwide. You are asked to implement a VPN solution for remotely located employees to access the same corporate resources as they could from their desktops at work. Describe, in order, the types of questions you would ask their management and IT personnel in an information-gathering session before providing them a plan of work.…

    • 571 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Aircraft Solution has a firewall vulnerability that weakens the network infrastructure. There are insufficient firewalls protecting AS’s headquarters, currently there is only one Firewall between the Defense Division (DD) router and the main router. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted. The Chula Vista site lacked a firewall connection resulting in a direction connection to the Internet. Without a firewall in place, all of the company computers are directly accessible to anyone on the Internet.…

    • 859 Words
    • 4 Pages
    Good Essays
  • Better Essays

    To try to eliminate risk in business enterprise is futile. Risk is inherent in the commitment of present resources to future expectations. Indeed, economic progress can be defined as the ability to take greater risks. The attempt to eliminate risks, even the attempt to minimize them, can only make them irrational and unbearable. It can only result in the greatest risk of all: rigidity. (p. 374)…

    • 1152 Words
    • 5 Pages
    Better Essays
  • Good Essays

    The company prides itself on having a virtual office. Each consultant works out of their home but is connected to the company and co-workers through a virtual private network (VPN). A number of other electronic tools are used to complete work and to communicate including Blackberries, SharePoint, internal website, etc. In addition consultants often work remotely for clients using technologies such as teleconferencing, videoconferencing and web conferencing. Clients often set-up consultants with access into their networks to allow staff access to required information or to perform work related to hospital software programs. This speaks loudly to the concept of telecommuting.…

    • 464 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Internal Network Security

    • 1463 Words
    • 6 Pages

    All the facts above show that company must also think how to defend their network security from inside intruders, and not only concern about put firewall to protect their network security from outside. Companies must find way how to protect their information assets from attack, and make their network security is effective to block the threats either from outside or inside company.…

    • 1463 Words
    • 6 Pages
    Powerful Essays
  • Good Essays

    Network Design Proposal

    • 731 Words
    • 3 Pages

    Remote access to the network is required as some employees may work from home, and employees working offsite would also need access to the network from devices such as PDAs.…

    • 731 Words
    • 3 Pages
    Good Essays
  • Better Essays

    • Such a financial concern arises from the fact that every asset is exposed to the risk of being destroyed, lost or damaged due to some accidental occurrence.…

    • 5465 Words
    • 22 Pages
    Better Essays
  • Powerful Essays

    Virtual Network

    • 4865 Words
    • 20 Pages

    The term VPN has been associated in the past with such remote connectivity services as the (PSTN), Public Switched Telephone Network but VPN networks have finally started to be linked with IP-based data networking. Before IP based networking corporations had expended considerable amounts of time and resources, to set up complex private networks, now commonly called Intranets. These networks were installed using costly leased line services, Frame Relay, and ATM to incorporate remote users. For the smaller sites and mobile workers on the…

    • 4865 Words
    • 20 Pages
    Powerful Essays
  • Satisfactory Essays

    Financial Assignement

    • 476 Words
    • 2 Pages

    Q.10: How does the notion of risk and reward govern the behaviour of the financial managers?…

    • 476 Words
    • 2 Pages
    Satisfactory Essays