1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on.
2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management? Setting up security measures through various means includes the following: Forcing users to update password every X number of days.
Educating the users.
Firewalls – Anti-malware
3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities?
Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. You will have to rank some risk higher than the others.
4. What risk mitigation solutions do you recommend for handling the following risk element? A user inserts a CD or USB hard drive with personal photos, music, and videos on organization owned computers. A good antivirus program and have all devices scanned as soon as they are plugged in. Educate employees Disable optical drives/USB ports
The Essay on Risk Threat Vulnerability
... an organization’s intellectual property assets and IT infrastructure “3”Minor – a risk, threat, or vulnerability that can impact user or employee productivity or availability of ... of the identified risks, threats, and vulnerabilities, prioritize them by listing a “1”, “2”, and “3” next to each risk, threat, vulnerability in the “Risk Impact/Factor” column. “1 ...
5. What is security baseline definition?
A baseline is a starting point or a standard. Within IT, a baseline provides a standard focused on a specific technology used within an organization. When applied to security policies, the baseline represents the minimum security settings that must be applied.
6. What questions do you have for executive management in order to finalize your IT risk mitigation plan? What is the budget? What are their priorities? Disclose all your thoughts on the matter. Also show them other options and how you came to your conclusion, make sure the executive management agrees.
7. What is the most important risk mitigation requirement you uncovered and want to communicate to executive management? What is the most important risk mitigation requirement to the executive management group?
8. Based on your IT mitigation plan, what is the difference between short-term and long term risk mitigation tasks and on-going duties? Short-term are risks that can be fixed rapidly and will (more than likely) not have long term effects on the long company, term risks are risks that can end in fines if they involve compliance issues. On-going duties are the daily duties that must be done in order for the company to perform with minimal risks.
9. Which of the seven domains of a typical IT infrastructure is easy to implement risk mitigation solutions but difficult to monitor and track effectiveness? Of the seven domains, in my opinion, the remote access domain is the easiest to implement solutions for but more difficult to monitor and track effectiveness.
10. Which of the seven domains of a typical IT infrastructure usually contains privacy data within systems, servers and databases? LAN Domain
11. Which of the seven domains of a typical IT infrastructure can access privacy data and also store it on a local hard drive and disks? WAN Domain
12. Why is the remote access domain the most risk prone of all within the typical IT infrastructure? Remote users may be infected with a virus but not know that they are. When they connect to the internal network via remote access, the virus can infect the network.
The Term Paper on Risk And Quality Management Assessment Summary
Reunion Plaza Nursing Center, a long term nursing facility with a 102 beds and is in the process of adding an additional wing that will have 30 beds for the elderly, disable, and short term rehabilitation with a staff that consist of Administrator, Business Office Staff, Social Worker, MDS Coordinator, Central Supply Clerk, Staffing Coordinator, ADON, Hall Managers, Hall Nurses, Treatment Nurses, ...
13. When considering the implementation of software updates, software patches, and software fixes. Why must you test this upgrade or software patch before you implement this as a risk mitigation tactic? The goal of testing patches before deployment is to ensure the system’s applications and operations are not impacted, and business services are not interrupted. Proper testing of security updates is an industry-standard best practice that allows you to understand the possible impact of the patch update on your target environment
14. Are risk mitigation policies, standards, procedures and guidelines needed as part of your long-term risk mitigation plan? Why or why not? It helps in the identification of risks, helps lessen the impact of a disaster by being
prepared.
15. If an organization under a compliance law is not in compliance, how critical is it for your organization to mitigate this non-compliance risk element? Being in compliance helps your organization meet their obligations before legal action is taken against your organization when they do not comply with the law.