Risk Analysis Assignment

Instructor Due Date

Part 1 2 3 4 Total
Maximum Points
25 points 25 points 25 points 25 points 100 points

Your Score

Textbook Reading Assignment

Read Chapter(s) 14 , 19 , 20 , 21 in your Information Security textbook.

Part 1 Glossary Terms - Risk Analysis

Define, in detail, each of these glossary terms from the realm of computer architecture and operating systems and computer topics, in general. If applicable, use examples to support your definitions. Consult your notes or course textbook(s) as references or the Internet by visiting Web sites such as:

http://www.askjeeves.com http://www.webopedia.com http://www.wikipedia.org

(a) data warehouses

A data warehouse is a data system which houses queryable
…show more content…
(d) threats

A threat can be determined as a result of a risk analysis. In computer security, a threat refers to anything that contains the potential to cause extreme harm to a computer system. If a threat exists it does not mean that something will happen, it simply means that something has the potential to cause serious damage.

(e) vulnerabilities

A vulnerability is a weakness to the security of a system that allows for serious harm when an attacker has the skills and tools to exploit that weakness.

Part 2 Exercises - Risk Analysis

Write a brief but complete answer for each of these. (1) What are four different types of assets that you are likely to encounter with Risk Analysis?

The first type of assets are logical assets. This type of asset includes conceptual items such as locations, cost centers, vendors, and departments. The next type of assets are physical assets. These types of assets include items such as device hardware and software, as well as office furniture. The last two types of assets are tangible and intangible soft assets. Tangible soft assets can be defined as human resources. Intangible soft assets can be defined as brand, knowledge, and
…show more content…
(1) What are some safeguards to prevent any network or computer system attacks?

One of the first ways than an organization can prevent a computer system attack is by installing a firewall. This will serve as a way to filter data between a host and another network.

(2) Risk analysis is not a single activity, but rather a group of related activities. They typically take which sequence of steps?

The steps involved in risk analysis are; (1) identifying any potential risks, (2) assessing the risks the risks that are found, and (3) controlling threats to an organization 's IT infrastructure in hopes of lowering or eliminating security threats. Two factor authentication is another method for attempting to block unauthorized access to a system, network, or general sensitive information. Two factor authentication requires "something you know"; a password or PIN, and "something you have"; a card, dongle, cellphone, or other piece of hardware. Finally, it is possible to reduce an attacker 's chances by keeping systems up to date with items such as security patches and system software and hardware

Related Documents