Risk Analysis Assignment

Great Essays
Instructor Due Date

Part 1 2 3 4 Total
Maximum Points
25 points 25 points 25 points 25 points 100 points

Your Score

Textbook Reading Assignment

Read Chapter(s) 14 , 19 , 20 , 21 in your Information Security textbook.

Part 1 Glossary Terms - Risk Analysis

Define, in detail, each of these glossary terms from the realm of computer architecture and operating systems and computer topics, in general. If applicable, use examples to support your definitions. Consult your notes or course textbook(s) as references or the Internet by visiting Web sites such as:

http://www.askjeeves.com http://www.webopedia.com http://www.wikipedia.org

(a) data warehouses

A data warehouse is a data system which houses queryable
…show more content…
(d) threats

A threat can be determined as a result of a risk analysis. In computer security, a threat refers to anything that contains the potential to cause extreme harm to a computer system. If a threat exists it does not mean that something will happen, it simply means that something has the potential to cause serious damage.

(e) vulnerabilities

A vulnerability is a weakness to the security of a system that allows for serious harm when an attacker has the skills and tools to exploit that weakness.

Part 2 Exercises - Risk Analysis

Write a brief but complete answer for each of these. (1) What are four different types of assets that you are likely to encounter with Risk Analysis?

The first type of assets are logical assets. This type of asset includes conceptual items such as locations, cost centers, vendors, and departments. The next type of assets are physical assets. These types of assets include items such as device hardware and software, as well as office furniture. The last two types of assets are tangible and intangible soft assets. Tangible soft assets can be defined as human resources. Intangible soft assets can be defined as brand, knowledge, and
…show more content…
(1) What are some safeguards to prevent any network or computer system attacks?

One of the first ways than an organization can prevent a computer system attack is by installing a firewall. This will serve as a way to filter data between a host and another network.

(2) Risk analysis is not a single activity, but rather a group of related activities. They typically take which sequence of steps?

The steps involved in risk analysis are; (1) identifying any potential risks, (2) assessing the risks the risks that are found, and (3) controlling threats to an organization 's IT infrastructure in hopes of lowering or eliminating security threats. Two factor authentication is another method for attempting to block unauthorized access to a system, network, or general sensitive information. Two factor authentication requires "something you know"; a password or PIN, and "something you have"; a card, dongle, cellphone, or other piece of hardware. Finally, it is possible to reduce an attacker 's chances by keeping systems up to date with items such as security patches and system software and hardware

Related Documents

  • Improved Essays

    In case of PaaS and SaaS model cloud provider has a responsibility to provide good level of security .Following aspects related to security must be considered. • How the different applications are isolated from each other and whether the data belonging to one customer is inaccessible to any other customer or not[…

    • 745 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Vulnerability assessment as related to IT environment is any flaw or weakness in the network infrastructure’s defenses that could be exploited in order to create an impact on the network. When it comes to network architectures vulnerability is a security weakness and mostly it is not being seen as a security threat. Protecting and defending a network successfully requires an effective system architecture security. Plus organization, network engineers and administrators must have policies, guidelines and follow through with the vulnerability assessment process. A successful defense will require effective information security architecture with that vulnerability assessment.…

    • 706 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    Timely updates should be incorporated in the procedures to be sure of the effectiveness of the solution. Reports of incidents, prevention and vaulting should be provided to evaluate the effectiveness of the solution in place and types of attacks being encountered. b. Uniformity of software to be installed in end-user Smartphone based on what the equipment will be used for. c. Antivirus solution must be part of the security setup and set to automatic scan/update. d. Any files received either electronically sent or through removable media should be scanned for probable malicious software content.…

    • 1344 Words
    • 6 Pages
    Great Essays
  • Great Essays

    Security Countermeasures

    • 1615 Words
    • 7 Pages

    Subsequently, attacks against switches, routers, and networks may have serious consequences on the efficiency in addition to control functions of the power system. These attacks can take the form of network interference through the injection of ad-hoc crafted streams of packets designed to flood the network. Another form is single implementation vulnerability in which the goal is to exploit an irregularity of a particular model of network devices caused by implementation errors. Fortunately, the known threats or possible threats are considered in creating countermeasures (López, Setola, & Wolthusen, 2012, p. 224-226). Countermeasures are unequivocally essential to maintain control of the power systems.…

    • 1615 Words
    • 7 Pages
    Great Essays
  • Improved Essays

    However, mere detection does not provide the comprehensive analysis of the threats. Additional information such the origin and the intention of the threat are equally important. Moreover, a bigger attack could be preceded by small sniffing attacks to gauge the weakness in the security. Effective monitoring tools should be capable of detecting these forms of attacks, analyzing their intent and determine the scope of damage that could be caused in case of a security breach. Attacks such as DDoS (Distributed Denial of Service) target servers by sending large numbers of connection requests within a short span of time, which renders the server unresponsive.…

    • 810 Words
    • 4 Pages
    Improved Essays
  • Improved Essays

    Firewall From a definition standpoint, a firewall is a hardware or software used in a networked environment to block unauthorized access by individuals while permitting authorized communications to and from the user. The firewall is often seen as a filtering wall that stands between the local network and the Internet. It jobs is filter out the traffic that might be harmful to the user device. The firewall monitors the ports that connect your network to the Internet and checks data packets before allowing them to pass through. A firewall can accept a packet, drop it -- erasing it from existence -- or deny it, returning it to the sender (Writer, 2013).…

    • 711 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    I will pass policies that show employees how to construct strong passwords to log in to the system such as P0c0nt@s2132, in which shows not only letters but upper case, symbols, and numbers. As well as, a secret question and password must be provided to provide reassurance that the person logging in is who they say they are. Next would be to have the right and updated anti-virus and malware protections. This will help detect threats that enter the system. Locking your network and applying wired networks, which involves plugging into physical outlets or hacking modem ports.…

    • 700 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    The goal of this step is to identify a list of system weakness, by using security test of system, audit comments and security requirements that could be exploited. These weaknesses generate the threat/vulnerability pair. Control Analysis For every threat/vulnerability pairs, identify all the possible existing and planned controls to decrease the risk of the threat to exploit vulnerability. Security controls involve the use of technical and non-technical approaches. Technical controls are protection that are combined with computer hardware, software, and firmware.…

    • 1790 Words
    • 8 Pages
    Great Essays
  • Improved Essays

    Port Scanning Policy

    • 729 Words
    • 3 Pages

    Roles and Responsibilities: Chief security Officer: Developing test proce-dures, performing periodic testing, documenting results and communicating vulnerabilities to the respective team leads, suggesting potential mitigation strategies. 5. Enforcement: Violation of the policy could result in loss or limitations on use of information resources, as well as disciplinary and/or legal action, includ-ing termination of employment or referral for criminal prosecution. c. Password Policy: Upon exploiting the vulnerability of the target system the pen tester can extract the passwords and crack them to login to other systems. Hav-ing a strict password policy will help reduce this vulnerability.…

    • 729 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Applications can dictate their networking requirements to the controller via northbound PAIS. In response, the controller converts those requirements into flows and installs them into the switches. Any malicious application can overwrite past policies/rules and make the network vulnerable (e.g. overwrite the old security rule with a new rule: bypass the firewall). There is no security mechanism in place to stop this kind of policy…

    • 710 Words
    • 3 Pages
    Improved Essays