The client has 2 offices in a city building. The client has a server hosted by...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
The client has 2 offices in a city building. The client has a server hosted by AWS Services. The client provides design and project management services for their customers. Several files are generated for each customer, and these are kept on the cloud server in a folder for each customer. The web server hosts a job scheduling database that tracks job tasks and their details and status as well as bookings made for each job. Now, only staff have access to information on both servers. The opportunity: The client has successfully used AWS services to host the web and file server for the past 3 years. As the business grows the client has the capability to develop its interactions with their own customers. The client would like to provide customers of the business read access to the details of their job bookings only and read access only to some of their project files. The client is concerned about security risk of providing more access. The problem: After watching the impact of recent floods in QLD and NSW and bushfires in VIC last year the customer is worried about the impact to the business if the instance in the AWS cloud is lost. Last year a trojan was uploaded to an on-premise file server resulting in a ransom demand and files on the file server were encrypted. Files were unavailable for 8 hours while the server was restored from backups. The customer information created 4 hours prior to the outage was lost and had to be recreated from conversation notes and emails. The client has emphasized the importance of making sure that customer information is not lost even in disaster conditions. The client wants a plan to ensure the data is resilient. The client is concerned about the security of the dynamic web service as it opens to customers as well as employees. They want the customers to have a good experience using this portal. If bookings are lost or corrupted this might have consequences such as penalties from downstream contractors. This important for the reputation of the business. 2.4 Evaluate severity of impact and disruption of risk events Assess the impact of the threats and vulnerabilities identified. Assess the likelihood of occurrence of the risks. 2.5 Document outcomes of impact analysis according to organisational policies and procedures Determine and report on the inherent risk of components. Complete the BIA template with the details of your analysis 3.5 Document architecture design according to business needs Complete the architecture design. Make sure all components are labelled with names and metadata. The client has 2 offices in a city building. The client has a server hosted by AWS Services. The client provides design and project management services for their customers. Several files are generated for each customer, and these are kept on the cloud server in a folder for each customer. The web server hosts a job scheduling database that tracks job tasks and their details and status as well as bookings made for each job. Now, only staff have access to information on both servers. The opportunity: The client has successfully used AWS services to host the web and file server for the past 3 years. As the business grows the client has the capability to develop its interactions with their own customers. The client would like to provide customers of the business read access to the details of their job bookings only and read access only to some of their project files. The client is concerned about security risk of providing more access. The problem: After watching the impact of recent floods in QLD and NSW and bushfires in VIC last year the customer is worried about the impact to the business if the instance in the AWS cloud is lost. Last year a trojan was uploaded to an on-premise file server resulting in a ransom demand and files on the file server were encrypted. Files were unavailable for 8 hours while the server was restored from backups. The customer information created 4 hours prior to the outage was lost and had to be recreated from conversation notes and emails. The client has emphasized the importance of making sure that customer information is not lost even in disaster conditions. The client wants a plan to ensure the data is resilient. The client is concerned about the security of the dynamic web service as it opens to customers as well as employees. They want the customers to have a good experience using this portal. If bookings are lost or corrupted this might have consequences such as penalties from downstream contractors. This important for the reputation of the business. 2.4 Evaluate severity of impact and disruption of risk events Assess the impact of the threats and vulnerabilities identified. Assess the likelihood of occurrence of the risks. 2.5 Document outcomes of impact analysis according to organisational policies and procedures Determine and report on the inherent risk of components. Complete the BIA template with the details of your analysis 3.5 Document architecture design according to business needs Complete the architecture design. Make sure all components are labelled with names and metadata.
Expert Answer:
Related Book For
Auditing An International Approach
ISBN: 978-0071051415
6th edition
Authors: Wally J. Smieliauskas, Kathryn Bewley
Posted Date:
Students also viewed these computer network questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Read the case study "Southwest Airlines," found in Part 2 of your textbook. Review the "Guide to Case Analysis" found on pp. CA1 - CA11 of your textbook. (This guide follows the last case in the...
-
Sherman Co. began operations on January 1, 2015, and completed several transactions during 2015 and 2016 that involved sales on credit, accounts receivable collections, and bad debts. These...
-
Why is there opposition to global of trade and integrassion of the world's economy
-
Figure gives an overhead view of the path taken by a 0.1-65 kg cue ball as it bounces from a rail of a pool table. The ball's initial speed is 2.00 m/s, and the angle ?1 is 30.0o. The bounce reverses...
-
Fuel may be: (a) Solid (b) Liquid (c) Gas (d) All of these
-
Prepare the journal entries required for Rocco State University to record the following transactions. 1. Tuition and fees assessed total $3,000,00080% is collected, scholarships are granted for...
-
In a single purchase crab length of handle is 600 mm and diameter of load drum is 200 mm. Number of teeth on pinions are 20 and that of spur wheel are 100. Find velocity ratio. On this machine, 100 N...
-
We are doing a research proposal to determine whether smartwatches brings motivation and health benefits for its users who have a busy lifestyle in Bristol. Are you able to decide the population we...
-
i) ii) Identify the Miller indices for the planes drawn below in cubic unit cells. (201) (112) or (TT3) Determine the d-spacing for each of the above planes in terms of the lattice parameter, a....
-
Consider the following reaction. What would be the equilibrium constant expression? 4Br2(g) + CH4(9) 4HBr(g) + CBr4(g)
-
An investment bank has developed a new indicator for tracking international currency values using the cost of an iPad (8th generation) 32GB as a benchmark. The concept behind the iPad Index is based...
-
(a) Find the three equations of state for a system with the fundamental equation: () 3 - (OR) = V = Show then that = -u. (You can assume that 0, R and Vo are positive constants). Remember that U(S,V,...
-
NUMBER ONE a) b) Differentiate between a feedback control system and a feed forward control system. (4 marks) In his study of: "the impact of budgets on people" C Argyris reported the following...
-
The flow of water from a reservoir is controlled by a 3.5-m-wide L-shaped gate hinged at the point B. To close the gate, a mass with unknown weight W at the point A and a fixed ridge at the point C...
-
On July 1, 2011, Flashlight Corporation sold equipment it had recently purchased to an unaffiliated company for $480,000. The equipment had a book value on Flashlights books of $390,000 and a...
-
1. Classify the following evidential items by type (direct knowledge, external, and so on), and rank them in order of appropriateness: a. Amounts shown on monthly statements from creditors b. Amounts...
-
What are control tests? What purpose do they serve?
-
The two major written understandings between an auditor and management, in connection with an audit of financial statements, are the engagement letter and the management representation letter....
-
What is the difference between internal and external audiences?
-
Like most major corporations, the U.S. Census Bureau has multiple, conflicting audiences, among them the president, Congress, press, state governments, citizens (both as providers and users of data),...
-
Listed here are several things an organization might like its employees to do: 1. Write fewer emails. 2. Volunteer at a local food pantry. 3. Volunteer to recruit interns at a job fair. 4. Attend...
Study smarter with the SolutionInn App