Question: Instructions In this assignment, you will conduct a mock threat assessment, which is a key step in developing an organizations overall IT risk management plan.
Instructions
In this assignment, you will conduct a mock threat assessment, which is a key step in developing an organizations overall IT risk management plan. The assignment includes ten IT security threats, and you will need to analyze each one by providing an answer for the bullets a to e. Below is how you should provide the answers:
a. Determine what would be a primary category (source) of each instance. Choose one or several of the following: internal human-caused, external human-caused, internal non-human-caused, external non-human-caused.
b. Identify what would be the main information security target for each threat actor. Choose one of the following: confidentiality (C), integrity (I), or availability (A).
c. Identify what asset(s) would be impacted the most by the threat. The assets include specific hardware, software, networks, servers, people, buildings, etc. Be specific and in your response and provide explanations.
d. Explain what vulnerabilities (technical, procedural, etc.) may allow the threat (or attack) to succeed.
e. Identify one or several protection mechanisms against the threat and explain how they work.
Remember that your answers must be original, and it is not allowed to contact other classmates about the assignment and share the responses.
Threat #1: Unexpected critical hardware failure
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #2: Denial of service attack
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #3: Phishing email to an employee
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #4: City-wide power outage disrupts business functions
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #5: Disgruntled employee destroys important data
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #6: Online brute-force attack on passwords
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #7: Attacker manipulates values in a corporate report
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #8: Ransomware attack blocks access to corporates systems
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #9: Corporate laptop is stolen
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Threat #10: Attacker eavesdrop and makes copies of network traffic
a. Source:
b. CIA:
c. Assets impacted:
d. Vulnerabilities:
e. Protection mechanisms:
Step by Step Solution
There are 3 Steps involved in it
1 Expert Approved Answer
Step: 1 Unlock
Question Has Been Solved by an Expert!
Get step-by-step solutions from verified subject matter experts
Step: 2 Unlock
Step: 3 Unlock