IS3110 Homework Week 1 Page 1
1. Analyze and explain each-of the threat/vulnerability pairs and their likelihood of occurrence.
2. Determine which of the 6 risks management techniques is appropriate for each risk explained in Task 1.
3. Justify your reasoning for each chosen management technique.
4. Prepare a brief report/presentation of your finding for senior management to review.
Likelihood Description
Negligible Unlikely to occur
Very Low Likely to occur 2/3 time in a 5 year period
Low Likely to occur once a year or less
Medium Likely to occur once every 6 months or less
High Likely to occur once per month or less
Very High Likely to occur multiple times per month
Extreme Likely to occur multiple times per day
Threat Vulnerability Likelihood of
Occurrence Managing
Technique Justification
Fire Lack of fire detection/suppression equipment LOW Put in place an adequate and appropriate fire detection/suppression system and maintain Putting in the correct fire suppression system will all for better suppression of fire as well as little or no damage to equipment
Hurricane,
Earthquake,
Tornado, Flood Loss of Production and DATA MED Off site backup storage, Hot/Warm/cold sites Offsite storage of back up will all for recovery of data
Equipment Failure Data not backed up LOW Back up on a schedule Allow for recovery of information
DOS or DDOS attack Public facing servers not protected with firewalls or IDS LOW Install and maintain Firewalls and IDS systems Will lower/eliminate the risk of being shut down due to DOS/DDOS
Malware/Spyware
Virus Lack of anti-virus software and outdated definitions MED Firewalls and anti-virus software installed and maintained on all systems Firewalls and anti-virus software will lower risk of information being compromised
Social Engineering Lack of security awareness MED Provide training, emails and presentations of issues Awareness training will help lower risks due...