Week 2 Lab Essay

Submitted By Ronald-Horne
Words: 567
Pages: 3

Risk – Threat – Vulnerability Primary Domain Impacted Risk Impact/Factor
Unauthorized access from pubic Internet WAN Domian 1

User destroys data in application and deletes User Domian 1 all files

Hacker penetrates your IT infrastructure LAN and WAN Domian 1 and gains access to your internal network

Intra-office employee romance gone bad User Domian 3

Fire destroys primary data center System/Application Domain 1

Service provider SLA is not achieved WAN Domain 2

Workstation OS has a known software Workstation Domain 2 vulnerability Unauthorized access to organization owned Workstation Domain 2 workstations Loss of production data system/application domain 1

Denial of service attack on organization wan domain 1
DMZ and e-mail server

Remote communications from home office remote access domain 2

LAN server OS has a known software system/application domain 1 vulnerability User downloads and clicks on an unknown user domain 3 unknown e-mail attachment

Workstation browser has software vulnerability workstation domain 3

Mobile employee needs secure browser access remote access 1 to sales order entry system

Service provider has a major network outage WAN 1

Weak ingress/egress traffic filtering WAN 1 degrades performance

User inserts CDs and USB hard drives user 2 with personal photos, music, and videos on organization owned computers

VPN tunneling between remote computer remote access 3 and ingress/egress router is needed

WLAN access points are needed for LAN LAN to WAN 3 connectivity within a warehouse

Need to prevent eavesdropping on WLAN LAN to WAN 1 due to customer privacy data access

DoS/DDoS attack from the WAN/Internet WAN 1

The purpose of the risk assessment, and summary of risks, threats, and vulnerabilities found though out the IT infrastructure is to show how you would be able to assess the risks and have a summary of the threats and vulnerabilities. You will be able to have an overview of everything. The testing helps to provide an understanding of which threats need to be addressed and which can be done at a