Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

An educational institute suffers from very low information security in terms of maturity across many elements of infosec and information assurance, including cyber resilience and

An educational institute suffers from very low information security in terms of maturity across many elements of infosec and information assurance, including cyber resilience and application of cybersecurity good practice. Data breaches could have the institute puts its reputation at risk, and students expect a high level of protection of their data. It is highly recommended that there is a need to impose a certain level of filtering for the network to be secure so as to sustain from threats and attacks. To add restrictions on a particular network it is necessary to identify the possible threats to the organization. For example, it is necessary to identify the important services that run on the network. In order to get this done, there is a need to perform scanning on the network to identify the services and ports of the applications. Furthermore, the firewall needs to be configured by adding rules to block and allow the services based on the requirements of the organization and the security perspectives of the network.

Part B: The institute had no dedicated security team and therefore till now no security policy is in place. Recently, the governing body of this business forms a security team and makes following two goals that they would like to achieve in six months - 1. Assessing the current risk of the entire organization 2. Treat the Risk as much as possible Task I: Risk Identification In achieving the above two goals, you will do the followings 1. Find at least five assets 2. Find at least two threats against each asset 3. Identify vulnerabilities for the assets Task II: Risk Assessment At the end of the risk identification process, you should have i) a prioritized list of assets and ii) a prioritized

list of threats facing those assets and iii) Vulnerabilities of assets. At this point, create Threats- Vulnerabilities-Assets (TVA) worksheet. Also, calculate the risk rating of each of the five triplets out of 25.

TASK III: Risk Treatment In terms of Risk Treatment, for each of the five identified risk, state what basic strategy you will take. Justify for each decision. Also, Advise all possible protection mechanism and corresponding place of application


Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Pro Android Graphics

Authors: Wallace Jackson

1st Edition

1430257857, 978-1430257851

More Books

Students also viewed these Programming questions

Question

=+d) Are all of these rolls within the specification limits?

Answered: 1 week ago