Let's assume WWU has the following high-level technical risks:

Host-based DLP is not implemented, making endpoint data security non-existent when not connected to the campus** network.

Endpoints lack required security controls (e.g. firewall, memory protection, dangerous attachment blocking).

Enterprise patching processes do not include 3rd party applications (e.g. Adobe, Java, Firefox).

Enterprise patching processes do not include the Linux operating system.

The complete service account risk profile is unknown but considerable with significant known aging, sharing, and permission issues.

1. Which risk, from the list above, represents the greatest technical risk to WWU? Why do you think that is?

2. Which risk, from the list above, would have the shortest time to remediate? Why do you think that is?