Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

The dance club also receives emails from parents and other members from the website contact page. The web portal does not store payment information. This

image text in transcribed
The dance club also receives emails from parents and other members from the website contact page. The web portal does not store payment information. This information is transferred to the payment gateway for processing at the time of registration. Dance club members can log'n via the web portal and manage their personal information such as, phone number and address details. Dance club staff have access to administer the system remotely using portable devices of their choosing. Staff change frequently and there are no access controls in place. Currently, when a staff member is granted access by the system admin, they have full administrative rights to the portal, this includes memberships, events and web content. There are ve primary functions staff need to perform for members: I The secretary requires full access to the membership database to update, approve and manage members. I The secretary is responsible for sending out all member communications, i.e., emails via the mailing list, upcoming events. I The events manager needs access to the events system to manage dance club events such as competitions and shows. I Test convener is responsible for the dance test events system but does not need access to all events, i.e. dance competitions. I Two staff members are assigned the task of updating dance club news each month. All Stars Dance would like an Information Security professional to conduct a risk assessment and produce a suitable data classication schema. Task: To do this you will need to determine the information assets and create a classication scheme for the information currently held. Using this classication, you can then report on the vulnerabilities and countermeasures that should be in place. Step 1: Categorise and identify the information assets Step 2: Classify the information assets. This will involve the creation of a classication schema. Step 3: Prioritise the information assets. This will involve a weighted factor analysis. Step 4: Analyses the threats and vulnerabilities for each asset to determine the likelihood and impact scale Step 5: create a risk rating for each asset (likelihood x impact) Step 6: recommend countermeasures for each threat;r vulnerability Note: the order of the above steps is not important You should consider the types of information that needs protecting and risks associated with it, i.e., staff members, dance club members, polices or any other media types etc. Your assignment should contain: 0 Information assets (no less than 20} o Classication schema appropriate for scenario and applied to information assets 0 Weighted factor analysis 0 Threats to information assets

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Quantitative Credit Portfolio Management

Authors: Arik Ben Do, Lev Dynkin, Jay Hyman, Bruce D. Phelps

1st Edition

1118117697, 978-1118117699

More Books

Students also viewed these General Management questions

Question

7 How can a culture encourage ethical (or unethical) behaviour?

Answered: 1 week ago