Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Using the information provided in the below case study, identify the areas of potential concern and what recommendations you must address. The scan results provided

Using the information provided in the below case study, identify the areas of potential concern and what recommendations you must address.

The scan results provided is from a server found in a University Research Department. A researcher asked for this asset to be reviewed for their project. The project is dealing with COVID samples to produce a vaccine. It is safe to assume omitted technical aspects, but assumptions should be mentioned in the discussion with the screening committee before recommendations are provided.

The response back to the screening committee should be a written response, similar to what would be sent to the researcher. This written response should be submitted back to the screening committee. Once the written response is submitted, in the 30-minute virtual meeting, you will need to present your findings to a wide array of technical and non-technical people. You may choose any method of how you deliver these findings and your response. The roles that will be present in the virtual meeting are as follows: Departmental member in charge of all IT Risk for the department (Risk Executive), a department IT Manager, a Research Principal Investigator, and an IT Systems Engineer. For each role, please consider the following areas to focus on while drafting a response:

Scan Results: A) Ports: TCP/UDP 137-139 Open to Internet for Server B023AQ TCP 80 Open to Internet for Server B023AQ TCP 443 Open to Internet for Server B023AQ TCP 1433-1434 Open to Internet for Server B023AQ TPC/UDP 3389 Open to all workstations

B) All employees are allowed to RDP to their workstations from anywhere off site C) All servers are in a single rack in one data center. No provisions are available to replace the hardware in a disaster (unless insurance can cover the costs). No alternate site is available to relocate employees after a disaster. D) There is no documentation regarding the logging requirements for any systems. Question: Defining cost benefit, difficulty to address change (amount of work), policy compliance, etc.?

Time to immediately remediate and then on-going actions needed. Cost of service or hardware to remediate?

What is needed to mitigate risks such as creating Policy and Procedures?

What are the Technical changes and the need to make this recurring or to provide updates?

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Successful Project Management

Authors: Jack Gido, Jim Clements

4th Edition

9780324656152, 324656130, 978-0324656138

More Books

Students also viewed these General Management questions

Question

18. What is physical security and why is it important?

Answered: 1 week ago

Question

26. What is a NAT firewall and how does it work?

Answered: 1 week ago

Question

22. Describe how an ANI modem works.

Answered: 1 week ago