One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.
Lab Assessment Questions & Answers
The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted by the risk, threat, or vulnerability.
Of the listed risks, threats, and vulnerabilities identified in the table above, which one requires a disaster recovery plan and business continuity plan to maintain continued operations during a catastrophic outage?
Which domain represents the greatest risk and uncertainty to an organization?
Which domain requires stringent access controls and encryption for connectivity to corporate resources from home?
Which domain requires annual security awareness training and employee background checks for sensitive positions to help mitigate risk from employee sabotage?
Which domains need software vulnerability assessments to mitigate risk from software vulnerabilities?
Which domain requires AUPs to minimize unnecessary User initiated Internet traffic and can be monitored and controlled by web content filters?
Комментариев нет:
Отправить комментарий