Order
Toll-free 24/7:
+1 763-309-4299
Order

Lab

Author:
February 19th, 2023

Lab 1: How to Identify Threats & Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization from a risk assessment perspective Prioritize the identified critical, major, and minor risks, threats, and software vulnerabilities found throughout the seven domains of a typical IT infrastructure Required Setup and Tools This is a paper-based lab and does not require the use of the ISS “mock” IT infrastructure or virtualized server farm. The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for this lab. Students will need access to Lab #1 – Assessment Worksheet Part A (a list of 21 risks, threats, and vulnerabilities commonly found in an IT infrastructure) and must identify which of the seven domains of a typical IT infrastructure the risk, threat, or vulnerability impacts. In addition, Microsoft Word is a required tool for the student to craft an executive summary for management summarizing the findings and alignment of the identified risks, threats, and vulnerabilities that were found. Recommended Procedures Lab #1 – Student Steps: Student steps needed to perform Lab #1 – Identify Threats and Vulnerabilities in an IT Infrastructure: Connect your removable hard drive or USB hard drive to a classroom workstation. Boot up your classroom workstation and DHCP for an IP host address. Login to your classroom workstation and enable Microsoft Word. Review Figure 1 – Seven Domains of a Typical IT Infrastructure. Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All Rights Reserved. -3- Current Version Date: 05/30/2011 Student Lab Manual Discuss how risk can impact each of the seven domains of a typical IT infrastructure: User, Workstation, LAN, LAN-to-WAN, WAN, Remote Access, Systems/Applications Domains. Work on Lab #1 – Assessment Worksheet Part A. Part A is a matching exercise that requires the students to align the risk, threat, or vulnerability with one of the seven domains of a typical IT infrastructure where there is a risk impact or risk factor to consider. Students may work in small groups of two or three. Have the students perform Lab #1 – Assessment Worksheet Answer Lab #1 – Assessment Questions and submit. Figure 1 – Seven Domains of a Typical IT Infrastructure Deliverables Upon completion of Lab #1 – Identify Threats and Vulnerabilities in an IT Infrastructure, students are required to provide the following deliverables as part of this lab: Lab #1 – Assessment Worksheet Part A. Identification and mapping of 21 risks, threats, and vulnerabilities to the seven domains of a typical IT infrastructure Lab #1 – Assessment Questions and Answers Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All Rights Reserved. -4- Current Version Date: 05/30/2011 Student Lab Manual Evaluation Criteria and Rubrics The following are the evaluation criteria and rubrics for Lab #1 that the students must perform: Was the student able to identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure? – [ 25%] Was the student able to align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure accurately? – [ 25%] Given a scenario in Part A, was the student able to prioritize risks, threats, and vulnerabilities based on their risk impact to the organization? – [ 25%] Was the student able to prioritize the identified critical, major, and minor risks, threats, and software vulnerabilities? – [ 25%] Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -5- Student Lab Manual Lab #1: Assessment WorksheetPart A – List of Risks, Threats, and Vulnerabilities Commonly Found in an IT Infrastructure Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________ Overview The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted by the risk, threat, or vulnerability. Risk – Threat – Vulnerability Unauthorized access from public Internet User destroys data in application and deletes all files Hacker penetrates your IT infrastructure and gains access to your internal network Intra-office employee romance gone bad Fire destroys primary data center Communication circuit outages Workstation OS has a known software vulnerability Unauthorized access to organization owned Workstations Loss of production data Denial of service attack on organization e-mail Server Primary Domain Impacted Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -6- Student Lab Manual Risk – Threat – Vulnerability Remote communications from home office LAN server OS has a known software vulnerability User downloads an unknown e –mail attachment Workstation browser has software vulnerability Service provider has a major network outage Weak ingress/egress traffic filtering degrades Performance User inserts CDs and USB hard drives with personal photos, music, and videos on organization owned computers VPN tunneling between remote computer and ingress/egress router WLAN access points are needed for LAN connectivity within a warehouse Need to prevent rogue users from unauthorized WLAN access Primary Domain Impacted Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -7- Student Lab Manual Lab #1: Assessment WorksheetIdentify Threats and Vulnerabilities in an IT Infrastructure Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________ Overview One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective. Lab Assessment Questions Given the scenario of a healthcare organization, answer the following Lab #1 assessment questions from a risk management perspective: Healthcare organizations are under strict compliance to HIPPA privacy requirements which require that an organization have proper security controls for handling personal healthcare information (PHI) privacy data. This includes security controls for the IT infrastructure handling PHI privacy data. Which one of the listed risks, threats, or vulnerabilities can violate HIPPA privacy requirements? List one and justify your answer in one or two sentences. How many threats and vulnerabilities did you find that impacted risk within each of the seven domains of a typical IT infrastructure? User Domain: Workstation Domain: LAN Domain: LAN-to-WAN Domain: WAN Domain: Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All Rights Reserved. -8- Current Version Date: 05/30/2011 Student Lab Manual Remote Access Domain: Systems/Application Domain: Which domain(s) had the greatest number of risks, threats, and vulnerabilities? What is the risk impact or risk factor (critical, major, minor) that you would qualitatively assign to the risks, threats, and vulnerabilities you identified for the LAN-to-WAN Domain for the healthcare and HIPPA compliance scenario? Of the three Systems/Application Domain risks, threats, and vulnerabilities identified, which one requires a disaster recovery plan and business continuity plan to maintain continued operations during a catastrophic outage? Which domain represents the greatest risk and uncertainty to an organization? Which domain requires stringent access controls and encryption for connectivity to corporate resources from home? Which domain requires annual security awareness training and employee background checks for sensitive positions to help mitigate risk from employee sabotage? Which domains need software vulnerability assessments to mitigate risk from software vulnerabilities? Which domain requires AUPs to minimize unnecessary User initiated Internet traffic and can be monitored and controlled by web content filters? Copyright © 2013 Jones & Bartlett Learning, LLC, an Ascend Learning Company Current Version Date: 05/30/2011 www.jblearning.com All Rights Reserved. -9- Student Lab Manual In which domain do you implement web content filters? If you implement a wireless LAN (WLAN) to support connectivity for laptops in the Workstation Domain, which domain does WLAN fall within? A bank under Gramm-Leach-Bliley-Act (GLBA) for protecting customer privacy has just implemented their online banking solution allowing customers to access their accounts and perform transactions via their computer or PDA device. Online banking servers and their public Internet hosting would fall within which domains of security responsibility? Customers that conduct online banking using their laptop or personal computer must use HTTPS:, the secure and encrypted version of HTTP: browser communications. HTTPS:// encrypts webpage data inputs and data through the public Internet and decrypts that webpage and data once displayed on your browser. True or False. Explain how a layered security strategy throughout the 7-domains of a typical IT infrastructure can help mitigate risk exposure for loss of privacy data or confidential data from the Systems/Application Domain. SUBMIT ONLY YOUR 15 ASSESSMENT QUESTIONS AND RESPONSES FOR GRADING

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with Homework Mules
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Psychology
I requested a revision and it was returned in less than 24 hours. Great job!
Customer 452467, November 15th, 2020
Finance
Thank you very much!! I should definitely pass my class now. I appreciate you!!
Customer 452591, June 18th, 2022
Business Studies
Great paper thanks!
Customer 452543, January 23rd, 2023
Accounting
Thank you for your help. I made a few minor adjustments to the paper but overall it was good.
Customer 452591, November 11th, 2021
Psychology
Thank you. I will forward critique once I receive it.
Customer 452467, July 25th, 2020
Political science
Thank you!
Customer 452701, February 12th, 2023
Education
Thank you so much, Reaserch writer. you are so helpfull. I appreciate all the hard works. See you.
Customer 452701, February 12th, 2023
Political science
I like the way it is organized, summarizes the main point, and compare the two articles. Thank you!
Customer 452701, February 12th, 2023
Technology
Thank you for your work
Customer 452551, October 22nd, 2021
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Show more
<
Live Chat 1 7633094299EmailWhatsApp

Order your essay today and save 15% with the discount code WELCOME

Order Now