ITT 340 Topic 3 DQ2

docx

School

Grand Canyon University *

*We aren’t endorsed by this school

Course

340

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

1

Uploaded by PeanutButterEater102

Report
Discuss the importance of vulnerability assessment and risk remediation. Research the methods used by security practitioners to calculate risk, document your research. How can these calculations be used to reduce the effects of vulnerabilities on an organization? Hello professor and class, A vulnerability test and risk remediation is important in every organization as cybersecurity threats are on the rise, making it important to identify loopholes and security risks a hacker could use to gain unauthorized network access. A vulnerability test can also be beneficial for a company to meet HIPAA guidelines, protecting patient data including addresses, credit card information, contact information, and information about the organization. There are many different ways a security practitioner can use to perform an assessment and calculate the risk to the organization. There is a host-based scanner that operate locating weaknesses in servers, workstations and other network hosts that a hacker could exploit to gain access to the network. There are also wireless scanners that search for rogue access points and make sure the organizations network is secure. An application scanner can be used to check websites for vulnerabilities and determine if any configurations need to be changed. A database scanner can check for weaknesses in the database a hacker could use to expose the data held within. There are external scans where the tester finds vulnerabilities from outside the network such as open ports, web applications, networks, etc. The last scan is an internal vulnerability scan that detects issues like disgruntled employees that could pose insider threats, malware that has made it to the network, or weaknesses a colleague could exploit that has successfully infiltrated the network. When these scans and tests are completed the tester will present the organization with a detailed report, often referred to as a cybersecurity risk assessment. This report will list how the tester accessed the network with the vulnerability, what data is at risk, and what the cost and the amount of time to patch or fix the weakness. Many times the organization will decline to make fixes for these reasons which is why over 60 percent of companies experience an attack and attacks happen every 11 seconds (IT Governance USA INC, n.d.). References Balbix. (2022, May 9). Vulnerability scanners and scanning tools: What to know. https://www.balbix.com/insights/what-to-know-about-vulnerability-scanning-and-tools/#:~:text=Host %2Dbased%20scanners,patch%20history%20of%20scanned%20systems IT Governance USA INC. (n.d.). Cybersecurity: A global priority and career opportunity. https://ung.edu/continuing-education/news-and-media/cybersecurity.php UNG: University of North Georgia. (n.d.). Cybersecurity: A global priority and career opportunity. https://ung.edu/continuing-education/news-and-media/cybersecurity.php
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Cyber OPS Lab1.docx
PRESENTATION.pptx
Terrorism.docx
gargshikha_902652_53810651_HW10 2850.05.pdf
Draft.docx
HOSP 1410 Chp 4 PPT LL (1).ppt
POOJITHA FINAL PROJECT.docx
List 3 examples for environmental sustainability that applies to physical assets and outline the env
817846.docx
Read and Respond to project 4.docx
Untitled document.edited - 2023-11-14T100606.176.docx
Server 2019 Users and Groups and NTFS Permissions.docx