B907EADC-9B4B-4352-BCA4-1DDEA2104BE1

Ngd Ngoc Tri Anh — SE140023 Weak ingress/egress traffic filtering degrades performance LAN / WAN Domain User inserts CDs and USB hard drives with personal photos, music, and videos on organization owned computers User Domain VPN tunneling between remote computer and ingress/egress router Remote Access Domain LAN Domain WLAN access points are needed for LAN connectivity within a warehouse Need to prevent rogue users from unauthorized LAN Domain WLAN access Part B - List of Risks, Threats, and Vulnerabilities Commonly Found in an IT Infrastructure Risk = Threat — Vulnerability Policy Definition Required Unauthorized access from public Internet Access Control Policy Definition User destroys data in application and deletes all files Mandated Security Awareness Training Policy Definition Hacker penetrates your IT infrastructure and gains access to your internal network Data Classification Standard & Encryption Policy Definition Intra-office employee romance gone bad Business Continuity — Business Impact Analysis (BIAti Policy Definition Fire destroys primary data center Business Continuity & Disaster Recovery Policy Definition Communication circuit outages Business Continuity & Disaster Recovery Policy Definition Workstation OS has a known software vulnerability Vulnerability Management & Vulnerability Window Policy Definition Unauthorized access to organization-owned Workstations Data Classification Standard & Encryption Policy Definition Loss of production data Production Data Back-up Policy Definition Denial of service attack on organization e-mail server Mandated Security Awareness Training Policy Definition Remote communications from home office Remote Access Policy Definition LAN server OS has a known software vulnerability Vulnerability Management & Vulnerability Window Policy Definition User downloads an unknown e —mail attachment Acceptable Use Policy Workstation browser has software vulnerability Vulnerability Management & Vulnerability Window Policy Definition