CYB 410 Module Three Activity Worksheet_JazmineWade
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
410
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
2
Uploaded by BarristerExploration6300
CYB 410 Module Three Activity Worksheet
Responding to Risk
Scenario One
1.
What type of risk do you identify in this scenario?
a.
Security Risk
2.
How does your identified risk impact the organization?
a.
Giving free access to USB ports increases the chances of malware infection or unauthorized data storage via the USB which could jeopardize the organization
3.
How would you rate the probability and impact on a scale of low, medium, and high?
a.
Medium – Gap in policy permitting risky behavior, but may be of low risk if employees have awareness and training. The consequences could result in data breaches and compromise but is something that can be restored.
4.
What do you need to be successful in minimizing the risk?
a.
Update policies restricting access to USB ports on workstations unless the device has been authorized.
Scenario Two
1.
What type of risk do you identify in this scenario?
a.
Data Management Risk
2.
How does your identified risk impact the organization?
a.
Poor data retention policies with limited storage space poses a threat of data loss and compliance violations
3.
How would you rate the probability and impact on a scale of low, medium, and high?
a.
High, the company is already experiencing this issue and without proper policy or budget for storage, deletion becomes the only option. Data loss can result in legal ramifications, and business operation disruption, which is heavily impacting to an organization. 4.
What do you need to be successful in minimizing the risk?
a.
Develop and implement a data retention policy prioritizing critical data, and create a budget to maintain storage and acquire additional storage if needed. Scenario Three
1.
What type of risk do you identify in this scenario?
a.
Physical Security
1
2.
How does your identified risk impact the organization?
a.
Leaving a door open compromises, the security of the server room, increasing the risk of unauthorized access, theft, or tampering. 3.
How would you rate the probability and impact on a scale of low, medium, and high? a.
Medium- there are already security protocols in place in order to access the room (Key card access),but this specific incident increases the chances of unauthorized access. Unauthorized access to the server room can lead to a data breach, or asset loss which negatively impacts the organization.
4.
What do you need to be successful in minimizing the risk?
a.
Immediately address the issue and continue raising awareness about keeping the server room door locked at all times. Overall View (Scenarios One, Two, and Three)
1.
What is your implementation strategy on a 30/60/90-day time line?
a.
30 Days – Update the BYOD policy to ensure there is no unauthorized use of the USB ports, provide communication throughout the organization, and continue planning for data retention development.
b.
60 Days – Beginning plan for the implementation of the data retention policy, prioritize budge for additional storage and begin archiving or deleting “old” data. Reiterate physical security protocols and offer awareness training. c.
90 Days – Implement data retention policy and storage upgrades. Conduct audit and testing to ensure policy adherence. Make adjustments based on feedback. 2
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help