Geschreven door studenten die geslaagd zijn Direct beschikbaar na je betaling Online lezen of als PDF Verkeerd document? Gratis ruilen 4,6 TrustPilot
logo-home
Eerder door jou gezocht
Eerder door jou gezocht
logo
  • Central Washington University
  • IT438 - IT Risk Management (IT438)
Om documenten op je verlanglijstje te zetten, moet je ingelogd zijn
Scriptie

IT Security Risk Assessment

Beoordeling
4.3
(4)
Verkocht
2
Pagina's
47
Geüpload op
11-12-2018
Geschreven in
2018/2019

This particular assignment is the cumulative project which deals with assessing risk within an organization in an information technology environment. This report explains the assessment of different areas (risks) of concern and an analysis of those risks. It gives an idea of what a risk assessment looks like in the real world. When I have written this 10 page report, it was a massive and a very intense project. I have spent 13 hours a day for 8 days straight working on this analysis report, but in the end, I have receive a 74 out of 75 points on this project.

Meer zien Lees minder
Instelling
Central Washington University
Vak
IT438 - IT Risk Management (IT438)

Voorbeeld van de inhoud

Port of Seattle IT Security Risk Assessment

Joseph Sanchez
Central Washington University


December 4, 2018





,Table of Contents
Executie Summary.....................................................................................................................................4
Oieriiew of Assessment..........................................................................................................................4
Identied Risks and Common Risk hndemes..............................................................................................4
Summary of Proposed Mitiaton Actiites.............................................................................................4
Risk Assessment Report...............................................................................................................................4
Oieriiew of Risk Assessment..................................................................................................................5
Risk Measurement Criteria......................................................................................................................5
Scope of Assessment...............................................................................................................................6
Security Controls Assessed......................................................................................................................6
Areas of Concern (or Risks)......................................................................................................................8
Disiruntled employee may access and release employee’s account informaton..............................8
Hacker iain access to employee’s account informaton.....................................................................9
An intruder could iain access to an access panel at tde kiosk macdine..............................................9
An intruder interceptni tde Wi-Fi siinal to obtain informaton.......................................................10
A tdief iainini access to tde locked container...................................................................................12
Risk Heat Map....................................................................................................................................13
Risk Mitiaton.......................................................................................................................................14
Risks to Accept...................................................................................................................................14
Risks to Defer.....................................................................................................................................14
Risks to hnransfer................................................................................................................................14
Risks to Mitiate................................................................................................................................14
Reference List............................................................................................................................................18
Octaie Alleiro Worksdeets.......................................................................................................................19
Worksdeet 1..............................................................................................................................................19
Worksdeet 2..............................................................................................................................................20
Worksdeet 3..............................................................................................................................................21
Worksdeet 4..............................................................................................................................................22
Worksdeet 5..............................................................................................................................................23
Worksdeet 6..............................................................................................................................................24
Worksdeet 7..............................................................................................................................................25
Worksdeet 8..............................................................................................................................................26

,Worksdeet 9a............................................................................................................................................28
Worksdeet 9b............................................................................................................................................30
Worksdeet 9c.............................................................................................................................................32
Worksdeet 10............................................................................................................................................34
Worksdeet 10............................................................................................................................................36
Worksdeet 10............................................................................................................................................38
Worksdeet 10............................................................................................................................................40
Worksdeet 10............................................................................................................................................43
Octaie Alleiro Questonnaires..................................................................................................................46

, Executive Summary
Overview of Assessment
When the assessment took place, I interviewed Oscar Segura who works for Port of Seattle.
During our interview, the information asset we assessed was employee account information. The
assessment took place on November 7, 2018. The purpose of assessing employees’ account
information was to see what are the chances that the employee’s account information would be
compromised.

Identified Risks and Common Risk Themes
There were some area of concerns that I have discovered while the assessment was in-progress.
One of those concerns was a disgruntled employee may release an employee’s account
information. Other areas that were also a concern was a hacker may gain access to employee’s
account information in the following ways. An intruder could gain access to the access panel on
the parking garage fare kiosk and plug a hacking device such as a keyboard or a flash drive. The
Wi-Fi connection from the internal network to the parking garage fare kiosk machine could be
intercepted by an unauthorized individual. Finally, an unauthorized individual could access the
room where the locked containers are stored.
These are the different risk areas that I found within my assessment at the Port of Seattle.

Summary of Proposed Mitigation Activities
The common thing to do when you are mitigating risks is to first start with the basic assessment.
A basic assessment can be something like evaluating the systems settings that has been set by
default; such as a type of encryption, is the computer’s hard drive encryption enabled or
disabled, internet security settings configured or not, etc. these are the general things that would
need to be examined before deciding which security controls to implement to the computer
system.
The proposed mitigation methods are dependent on the area of concerns and findings that were
found during the assessment. For example, an intruder using Wi-Fi to try to obtain information
from the kiosk machine is an area of concern. So, this is the area that will be assessed and
findings that were found would be the evidence to determine which security control would be
appropriate to implement that will resolve this area of concern. Generally, you would first figure
out what basic security controls are in place and possible vulnerabilities that may occur when
evaluating computer system and its infrastructure.


Risk Assessment Report
Meld schending auteursrecht

Gekoppeld boek

image
Douglas Landoll The Security Risk Assessment Handbook
  • 2011
  • 9781466509177
  • Onbekend

Geschreven voor

Instelling
Central Washington University
Vak
IT438 - IT Risk Management (IT438)
Alle documenten voor dit vak (3)

Documentinformatie

Geüpload op
11 december 2018
Aantal pagina's
47
Geschreven in
2018/2019
Type
SCRIPTIE
Begeleider(s)
Onbekend
Jaar
2011

Onderwerpen

  • it 430
  • nist
  • iso 27001
  • threat modeling
  • risk analysis
  • cwu
  • it compliance
  • information security
$8.99
Krijg toegang tot het volledige document:
Gekocht door 2 studenten
Verkeerd document? Gratis ruilen Binnen 14 dagen na aankoop en voor het downloaden kun je een ander document kiezen. Je kunt het bedrag gewoon opnieuw besteden.
Geschreven door studenten die geslaagd zijn
Direct beschikbaar na je betaling
Online lezen of als PDF
Maak kennis met de verkoper
Seller avatar
De reputatie van een verkoper is gebaseerd op het aantal documenten dat iemand tegen betaling verkocht heeft en de beoordelingen die voor die items ontvangen zijn. Er zijn drie niveau’s te onderscheiden: brons, zilver en goud. Hoe beter de reputatie, hoe meer de kwaliteit van zijn of haar werk te vertrouwen is.
titanium
4.4
(12)

Beoordelingen van geverifieerde kopers

Alle 4 reviews worden weergegeven
5 jaar geleden

5 jaar geleden

6 jaar geleden

6 jaar geleden

4.3

4 beoordelingen

5
2
4
1
3
1
2
0
1
0
Betrouwbare reviews op Stuvia

Alle beoordelingen zijn geschreven door echte Stuvia-gebruikers na geverifieerde aankopen.

Maak kennis met de verkoper

Seller avatar
De reputatie van een verkoper is gebaseerd op het aantal documenten dat iemand tegen betaling verkocht heeft en de beoordelingen die voor die items ontvangen zijn. Er zijn drie niveau’s te onderscheiden: brons, zilver en goud. Hoe beter de reputatie, hoe meer de kwaliteit van zijn of haar werk te vertrouwen is.
titanium Central Washington University
Bekijk profiel
Volgen Je moet ingelogd zijn om studenten of vakken te kunnen volgen
Verkocht
43
Lid sinds
8 jaar
Aantal volgers
32
Documenten
192
Laatst verkocht
2 jaar geleden
IT Emporium: Accelerate Your Technical Success

My name is Joseph, I have a Master's in cybersecurity management and a Graduate Certification in Data Analytics. I also have received my Bachelor's degree in Cybersecurity as well as have obtained several IT certifications. All of the coursework assignments (undergraduate and graduate) have been uploaded to my Stuvia store. The purpose of me sharing my course assignments and study guides is to help other students get a better understanding of the IT-related subject areas that they are pursuing. All study materials I have built contain questions and answers to the courses I have taken. My university degrees are a combination of business and Information Technology. Some of the course study materials are business and administrative management related with two specializations which are cybersecurity and data analytics.

Lees meer Lees minder
4.4

12 beoordelingen

5
7
4
3
3
2
2
0
1
0

Recent door jou bekeken

Thumbnail
Samenvatting
Scheikunde H13
-
1 2025
$ 5.40 Meer info
Thumbnail
Tentamen (uitwerkingen)
WGU C207 OA Practice Questions 2026 | Data-Driven Decision Making Study Guide
-
2026
$ 28.49 Meer info
Thumbnail
Samenvatting
Summary Seminar Auditing
-
2023
$ 6.00 Meer info
Thumbnail
Tentamen (uitwerkingen)
Radioactivity
-
2024
$ 8.49 Meer info
Thumbnail
College aantekeningen
Qualitative Research Lecture Notes
-
2022
$ 7.20 Meer info
Thumbnail
College aantekeningen
Respiratory Systems
-
2021
$ 14.48 Meer info
Thumbnail
Samenvatting
Summary British Civilization
4.0
(1)
8 2019
$ 7.20 Meer info
Thumbnail
Voordeelbundel
PSY 352 Assessments Topic 2-8
-
2025
$ 70.99 Meer info
Thumbnail
Samenvatting
ions
-
2024
$ 8.49 Meer info

Waarom studenten kiezen voor Stuvia

Gemaakt door medestudenten, geverifieerd door reviews

Kwaliteit die je kunt vertrouwen: geschreven door studenten die slaagden en beoordeeld door anderen die dit document gebruikten.

Niet tevreden? Kies een ander document

Geen zorgen! Je kunt voor hetzelfde geld direct een ander document kiezen dat beter past bij wat je zoekt.

Betaal zoals je wilt, start meteen met leren

Geen abonnement, geen verplichtingen. Betaal zoals je gewend bent via iDeal of creditcard en download je PDF-document meteen.

Student with book image

“Gekocht, gedownload en geslaagd. Zo makkelijk kan het dus zijn.”

Alisha Student

Bezig met je bronvermelding?

Maak nauwkeurige citaten in APA, MLA en Harvard met onze gratis bronnengenerator.

Meer weten Bronvermelding maken
Bezig met je bronvermelding?

Veelgestelde vragen