The case study company provided a situation in which threats pose a real risk to the infrastructure. The company assets are not well-protected, and they all share a common network. Little additional security mechanisms are in place other than the demilitarized zone (DMZ). What are typical information security (IS) assets that are used by such a company, and what risks exist in the current model? What will adding a flexible solution for the consultants to connect to the network do to this risk model? What are some safeguards that can be implemented to reduce the risk?The tasks for this assignment are to identify the major applications and resources that are used by the company. Then, for each application, review the security threats that the company now faces and could face after the expansion. Describe how you can test for the presence of these (or new) risks? Provide a discussion about an approach that you will take after the risk assessment is complete to address the identified risks.Create the following section for Week 2:Week 2: Security AssessmentA description of typical assetsA discussion about the current risks in the organization with no network segregation to each of the assetsA discussion about specific risks that the new consultant network will createDetails on how you will test for risk and conduct a security assessmentA discussion on risk mitigationWorked ExamplePlease refer to the following worked example of this assignment based on the problem-based learning (PBL) scenario. The worked example is not intended to be a complete example of the assignment, but it will illustrate the basic concepts that are required for completion of the assignment, and it can be used as a general guideline for your own project. Your assignment submission should be more detailed and specific, and it should reflect your own approach to the assignment rather than just following the same outline.

Target, a large US retailer headquartered in Minneapolis, suffered a massive data breach in 2013 that compromised some 40 million customer debit and credit cards, as well as personal information of an additional 70 million customers (about 20 percent of the US population). Public consternation over this and other data breaches led to accelerated deployment of chip-embedded (EMV) credit cards; renewed appreciation of the need for network segmentation, third-party oversight, and logging analytics; dismissal of key corporate executives; damaged company stock market performance; and a call for better sharing of cyberthreat intelligence.Task Description Review the links below and other Internet sources on the Target data breach. Also research ways in which remote access by third parties into an organization's network resources can be contained. Develop an attack tree diagram to describe the possible exploits that could have been used to exploit Target's vulnerabilities and highlight the actual attack path used. Write a brief case study analysis that highlights procedures that should be implemented to reduce the probability of future attack via a third party vendor's vulnerability.Michael Kassner (2 February 2015), "Anatomy of the Target Data Breach: Missed Opportunities and Lessons Learned," ZDNet. Retrieved from http://www.zdnet.com/article/anatomy-of-the-target-data-breach-missed-opportunities-and-lessons-learned/.Anthony Wing Kosner (17 January 2014), "Researchers Report Exact Timeline Of Massive Target Data Breach," Forbes. Retrieved from http://www.forbes.com/sites/anthonykosner/2014/01/17/researchers-report-exact-timeline-of-massive-target-data-breach/#66c1669d58aa.Michael Riley, Ben Elgin, Dune Lawrence, and Carol Matlack (13 March 2014), "Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It," Bloomberg Business. Retrieved from http://www.bloomberg.com/news/articles/2014-03-13/target-missed-warnings-in-epic-hack-of-credit-card-data. ****** 4 -5 PAGES IN APA, ABSTRACT AND A CONCLUSION WITH A REFERENCE PAGE AND 3-4 REFERENCES WITH A REFERENCE PAGE*******