assistance

User Generated

uraerl

Writing

Description

Table_I5_Adversarial_risk.docx 

Table_I7_Non_Adversarial_risk.docx 

The Risk Assessment case study will use NIST Special Publication 800-30 (available at

http://csrc.nist.gov/publications/drafts/800-30-rev1/SP800-30-Rev1-ipd.pdf) as the basis for performing a risk assessment of selected computing systems. Using the charts attached take the information wherein the information system for assessment which is initially populated on the Tables from the NIST SP800-30, the intent is the creation and population of your adversarial and a non-adversarial risk assessment patterned after the tables provided using the NIST SP 800-30 – this means that you should fill out those two templates as a minimum as part of your assessment – and provide discussion and analysis from that assessment. The case study should be between 6 pages long (NOT counting the Cover, tables and Reference pages). The risk assessment will follow a conventional paper format (Cover page, Body of Paper with introduction, risk assessment / discussion / analysis / argument / body, conclusion, and references pages).

Unformatted Attachment Preview

Table I-5 Adversarial Risk Assessment (Library) 2 3 4 5 6 7 8 9 10 Y (1)Information gathering (i)Network Scanning (ii)Network Sniffing (iii)Surveillance system (iv) Internal reconnaissance (2) Phishing Attacks (ii)Email Phishing (ii) Website Phishing (iii) Malware based phishing (DNS poising) (3)Delivery & Installation of Malicious utilities/Viruses (i) Malware installation in Server/systems (ii)Malware o attack internal information system (iii0Malware through USB Drive (4)System exploitation/compromise (5)Conduct An attack (6)System Hacking ,information leakage (7)Coordinated Attacks Risk Y Very High (1)Individuals Outsider, Insiders, Trusted insider(Employees) Library Wifi users) (2)Organized Groups Establishes, Adhoc Y Y Y Very High (3)Competitors (4)Suppliers Y Y N Very High (5)Partners (6)Users (7)Nation States N N N N N N Y Y Y N Y N High Severity and Pervasiveness Likelihood of Attack Initiation Intent Y Relevance Threat Sources Capability Threat Event Targeting Characteristics Vulnerabilities and Predisposing Conditions (1)Open Ports, Unnecessary software, Services (2)Poor Users/Employees awareness No Email usage Policy Antivirus Failure Un patched systems (3) No policy implementation related to external media usage and file storage and transfer Low Very High Low High High Very High 12 Level of 13 Risk Impact Low Low Moderate Moderate Very High High High Moderate High (4,5,6,7) Un patched system, No antivirus/ Operating system vulnerabilities Default or easy to guess Passwords (5) No Log monitoring, and incidence response Very High High High Likelihood InitiatedAttack Succeeds Threat Source 11 Overall Likelihood 1 Very High Moderate High Moderate Moderate Moderate Very High Moderate Very High Very High Very High Very High Very High Very High Table I-7 Non Adversarial Risk Assessment Range of Effects Information Leakage/Spill Hardware Equipment Unauthorized/Mishandling Failures of sensitive information Incorrect /Default Incorrect hardware configuration function Power Failures Data transmission contentions Earth Quack Fire (Back up facility) Fire (Main facility) Floods/Heavy Snow Fall Hurricane Windstorm/Tornados Lack of Environmental control Natural or Manmade disasters Unusual Natural events Harm to reputation, High Very High High Legal consequences Service High Disruption High High Leakage of High information High High Service Disruption Low Low High High 6 High Moderate Low Low 7 8 Vulnerabilities and Predisposing Conditions Very Non Classification of High sensitive information Old Hardware Equipment Very or Operating system Very High High Low Authorized users High mishandling the sensitive information High Low Very High Low Mistake of administer High No back of data or non availability o primary facility Very High Moderate Low Moderate Moderate High No business continuity and disaster recovery Planning High High 9 Moderate Low Overall Likelihood Threat Sources 5 Likelihood EventResultsinAdve rseImpact Threat Event 4 Severity andPervasiveness 3 Likelihood ofEventOccurring 2 Relevance 1 High 10 Level of Impact Very High Moderate Very High Low Very HIGH Low High Low Low Moderate High High High Moderate Moderate Low Moderate Low 11 High Risk Very High High High Moderate Moderate Low High Low Low Moderate
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer


Anonymous
This is great! Exactly what I wanted.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags