Complete the matrix to determine requirements for the policy
Complete the matrix to determine requirements for the policy. Review page 28, table 4.2 to understand how to complete a matrix. Complete the matrix on page 27, table 4.1 based on the scenario below. Fill in the type of threat/vulnerability and your recommendation to correct the threat/vulnerability. Scenario In the organization, there is an insider threat. The employee who is the threat has been discussing a perceived vulnerability in the system. Many of the employees believe this vulnerability in the system and are attempting to create a patch. The insider threat employee has created malware in the system separate from the alleged vulnerability. While the technical team is searching for a vulnerability, the malware is traveling through the system disrupting all network traffic. What is the issue? Identify the threats and vulnerabilities in the matrix for this scenario. Also, identify the resolutions and solutions. Separate the issues from the solutions in a table with two columns and submit to your assignment folder. The issues are provided in Table 1. You will create resolutions/solutions for the threat or vulnerability below.
Physical
Cyber
Human/Social
Enabling Infrastructure
Attributes
Hardware (data storage, input/output, clients, servers), network and communications, locality
Software, data, information, knowledge
Staff, command, management, policies, procedures, training, authentication
Ship, building, power, water, air, environment
Singularity
Uniqueness
Centrality
Homogeneity
Separability
Logic/ implementation errors; fallibility
Design sensitivity/ fragility/limits/ finiteness
Unrecoverability
Behavioral sensitivity, fragility
Malevolence
Rigidity
Malleability
Gullibility/ deceivability/naiveté
Complacency
Corruptibility/ controllability
Accessible/ detectable/ identifiable/ transparent/ interceptable
Hard to manage or control
Self-unawareness and unpredictability
Predictability
0 comments:
Post a Comment