CIS333 Week 8 Assignment 2 – Identifying Potential Risk Response and Recovery

Question: #127

CIS 333 Week 8 Assignment 2

Identifying Potential Risk, Response and Recovery

In Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities, you were recently hired as an Information Security Engineer for a videogame development company. After viewing a growing number of reports detailing malicious activity, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. He asked you to include a brief explanation of each item and the potential impact it could have on the organization. After review of your report, the CIO requests that you develop a follow-up plan developing a strategy for dealing with all risks (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance) identified in

Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk previously identified.

Write a four to five (4-5) page paper in which you:

1. For each malicious attack and threat identified in Assignment 1, choose a strategy for dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance).

2. For each malicious attack and threat identified in Assignment 1, develop controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk.

3. For each vulnerability identified in Assignment 1, choose a strategy for dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance).

4. For each vulnerability identified in Assignment 1, develop controls (i.e., administrative, preventative, detective, and corrective) that will be used to mitigate each risk.

Solution: #7731

Identifying Potential Risk Response and Recovery

Identifying ...