For this activity, you will play the Agent Surefire: InfoSec game, which is an extension of the risk assessment project (final project) scenario.
Access the game on the Jones & Bartlett Learning website.
You should discover, assess, and describe at least seven security vulnerabilities within the virtual environment. Correctly categorize each vulnerability based on the methods specified in the game. The virtual environment should be viewed as part of the system described in your final project.
Detailed instructions will be provided once you access the game. This can be expected to take about 45 minutes to an hour. You are not required to play the game to its conclusion (although you might want to!). The purpose of this game play is to discover physical vulnerabilities that you can use for your final project.
1) (vulnerability category #1). Cabinet and drawers left unlocked and/or their keys unsecured (even if they are empty).
What example of this vulnerability category did you find?
2) (vulnerability category #2). Documents and media containing business information left unconcealed and/or unsecured.
What example of this vulnerability category did you find?
3) (Mandatory - vulnerability category #3). Documents or media with employee, client or partner information left unconcealed and unsecured.
What example of this vulnerability category did you find?
Give details: Which workstation did you find it? Can you identify the person the desk belongs to? What could be done to prevent this?
4) (vulnerability category #4). Improper disposal of documents containing sensitive information.
What example of this vulnerability category did you find?
5) (vulnerability category #5). Leaving the computer terminals or password-protected software running and unlocked.
What example of this vulnerability category did you find?
6) (vulnerability category #6). Leaving password protected software and running and unlocked
What example of this vulnerability category did you find?
7) (Mandatory - vulnerability category #7). Unconcealed PIN numbers and passwords
What example of this vulnerability category did you find?
Give details: Which workstation did you find it? Can you identify the person the desk belongs to? What could be done to prevent this?
8) (vulnerability category #8). Using predictable PIN numbers to access Voicemail
What example of this vulnerability category did you find?
9) (Mandatory - vulnerability category #9). Portable hardware left unattended, which if stolen would result in material, financial and strategic losses
What example of this vulnerability category did you find?
Give details: Which workstation did you find it? Can you identify the person the desk belongs to? What could be done to prevent this?
10) (vulnerability category #10). Possession and/or use of software and/or storage media that management deems illegal and unsafe.
What example of this vulnerability category did you find?
Attachment:- Security Risk Analysis.rar