How do you rationalize assigning a risk impact/factor to an identified risk, threat, or vulnerability?
How do you prioritize similar risk impact/factor values of identified risks? How do you determine which "1" to prioritize? Why would you prioritize a "2" over a "1"?
Identify a risk-mitigation solution for each of the following risk factors. Provide a URL to support your solution
A user clicks on a phishing email
A computer is running an out-of-date OS
A publicly accessible wireless hotspot.
Inefficient firewall rules impact network performance
DDoS attack from outside the U.S.
Remote access from geographically distributed employees
Someone spilling a beverage on a server