Lab 1: How to Identify Threats & Vulnerabilities in an IT Infrastructure
Learning Objectives and Outcomes
Upon completing this lab, students will be able to:
Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure
Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure
Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization from a risk assessment perspective
Prioritize the identified critical, major, and minor risks, threats, and software vulnerabilities found throughout the seven domains of a typical IT infrastructure
Required Setup and Tools
This is a paper-based lab and does not require the use of the ISS "mock" IT infrastructure or virtualized server farm.
The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for this lab. Students will need access to Lab #1 - Assessment Worksheet Part A (a list of 21 risks, threats, and vulnerabilities commonly found in an IT infrastructure) and must identify which of the seven domains of a typical IT infrastructure the risk, threat, or vulnerability impacts.
In addition, Microsoft Word is a required tool for the student to craft an executive summary for management summarizing the findings and alignment of the identified risks, threats, and vulnerabilities that were found.