IT Auditing and Security Risk Management Unit
To assist PVSS, your contract has been expanded to also create a risk assessment. In addition, PVSS management has asked for information on the vulnerabilities, threats, and exploits.
In a report of 2-3 pages to PVSS management, include the following:
- Describe the process needed to create a risk assessment.
- What are the vulnerabilities, threats, and exploits? As part of the description of risk assessment, include the definition of these three terms.
- For a typical network environment (that includes an Internet-facing Web Site, a human resources database and application, and development workstations that contain copyrighted material), describe some typical devices or assets and vulnerabilities that might be encountered.
- List and describe at least 4.
Please prepare your report to include the following sections with the given headings and section numbers:
- (1) Abstract
- (2) Process needed to create a risk assessment
- (3) Vulnerabilities, threats, and exploits
- (4) Four typical devices or assets and vulnerabilities that might be encountered
- (5) Conclusion
- (6) References