DHN1: Secure Network Design Company A Risk Analysis

Company A Risk Analysis

Company A performed an internal risk analysis in anticipation of system integration with Company B. This risk analysis was performed in accordance with NIST SP 800-30 Rev 1 to identify the following:

• vulnerabilities

• risk likelihood

Table A. Risk Classifications

Risk Level

Description

High

The loss of confidentiality, integrity, or availability may be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

Moderate

The loss of confidentiality, integrity, or availability may be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.

Low

The loss of confidentiality, integrity, or availability may be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.

Table B. Data Sensitivity

Type of Data

Sensitivity

Confidentiality

Integrity

Availability

Customer PII (e.g., Account Numbers, Social Security Numbers, and Phone Numbers)

High

High

Moderate

Employee PII (e.g., Social Security Numbers and Employee Identification Numbers)

High

High

Moderate

Company intellectual property (e.g., credit scoring calculations)

High

High

Moderate

Marketing and advertising

Moderate

Moderate

Low

Table C. System Inventory

System Components

Servers

Windows server 2019; role: internal SharePoint server

Windows server 2019; role: Exchange server

Windows server 2012; role: Application server

Windows server 2012R2; File server

DMZ Windows server 2012; role: FTP and external Web Server

Workstations

75 – Windows 10 Pro

20 – configured for remote desktop access

Switches

4 – Cisco 3750X

Firewall

Fortinet’s Fortigate 800D NGFW

Border router

Cisco 7600

Laptops

14 – Windows 7

6 – Windows 11

Wireless Access Points

2 – Meraki MR28

Cable plant

Cat5e

Table D. Risk Identification

Risk #

Vulnerability

Risk Likelihood

1

Open ports 21-90, 3389

High

2

All users use eight-character passwords

High

3

User accounts no longer required are not removed

Moderate

4

All users have local administrative privileges

Moderate

5

Regular password changes are not enforced

Moderate

6

End-of-Life Equipment in use

Low

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.