Sign In
Not register? Register Now!
Essay Available:
Pages:
3 pages/β‰ˆ825 words
Sources:
5 Sources
Style:
MLA
Subject:
Management
Type:
Research Paper
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 17.5
Topic:

Differences in Threat, Vulnerability, and Exploit Assessments for Information Systems

Research Paper Instructions:

Brief Overview
There are multiple ways to bring threats and vulnerabilities to light. Common practices and lessons learned can help us explore for known or common threats.
Instructions:
Write a 3–4 page paper answering the following:
1.) Explain the differences in threat, vulnerability, and exploit assessments for information systems and define at least two tools or methods to perform each type.
Helpful Note: (Thoroughly explains the differences in threat, vulnerability, and exploit assessments for information systems, including definitions of at least two tools or methods to perform each type.)
2.) Describe at least two tools or methods used to implement both physical and logical security controls (four in total), then identify the type of security personnel that would be used to implement each and discuss their roles and responsibilities.
Helpful Note: (Thoroughly describes at least two tools or methods used to implement physical security controls and two tools or methods for logical security controls, including the type of security personnel needed to implement each as well as their roles and responsibilities.)
3.) Describe three considerations when translating a risk assessment into a risk mitigation plan, then discuss the differences between a risk mitigation plan and a contingency plan.
Helpful Note: (Thoroughly describes three considerations when translating a risk assessment into a risk mitigation plan, including the differences between a risk mitigation plan and a contingency plan.)
4.) Explain the two primary goals to achieve when implementing a risk mitigation plan and discuss the methods of mitigation for common information system risks.
Helpful Note: (Thoroughly explains the two primary goals to achieve when implementing a risk mitigation plan, including methods of mitigation for common information system risks.)
Additional Instructions:
Use at least five quality resources in this paper. Note: Wikipedia and similar websites do not qualify as quality resources.

Research Paper Sample Content Preview:
Student Name
Instructor’s Name
Course Section
Date
Title
Risk management is a strategic approach to anticipating and mitigating the effects of potential threats to a business. Risk management mitigates the adverse effects of risks and disasters on business operations. Cybersecurity threats, natural catastrophes, and other physical or digital threats are imminent hazards to a business. Risk management involves mitigation strategies, and how it is executed varies depending on the organization (Lee 5). There are numerous methods for exposing threats and vulnerabilities, and one’s knowledge of this aspect is essential.
The terms “threat,” “vulnerability,” and “exploit” are frequently vague and mingled; therefore, understanding these words is essential in creating correct safety expectations, focusing on the proper safety matters, implementing the correct safety commands, and making the proper arrangements. Understanding these terms can help security professionals manage risk more effectively.
A vulnerability is any identified and unidentified weak spot, flaw, or mistake in a security system, process, or other entity that a threat agent could exploit to compromise a secure network. Vulnerabilities in information security exist almost anywhere, from hardware devices and infrastructure to operating systems, firmware, applications, modules, drivers, and application programming interfaces (Mantha and de Soto 30). Broken authentication is an example of a vulnerability. When user credentials are disrupted, malicious actors can remotely control user activities and identities and pose as the account owner. Security misconfiguration is another example. Any security system element that attackers can exploit due to a configuration error is considered a security misconfiguration.
A threat is defined as any action that can destabilize, damage, dismantle, or negatively impact an information system. A threat is defined as anything that may jeopardize the privacy and security, authenticity, or accessibility of systems or data. Threats can be intentional or unintentional, originating internally or externally (Hong et al. 48). Threats include phishing and malware. Phishing attacks employ forgery, such as an email, to hoax the receiver into opening it and following the instructions, for example, providing the home address or card numbers. Malware refers to malicious software such as spyware, ransomware, viruses, and worms. Malware is activated when a user clicks on a malicious link or attachment, resulting in the installation of harmful software.
An exploit is a method of exploiting a vulnerability. An exploit could also refer to a tool typically written in source or binary code. The code makes it simple for threat performers to exploit a specific vulnerability, and it frequently grants them unauthorized access to the network, system, application, or others (Jacobs et al. 2). An exploit can take the form of downloading malware, escalating privileges, or data exfiltration.
There are security controls to reduce the risk to the resources (Lee 5). Physical security control restricts access to a company’s or business’s physical environment. Physical security control is done throug...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

πŸ‘€ Other Visitors are Viewing These MLA Research Paper Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now