Sheet1RISK EVENTPROBABILITYIMPACTPros/ConsPROPOSED MITIGATION PLANRISK LEVELRISK DECISIONDevice (laptop, phone) that contains proprietary data is stolen.High huge loss of competitive advantage, bad media exposurepro- might help to discover hidden vulnerabilities in the employees. Cons-employees may oppose mitigation techniquesprevent employees from taking work laptops home. Provide locks for the laptops.highacceptinternal network break-in from outsidemediumdisrupt system, loss of vital datapro-will lead to reduced external attacks once it is solved. Cons- implementation costsuse of firewalls and other network intrusion detection systemsmediumtransfervirus worm or trojan infectionmediumrestoration is needed, productivity losspro-identifies security loopholes allowing for mitigation against them. Cons-yearly cost for antivirusinstall kaspersky antivirus (Grachev, , & Batenin, 2013).mediumacceptsource code stolen by external attacker or insidermediumloss of competitive advantagecons- could lead to corporate espionageuse authorization technique to prevent unauthorised members from accessinglowacceptdenial of service attacksmediumproductivity loss, system restoration might be neededpros- presence of compensation controls will allow for the reassignment of resources to other high risk areas. Cons-could lead to customer lossuse of compensation controls. For example the use of firewallsmediumtransferdata security breach for personal, financial and/or customer datamedium-lowsome amount of bad media exposure, loss of customers, possibility of lawsuitsCons- underestimating this vulnerability could lead to increased breaches and unauthorized accessuse of biometric authentication techniqueslowavoidprolonged IT outagelowhigh disruption, productivity loss, system restorationNAprovide secondary power options e.g. CPUsmediumtransferpirated software, music or movies used within Code Galorelowfines, reputation losspros-there are less chances of unauthorized access to files in the system. Cons-if mitigation technique fails it could be detrimentalblocking of certain websiteslowacceptattack against others initiated by Code Galore employeelownegative media exposure, fines, lawsuitscons-possible destruction of propertyintroduction of organizational behavior policieslowacceptdata extrusion through interception of wireless signalsmediumforbbiding policies against use of wireless media in sending confidential and proprietary information without authorizationpros- curb any attempts at destroying companies integrityNAmediummitigatesabotage of source codemediumloss of productivitypros-integrity of source code is protected. cons- failure to address this issue could lead to competitor gaining access to the source code leading to loss of competitive advantage (Flynn, Clark, Moore, , Collins, Tsamitis, Mundie, & McIntire, 2013).use authorization only for top notch members of the organizationmediummitigateFlynn, L., Clark, J., Moore, A. P., Collins, M., Tsamitis, E., Mundie, ...
Micro-Scholarship, What it is, How can it help me.pdf
Sheet1RISK EVENTPROBABILITYIMPACTProsConsPROPOSED MITIGATION PLAN
1. Sheet1RISK
EVENTPROBABILITYIMPACTPros/ConsPROPOSED
MITIGATION PLANRISK LEVELRISK DECISIONDevice
(laptop, phone) that contains proprietary data is stolen.High
huge loss of competitive advantage, bad media exposurepro-
might help to discover hidden vulnerabilities in the employees.
Cons-employees may oppose mitigation techniquesprevent
employees from taking work laptops home. Provide locks for
the laptops.highacceptinternal network break-in from
outsidemediumdisrupt system, loss of vital datapro-will lead to
reduced external attacks once it is solved. Cons- implementation
costsuse of firewalls and other network intrusion detection
systemsmediumtransfervirus worm or trojan
infectionmediumrestoration is needed, productivity losspro-
identifies security loopholes allowing for mitigation against
them. Cons-yearly cost for antivirusinstall kaspersky antivirus
(Grachev, , & Batenin, 2013).mediumacceptsource code stolen
by external attacker or insidermediumloss of competitive
advantagecons- could lead to corporate espionageuse
authorization technique to prevent unauthorised members from
accessinglowacceptdenial of service attacksmediumproductivity
loss, system restoration might be neededpros- presence of
compensation controls will allow for the reassignment of
resources to other high risk areas. Cons-could lead to customer
lossuse of compensation controls. For example the use of
firewallsmediumtransferdata security breach for personal,
financial and/or customer datamedium-lowsome amount of bad
media exposure, loss of customers, possibility of lawsuitsCons-
underestimating this vulnerability could lead to increased
breaches and unauthorized accessuse of biometric authentication
techniqueslowavoidprolonged IT outagelowhigh disruption,
productivity loss, system restorationNAprovide secondary
power options e.g. CPUsmediumtransferpirated software, music
or movies used within Code Galorelowfines, reputation
2. losspros-there are less chances of unauthorized access to files in
the system. Cons-if mitigation technique fails it could be
detrimentalblocking of certain websiteslowacceptattack against
others initiated by Code Galore employeelownegative media
exposure, fines, lawsuitscons-possible destruction of
propertyintroduction of organizational behavior
policieslowacceptdata extrusion through interception of wireless
signalsmediumforbbiding policies against use of wireless media
in sending confidential and proprietary information without
authorizationpros- curb any attempts at destroying companies
integrityNAmediummitigatesabotage of source codemediumloss
of productivitypros-integrity of source code is protected. cons-
failure to address this issue could lead to competitor gaining
access to the source code leading to loss of competitive
advantage (Flynn, Clark, Moore, , Collins, Tsamitis, Mundie, &
McIntire, 2013).use authorization only for top notch members
of the organizationmediummitigateFlynn, L., Clark, J., Moore,
A. P., Collins, M., Tsamitis, E., Mundie, D., & McIntire, D.
(2013, October). Four insider IT sabotage mitigation patterns
and an initial effectiveness analysis. In Proceedings of the 20th
Conference on Pattern Languages of Programs (pp. 1-19).
Grachev, V. V., & Batenin, V. A. (2013). U.S. Patent No.
8,424,093. Washington, DC: U.S. Patent and Trademark Office.
Running Head: RESPONSES
1
RESPONSES 3
3. Responses
Student Name
Institution
Date
1.
Today we are in a position to see what the self-referentially
incoherent statement is as Interpreted by the recipient of this
book, maybe to see some of the consequences of
postcolonialism the reader should have the textual analysis of
colonialism itself. In this novel, the Poor Christ of Bomba, the
writer, Mongo Beti uses narrative to tell the tale that makes the
audience inside the thought of the fourteen year old who finds
himself in a situation beyond his control. The portrayal of these
narrate personify the era that draws the line between purity and
consciousness. This status as it were in this novel takes a
satirical approach on how the conditions under colonialism law
may have been. Betis clever move on languages, places, and
storylines open up the idea of the audience to bring in some of
the implications dimension to exploitation that create the period
postcolonialism so arbitrary.
2.
Published at this 3rd person but from the character’s viewpoint,
Ambiguous Adventure traces the training of Samba Diallo from
4. the conventional Muslim practice of retelling the Quran in
Senegal to advanced studies of philosophy in Paris. Difficult in
French or English, this book consists mainly of discussion in
which different characters adopt and discuss distinctive
ideological beliefs. Rather than simply remembering the
chronology of the autobiographical journey into West college
education, Cheikh Hamidou Kane immerses the audience at the
difficult dilemma of Senegalese aristocrats, who must determine
how to accept their own Muslim religion with the materialism of
contemporary Europe. As Samba pursues his adventure at
thoughts, he grows increasingly estranged from the worldviews
of both the region and French West Africa, therefore growing
difficult topics for French assimilationist terms in the wake of
colonial conquest.
3
As we will say, these final words of the Ambiguous Adventure
keenly express the point of the disagreement amongst this
Diallobe’s spiritualism in addition the region’s desire that was
in the origin of the rupture of the Samba Diallo’s being. Is not
that one sort of success of the rule of religion at the order of the
materialistic society? Henceforward, the role of Salif Bâ, in the
second book the steward of the building, could be, in a way,
The incarnation of the Samba Diallo who was as well able to
accept the Diallobé’s passionate religion besides the rationalist
attitude of the contemporary region. If I chose to take this
opposition between society as well as religion as the primary
topic of the Ambiguous Adventure, then it is because this fight
of the Muslim Africa with the contemporary region was the
collapse of two cultures giving two opposing views of the
world: On the one side the society of faith turned in the
direction of darkness, Ruled through spirituality plus religion,
and in contrast the rationalist society, with triumphant desire,
Whose primary purpose is to get those who carry it “ masters of
the surface ” at the risk of going slowly underneath the weight
of information.
5. Sheet1RISK
EVENTPROBABILITYIMPACTPros/ConsPROPOSED
MITIGATION PLANRISK LEVELRISK DECISIONDevice
(laptop, phone) that contains proprietary data is stolen.High
huge loss of competitive advantage, bad media exposurepro-
might help to discover hidden vulnerabilities in the employees.
Cons-employees may oppose mitigation techniquesprevent
6. employees from taking work laptops home. Provide locks for
the laptops.highacceptinternal network break-in from
outsidemediumdisrupt system, loss of vital datapro-will lead to
reduced external attacks once it is solved. Cons- implementation
costsuse of firewalls and other network intrusion detection
systemsmediumtransfervirus worm or trojan
infectionmediumrestoration is needed, productivity losspro-
identifies security loopholes allowing for mitigation against
them. Cons-yearly cost for antivirusinstall kaspersky antivirus
(Grachev, , & Batenin, 2013).mediumacceptsource code stolen
by external attacker or insidermediumloss of competitive
advantagecons- could lead to corporate espionageuse
authorization technique to prevent unauthorised members from
accessinglowacceptdenial of service attacksmediumproductivity
loss, system restoration might be neededpros- presence of
compensation controls will allow for the reassignment of
resources to other high risk areas. Cons-could lead to customer
lossuse of compensation controls. For example the use of
firewallsmediumtransferdata security breach for personal,
financial and/or customer datamedium-lowsome amount of bad
media exposure, loss of customers, possibility of lawsuitsCons -
underestimating this vulnerability could lead to increased
breaches and unauthorized accessuse of biometric authentication
techniqueslowavoidprolonged IT outagelowhigh disruption,
productivity loss, system restorationNAprovide secondary
power options e.g. CPUsmediumtransferpirated software, music
or movies used within Code Galorelowfines, reputation
losspros-there are less chances of unauthorized access to files in
the system. Cons-if mitigation technique fails it could be
detrimentalblocking of certain websiteslowacceptattack against
others initiated by Code Galore employeelownegative media
exposure, fines, lawsuitscons-possible destruction of
propertyintroduction of organizational behavior
policieslowacceptdata extrusion through interception of wireless
signalsmediumforbbiding policies against use of wireless media
in sending confidential and proprietary information without
7. authorizationpros- curb any attempts at destroying companies
integrityNAmediummitigatesabotage of source codemediumloss
of productivitypros-integrity of source code is protected. cons-
failure to address this issue could lead to competitor gaining
access to the source code leading to loss of competitive
advantage (Flynn, Clark, Moore, , Collins, Tsamitis, Mundie, &
McIntire, 2013).use authorization only for top notch members
of the organizationmediummitigateFlynn, L., Clark, J., Moore,
A. P., Collins, M., Tsamitis, E., Mundie, D., & McIntire, D.
(2013, October). Four insider IT sabotage mitigation patterns
and an initial effectiveness analysis. In Proceedings of the 20th
Conference on Pattern Languages of Programs (pp. 1-19).
Grachev, V. V., & Batenin, V. A. (2013). U.S. Patent No.
8,424,093. Washington, DC: U.S. Patent and Trademark Office.
Cisco 892 ISR
Cisco Catalyst 2960S-48LPS-L - Switch
Windows Server 2008 R2
Exchange 2010
Red Hat Enterprise
Apache, PHP, MySQL
JBOSS
Windows Server 2008 R2
Primary Domain Controller and File Share
48 Desktop Computers
Windows 7 Ent
8. 83 Laptop Computers
Windows 7 Ent
8 Tablets, Android OS 17 Smart Phones
Android OS
192.168.0.3
192.168.0.5
192.168.0.4
192.168.0.200-248
192.168.0.100-183
192.168.0.50-58
192.168.0.75-92
192.168.0.1
192.168.0.2
Part 2 – Directions – For this assignment, refer back to your last
week’s assignment. Take the above network diagram and
identify all single points of failure. Once
you find one, describe why it is a SPOF and offer two or three
solutions to compensate for this SPOF . In the last section, take
one solution from each SPOF and
research the cost for implementation.
P -$9423.00
V -$242,000.00
P -$7453.00
V -$49,000.00
9. P -$14,785.00
V -$132,000.00
P -$924.00
P -$2754.00
P - $1425.00 Each
P -$1274.00 Each
P -$399.00 Each
P -$199.00 Each
W06A1.vsdPage-1
Cisco 892 ISR
Cisco Catalyst 2960S-48LPS-L - Switch
Windows Server 2008 R2
Exchange 2010
Red Hat Enterprise
Apache, PHP, MySQL
JBOSS
Windows Server 2008 R2
Primary Domain Controller and File Share
48 Desktop Computers
Windows 7 Ent
83 Laptop Computers
Windows 7 Ent
10. 8 Tablets, Android OS 17 Smart Phones
Android OS
192.168.0.3
192.168.0.5
192.168.0.4
192.168.0.200-248
192.168.0.100-183
192.168.0.50-58
192.168.0.75-92
192.168.0.1
192.168.0.2
Part 1 Directions – For this assignment, evaluate the above
network diagram for a basic small marketing firm in San
Francisco, CA. You have been asked to write-up
a basic risk assessment for this company. In the first part,
brainstorm and list every risk you can imagine (realistic for this
company) include virtual, physical and
“stupid” in your listing. Provide a brief one-to-two sentence
overview for each risk you list. In the second section, pick the
top risk and create a Quantitative RA (last
week) for a single loss expectancy. Each event will have it’s
own price tag and amount of downtime. The values for each
device is listed as “P” for physical cost and
“V” for the estimated value of the data on each device. Each
day the network is down results in a loss of $86,000.00.
P -$9423.00
11. V -$242,000.00
P -$7453.00
V -$49,000.00
P -$14,785.00
V -$132,000.00
P -$924.00
P -$2754.00
P - $1425.00 Each
P -$1274.00 Each
P -$399.00 Each
P -$199.00 Each
W05A1.vsdPage-1