HighYield is a small agricultural company, which produces and sells fertilizer products. The company headquarters is in a small town in Indiana. Outside its headquarters, there are two large production facilities—one in Nebraska and other in Oklahoma. Furthermore, HighYield employs salespersons in every state in the United States to serve its customers locally. The company has three servers located at its headquarters—an Active Directory server, a Linux application server, and an Oracle database server. The application server hosts HighYield’s primary software application, which is a proprietary program managing inventory, sales, supply chain, and customer information. The database server manages all data stored locally with direct-attached storage. All three sites use Ethernet-cabled local area networks (LANs) to connect the users’ Windows 7 workstations via industry-standard managed switches. The remote production facilities connect to headquarters via routers with T-1 LAN connections provided by an external Internet service provider (ISP), and share an Internet connection through a firewall at headquarters. Individual salespersons throughout the country connect to HighYield’s network via virtual private network (VPN) software through their individual Internet connections, typically in a home office. Tasks: Assume the role of the IT professional assigned by HighYield’s IT management to conduct the following risk management tasks: 1. Identify threats to the seven domains of IT within the given scenario. 2. Identify vulnerabilities in the seven domains of IT within the given scenario. 3. Identify threat/vulnerability pairs to determine threat actions that could pose risks to the organization. 4. Estimate the likelihood of each threat action. 5. Prepare a brief report or presentation of your findings for IT management to review.
#Sales Offer!| Get upto 25% Off: