What’s the Worst That Could Happen? (25 points)
This is a question you should (and will be) asking yourself as you take on a security officer role. Quite honestly, this statement could become your undoing if you do not think it through or try to avoid answering such a question; however, the extreme “voice of doom” is not one you will be visiting very often. You should be evaluating the possible circumstances and ask yourself the above question as it pertains to something that could happen, such as a fire or user error.
For this exercise, you should think about a local company (one which you work or have worked) or a fake marketing firm in Kansas City Missouri. Ask yourself this question as you think through what they have and what could be lost. Think of a minimum of 7 threats to this network (one for each of the 7 IT Infrastructure Domains [pg.7]) and describe “What’s the Worst That Could Happen?” if these threats came true. For the threats, you should think of 5 within the realm of possibility and 2 on the fringe of possibilities.
Organize this response as an APA formatted paper. For each threat, you should write at least one paragraph responding to the question to each threat.
Not Met
Basic
Proficient
Distinguished
Identified and describes threats or risks (15 points)
Did not identify any threats (0)
Listed 1 to 6 threats (1-7)
Listed 7 threats (8-14)
Went above and beyond minimal requirements (15)
Demonstrates knowledge of vulnerabilities (15 points)
Did not demonstrate knowledge (0)
Demonstrated basic level knowledge of vulnerabilities (1-7)
Showed a proficient grasp of vulnerabilities and how they affect their environment (8-14)
Showed an advanced level of knowledge of how threats impact their environment (15)
APA formatting (10 points)
Did not utilize APA formatting (0-3)
A few APA formatting errors with multiple mistakes (4-7)
Little to no APA formatting errors (8-10)
Grammar and structure (10 points)
Student submission is below college level writing expectations (0-3)
Multiple grammar and structure issues (4-7)
Little to no grammar and structure issues (8-10)
Course Outcomes Assessed:
1. Identify and define risk and risk management techniques.
5. Identify and evaluate threats, vulnerabilities, countermeasures, and mitigation recommendations.