Risk analysis | Buiness managemenet | University College of the Cayman Islands

Risk analysis | Buiness managemenet | University College of the Cayman Islands

Using the information provided in the below case study, identify the areas of potential
concern and what recommendations you have to address those concerns in less than 500 words. 
The scan results provided is from a server found in a University Research Department. A researcher asked for this asset to be reviewed for their project. The project is dealing
with COVID samples to produce a vaccine.
It is safe to assume omitted technical aspects, but assumptions should be mentioned in the discussion with the screening committee before recommendations are provided.
The response back to the screening committee should be a written response, similar to
what would be sent to the researcher. This written response should be submitted back
to the screening committee. Once the written response is
submitted, in the 30-minute virtual meeting, you will need to present your findings to a
wide array of technical and non-technical people. You may choose any method of how
you deliver these findings and your response.
The roles that will be present in the virtual meeting are as follows:
Departmental member in charge of all IT Risk for the department (Risk Executive), a department IT
Manager, a Research Principal Investigator, and an IT Systems Engineer.
For each role, please consider the following areas to focus on while drafting a response:
Risk Executive:  Defining cost benefit, difficulty to address change (amount of
work), policy compliance, etc.
Department Manager:  Time to immediately remediate and then on-going
actions needed.  Cost of service or hardware to remediate
Research Principal Investigator:  Work to mitigate risks such as creating
procedures.
Systems Engineering:  Technical changes and the need to make this recurring or
to provide updates. 
Scan Results: 
A) Ports:           
TCP/UDP 137-139   Open to Internet for Server B023AQ
TCP                     80      Open to Internet for Server B023AQ
TCP                     443   Open to Internet for Server B023AQ
TCP                    1433-1434 Open to Internet for Server B023AQ
TPC/UDP           3389   Open to all workstations
B) All employees are allowed to RDP to their workstations from anywhere off site
C) All servers are located in a single rack in one data center. No provisions are
available to replace the hardware in a disaster (unless insurance can cover the
costs). No alternate site is available to relocate employees after a disaster.
D) There is no documentation regarding the logging requirements for any
systems.
 

Risk analysis | Buiness managemenet | University College of the Cayman Islands

ad:  Delta 8 online | THC Online | Buy hemp online | THC Carts | Delta 8 Carts | THCO Carts | HQD Vape | Fume Vape | Fume Extra | Fume Unlimited | HQD Cuvie | HQD Cuvie plus | zero Nic Disposable Vapes | Fume Infinity | Fume Ultra | FoodGod | Supreme Vape 

Using the information provided in the below case study, identify the areas of potential
concern and what recommendations you have to address those concerns in less than 500 words. 
The scan results provided is from a server found in a University Research Department. A researcher asked for this asset to be reviewed for their project. The project is dealing
with COVID samples to produce a vaccine.
It is safe to assume omitted technical aspects, but assumptions should be mentioned in the discussion with the screening committee before recommendations are provided.
The response back to the screening committee should be a written response, similar to
what would be sent to the researcher. This written response should be submitted back
to the screening committee. Once the written response is
submitted, in the 30-minute virtual meeting, you will need to present your findings to a
wide array of technical and non-technical people. You may choose any method of how
you deliver these findings and your response.
The roles that will be present in the virtual meeting are as follows:
Departmental member in charge of all IT Risk for the department (Risk Executive), a department IT
Manager, a Research Principal Investigator, and an IT Systems Engineer.
For each role, please consider the following areas to focus on while drafting a response:
Risk Executive:  Defining cost benefit, difficulty to address change (amount of
work), policy compliance, etc.
Department Manager:  Time to immediately remediate and then on-going
actions needed.  Cost of service or hardware to remediate
Research Principal Investigator:  Work to mitigate risks such as creating
procedures.
Systems Engineering:  Technical changes and the need to make this recurring or
to provide updates. 
Scan Results: 
A) Ports:           
TCP/UDP 137-139   Open to Internet for Server B023AQ
TCP                     80      Open to Internet for Server B023AQ
TCP                     443   Open to Internet for Server B023AQ
TCP                    1433-1434 Open to Internet for Server B023AQ
TPC/UDP           3389   Open to all workstations
B) All employees are allowed to RDP to their workstations from anywhere off site
C) All servers are located in a single rack in one data center. No provisions are
available to replace the hardware in a disaster (unless insurance can cover the
costs). No alternate site is available to relocate employees after a disaster.
D) There is no documentation regarding the logging requirements for any
systems.
 

Leave a Comment

Your email address will not be published. Required fields are marked *