Threat and Vulnerability Assessment

profiledidosld
ThreatandVulnerabilityAssessments.pdf

Instructor Guide: Managing Risk in Information Systems

© 2022 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 85

Best Practices for Threat and Vulnerability Assessments

Learning Objectives and Outcomes

§ Analyze threat and vulnerability assessment best practices.

Assignment Requirements

Answer the following question(s):

1. A best practice for threat assessments within the seven domains of a typical IT infrastructure is “Assume nothing, recognizing that things change.” What do you think “assume nothing” means in this context?

2. A best practice for performing vulnerability assessments within the seven domains of a typical IT infrastructure is to identify assets first. Why should you identify assets before performing vulnerability scans?

Fully address the questions in this discussion; provide valid rationale for your choices.

Required Resources

§ Course textbook § Internet access

Submission Requirements

§ Format: Microsoft Word (or compatible) § Font: Arial, size 12, double-space § Citation Style: Follow your school’s preferred style guide § Length: 1–2 pages

Self-Assessment Checklist

§ I fully addressed the question(s) in the discussion instructions. § I included justification or rationale for my choices, where applicable. § I responded to at least two other students’ views and defended my opinions. § I followed the submission guidelines.