Threat and Vulnerability Assessment
Instructor Guide: Managing Risk in Information Systems
© 2022 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Page 85
Best Practices for Threat and Vulnerability Assessments
Learning Objectives and Outcomes
§ Analyze threat and vulnerability assessment best practices.
Assignment Requirements
Answer the following question(s):
1. A best practice for threat assessments within the seven domains of a typical IT infrastructure is “Assume nothing, recognizing that things change.” What do you think “assume nothing” means in this context?
2. A best practice for performing vulnerability assessments within the seven domains of a typical IT infrastructure is to identify assets first. Why should you identify assets before performing vulnerability scans?
Fully address the questions in this discussion; provide valid rationale for your choices.
Required Resources
§ Course textbook § Internet access
Submission Requirements
§ Format: Microsoft Word (or compatible) § Font: Arial, size 12, double-space § Citation Style: Follow your school’s preferred style guide § Length: 1–2 pages
Self-Assessment Checklist
§ I fully addressed the question(s) in the discussion instructions. § I included justification or rationale for my choices, where applicable. § I responded to at least two other students’ views and defended my opinions. § I followed the submission guidelines.