Identifying Threats and Vulnerabilities in an IT Infrastructure Review Questions with complete Solutions Rated A+

Identifying Threats and Vulnerabilities in an IT Infrastructure Review Questions with complete Solutions Rated A+ Which of the listed risks, threats, or vulnerabilities can violate HIPAA privacy and security requirements? - Answers Unauthorized Access to Organization-Owned Workstations the risks, threats, or vulnerabilities that violate HIPAA security and privacy standard the most because data must not be shared with anyone without the consent of the patient. Organizations that handles HIPPA must protect the data and the system. Unauthorized access from public Internet - Answers WAN Domain Hacker penetrates IT infrastructure through modem bank - Answers LAN-to-WAN Domain Communication circuit outages - Answers WAN Domain Workstation operating system (OS) has a known software vulnerability - Answers Workstation Domain Denial of service attack on organization's e-mail server - Answers System Application Domain Remote communications from home office - Answers Remote Access Domain Workstation browser has software vulnerability - Answers Workstation Domain Weak ingress/egress traffic-filtering degrades performance - Answers LAN-to-WAN Domain Wireless Local Area Network (WLAN) access points are needed for LAN connectivity within a warehouse - Answers LAN Domain Need to prevent rogue users from unauthorized WLAN access - Answers LAN-to-WAN Domain Doctor destroys data in application, deletes all files, and gains access to internal network - Answers System/Application Domain Fire destroys primary data center - Answers System Application Domain Intraoffice employee romance gone bad - Answers User Domain Loss of production data server - Answers System Application Domain Unauthorized access to organization-owned workstations - Answers Workstation Domain LAN server OS has a known software vulnerability - Answers LAN Domain Nurse downloads an unknown e-mail attachment - Answers User Domain Service provider has a major network outage - Answers WAN Domain A technician inserts CDs and USB hard drives with personal photos, music, and videos on organization-owned computers - Answers User Domain Virtual Private Network (VPN) tunneling between the remote computer and ingress/egress router - Answers Remote Access Which domain(s) had the greatest number of risks, threats, and vulnerabilities? - Answers System Application Domain had 4 risks, threats, and vulnerabilities and Workstation Domain had 4. What is the risk impact or risk factor that you would qualitatively assign to the risks, threats, and vulnerabilities you identified for the LAN-to-WAN Domain for the health care and HIPAA compliance scenario? - Answers Hacker penetrates IT infrastructure through modem bank - High, Weak ingress/egress traffic-filtering degrades performance - Medium, Need to prevent rogue users from unauthorized WLAN access - High, Unauthorized access to organization-owned workstations - High