Risk Assessment

Risk Assessment


  • From the devices and systems identified in the AFI Corporate Network Topology, conduct a
  • thorough asset inventory, assign monetary values to each asset (quantitative), and assign a priority

    value for each asset (qualitative) that could be used to determine which assets are most critical for

    restoral in the event of a catastrophic event or attack.

  • Evaluate the perimeter security, make a list of access points internal and external(remote), identify
  • vulnerabilities and make suggestions for improvements to perimeter and network security.

  • Evaluate the remote access infrastructure, identify vulnerabilities and suggest security
  • improvements to mitigate risks to remote access.

  • Address the COO’s concern over the mobility security and design a secure mobile computing
  • (smart phones, tablets, laptops, etc.) in terms of authentication technologies and data protection.

  • Identify wireless vulnerabilities and recommend what safeguards, authentication technologies, and
  • network security to protect data should be implemented.

  • Evaluate the authentication protocols and methodologies within the wired, wireless, mobility and
  • remote access environments and suggest improvements to secure authentication for AFI.

  • Evaluate the web system protocols and vulnerabilities within the Intranet server and suggest
  • secure protocol improvements to improve security for web authentication.

  • Design a cloud computing environment for the company with a secure means of data protection at
  • rest, in motion and in process.

  • Assess all known vulnerabilities on each asset in this environment and impacts if compromised.
  • Using the asset inventory and the assigned values (monetary and priority) conduct a quantitative
  • and qualitative risk assessment of the AFI network.

  • Recommend risk mitigation procedures commensurate with the asset values from your asset
  • inventory. Feel free to redesign the corporate infrastructure and use any combination of

    technologies to harden the authentication processes and network security measures.

  • Provide an Executive Summary.
  • You are welcome to make assumptions for any unknown facts as long as you support your
  • assumptions.

  • The Title Page, Table of Contents and References page(s) don’t count in your 15 page
  • minimum!!!