Threat Management and Disaster Recovery Final Paper This is a two part assignment that will be submitted as one final paper Part 1 I would like you to complete a

Threat Management and Disaster Recovery Final Paper This is a two part assignment that will be submitted as one final paper Part 1 I would like you to complete a limited Risk Assessment for a fictional enterprise. This analysis, of course, will require you to make lots of assumptions and guesses which need to be noted and documented in your paper. To limit the scope of the paper, I want to limit your analysis to threats to the data and servers located in a centralized server room and threats to connectivity to any wide area network (WAN) clients. You will not analyze any threats to individual workstations and desktops. follows is a description of the server room and connectivity of those servers. This “made-up” Enterprise is a medical practice with an Electronic Medical Record (EMR) that we will call “Medco” containing patient data. This EMR is needed on a 24 hour basis as this is a cardiology specialty and is used in clinic rooms AND importantly, it is used by emergency physicians in the local trauma center for treatment of patients suffering from life threatening heart issues. This requires a WAN connection to be made available 24 hours a day. The Environment Servers  Server 1 is Microsoft Exchange Server  Server 2 is Domain Controller  Server 3 is a Citrix Server (delivering applications as Thin Clients to desktops and some of the WAN clients)  Server 4 is Web Server running IIS to present main application as web pages  Server 5 is a Server Running Microsoft SQL Server with patient data The Servers are connected to the LAN using routers and switches. The Servers are connected to the Internet using a single Firewall via a single connection to a single Internet Service Provider (ISP). The Servers do connect to a WAN using this Internet connection using a VPN and the nodes on this WAN (clinics around the state) each have a single connection to an ISP in their local area. Physically all the Servers are in a single unlocked room that has no fire suppression equipment other than the typical building sprinkler system and there are two sprinkler systems in the server room. The servers are connected to a trunk electrical line that is not part of the medical centers emergency power system and there is no line conditioning. For temperature control, the server room relies on the existing building HVAC system with heat exchangers located on the roof of the building. There is one air conditioning vent and one room thermostat serving the server room. The Assignment Using the NIST Special Publication 800-30, complete a Risk Assessment to identify potential threats for which a matching vulnerability exists in the above described environment. You can pretend that you are the Security officer in charge of this Assessment and also for your control recommendation you can make decisions from your Risk Matrix as if you were upper management. This part of the paper should be at least 3 pages and should be no more than 5 pages not including items such as interview forms or spreadsheets. Part II

Do you need us to help you on this or any other assignment?


Make an Order Now