it risk assessment 3.
1.What is an IT risk assessmentâ€™s goal or objective?
2. Why is it difficult to conduct a quantitative risk assessment for an IT infrastructure?
3. What was your rationale in assigning a â€œ1â€ risk impact/risk factor value of â€œCriticalâ€ to an identified risk, threat, or vulnerability?
4. After you had assigned the â€œ1,â€ â€œ2,â€ and â€œ3â€ risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the â€œ1,â€ â€œ2,â€ and â€œ3â€ risk elements? What would you say to executive management about your final recommended prioritization?
5. Identify a risk-mitigation solution for each of the following risk factors:
a. User downloads and clicks on an unknown e-mail attachment
b. Workstation OS has a known software vulnerability
c. Need to prevent eavesdropping on WLAN due to customer privacy data access
d. Weak ingress/egress traffic-filtering degrades performance
e. DoS/DDoS attack from the WAN/Internet
f. Remote access from home office
g. Production server corrupts database
APA Format required
Reference text book
Gibson, D. (2015). Managing Risk in Information Systems; Second Edition. Jones and Bartlett Learning.