Unauthorized access from pubic Internet WAN Domian 1
User destroys data in application and deletes User Domian 1 all files
Hacker penetrates your IT infrastructure LAN and WAN Domian 1 and gains access to your internal network
Intra-office employee romance gone bad User Domian 3
Fire destroys primary data center System/Application Domain 1
Service provider SLA is not achieved WAN Domain 2
Workstation OS has a known software Workstation Domain 2 vulnerability Unauthorized access to organization owned Workstation Domain 2 workstations Loss of production data system/application domain 1
Denial of service attack on organization wan domain 1
DMZ and e-mail server
Remote communications from home office remote access domain 2
LAN server OS has a known software system/application domain 1 vulnerability User downloads and clicks on an unknown user domain 3 unknown e-mail attachment
Workstation browser has software vulnerability workstation domain 3
Mobile employee needs secure browser access remote access 1 to sales order entry system
Service provider has a major network outage WAN 1
Weak ingress/egress traffic filtering WAN 1 degrades performance
User inserts CDs and USB hard drives user 2 with personal photos, music, and videos on organization owned computers
VPN tunneling between remote computer remote access 3 and ingress/egress router is needed
WLAN access points are needed for LAN LAN to WAN 3 connectivity within a warehouse
Need to prevent eavesdropping on WLAN LAN to WAN 1 due to customer privacy data access
DoS/DDoS attack from the WAN/Internet WAN 1
The purpose of the risk assessment, and summary of risks, threats, and vulnerabilities found though out the IT infrastructure is to show how you would be able to assess the risks and have a summary of the threats and vulnerabilities. You will be able to have an overview of everything. The testing helps to provide an understanding of which threats need to be addressed and which can be done at a