Learning Team Vulnerabilities and Threat Pairs

  CMGT 430
-13 (7 logical and 6 physical) Olive Green-13 (6 logical and 7 physical) Red-12 (6 logical and 6 physical) Purple- 12 (6 logical and 6 physical) OrangeVulnerabilitiesThreats ProbabilityImpactSuggested Mitigation Steps
  Physical  
Card access Network Security   
Access RosterConfidentiality   
BiometricsConfidentiality   
Token KeyConfidentiality   
Security Key GeneratorNetwork Security   
Video MonitoringEnvironmental   
Lack of IT support/StaffAvailability   
Social Engineering of social mediasEnvironmental   
Attacks on Mobile devicesIntegrity   
Legacy SystemsIntegrity   
Hardware failurePhysical   
Lack of security AuditsNetwork Security   
Missed security patchesNetwork Security   
Terminated EmployeeAvailability   
Wide Area Application ServicesAvailability   
Buffer OverflowConfidentiality IntegrityAvailability   
VoIP TechnologyConfidentiality IntegrityAvailability   
Lack of Regular Updates of Antivirus SoftwareConfidentiality IntegrityAvailability   
Lack of Physical SecurityConfidentiality IntegrityAvailability   
Unauthorized AccessConfidentiality    
Unauthorized DownloadsAvailability    
Theft of EquipmentPhysical   
Destruction of EquipmentAvailability   
Environmental DisasterEnvironmental   
Equipment DisposalEnvironmental    
VulnerabilitiesThreats ProbabilityImpactSuggested Mitigation Steps
  Logical  
Group PoliciesNetwork Security   
Data Encryption Confidentiality   
Repository Availability   
Strong PasswordsNetwork Security   
PermissionsConfidentiality   
Port Security Network Security   
MAC filtering Integrity   
VPNNetwork Security   
DMZConfidentiality   
Software vendors change ownership or go out of businessAvailability   
Software Bugs and design faultsIntegrity   
Wifi VulnerabilitiesNetwork Security   
Lack of security policies Network Security   
Boot Sector VirusesAvailability   
Logic bombAvailability   
Unsecured Wireless NetworkConfidentiality   
Keystroke loggingConfidentiality   
Packet CollisionsConfidentiality   
User errorsIntegrity   
Firewall SecurityNetwork Security   
Denial of ServiceAvailability    
Wireless Security Network Security    
AntivirusNetwork Security   
Modification of DataIntegrity   
Website ModificationIntegrity    

Related Posts