Graduate Level Writing!!! Project 3 - Cybersecurity Only!!!

Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology by Gary Stoneburner, Alice Goguen, and Alexis Feringa comprises public domain material from the National Institute of Standards and Technology, Technology Administration, U.S. Department of Commerce. APPENDIX B: SAMPLE RISK ASSESSMENT REPORT OUTLINE EXECUTIVE SUMMARY I. Introduction recommendations, and any comments in a table format to facilitate the implementation of recommended controls during the risk mitigation process. SP 800-30 Page B-2 (1) Risk (Vulnerability/ Threat Pair) (2) Risk Level (3) Recommended Controls (4) Action Priority (5) Selected Planned Controls (6) Required Resources (7) Responsible Team/Persons (8) Start Date/ End Date • Disallow inbound telnet • Disallow “world” access to sensitive company files • Disabled the guest ID APPENDIX C: SAMPLE SAFEGUARD IM PLEMENTATION PLAN SUMMARY TABLE (9) Maintenance Requirement/ Comments Unauthorized users can telnet to XYZ server and browse sensitive company files with the guest ID. High • Disallow inbound telnet • Disallow “world” access to sensitive company files • Disable the guest ID or assign difficult-to-guess password to the guest ID High 10 hours to reconfigure and test the system John Doe, XYZ server system administrator; Jim Smith, company firewall administrator 9-1-2001 to 9-2-2001 • Perform periodic system security review and testing to ensure adequate security is provided for the XYZ server