There are many different threats to the confidentiality, integrity, and availability of data-at-rest, data-in-transit, and processing. Some threats affect one of these security risks (like confidentiality only), and some threats affect more than one or even all these risks.
Create a 1-to 2 -page table, in Microsoft® Word, listing a minimum of 6 threats using the column headers and details below:
Threat – List the threat.
Threat to Type of Data (data-at-rest,data-in-transit, or processing) – Identify the type.
Confidentiality/Integrity/Availability– Identify whether some or all are affected by labelling: C, I, and/orA.
Mitigation Suggestion – Describe a mitigation plan in 2-3 sentences.
Example:
Threat: Password Compromise
Threat to Type of Data: Data-At-Rest
Confidentiality/Integrity/Availability: C & I
Mitigation: Employ a strong password that is changed at regular intervals. Do not share your password or write it down on sticky notes on your desk.
Create a 1-to 2 -page table, in Microsoft® Word, listing a minimum of 6 threats using the column headers and details below:
Threat – List the threat.
Threat to Type of Data (data-at-rest,data-in-transit, or processing) – Identify the type.
Confidentiality/Integrity/Availability– Identify whether some or all are affected by labelling: C, I, and/orA.
Mitigation Suggestion – Describe a mitigation plan in 2-3 sentences.
Example:
Threat: Password Compromise
Threat to Type of Data: Data-At-Rest
Confidentiality/Integrity/Availability: C & I
Mitigation: Employ a strong password that is changed at regular intervals. Do not share your password or write it down on sticky notes on your desk.