CIS 502 MENTOR Great Stories/cis502mentor.com CIS 502 MENTOR Great Stories/cis502mentor.com | Page 58

Write a twelve to fifteen (12-15) page formal risk assessment
proposal and redraw the above diagram of a secure and risk-
mitigating model in which you:
1. Describe the company network, interconnection, and
communication environment.
2. Assess risk based on the Global Finance, Inc. Network
Diagram scenario. Note: Your risk assessment should cover all
the necessary details for your client, GFI Inc., to understand the
risk factors of the organization and risk posture of the current
environment. The company management will decide what to
mitigate based on your risk assessment. Your risk assessment
must be comprehensive for the organization to make data-driven
decisions.
a. Describe and defend your assumptions as there is no further
information from this company. The company does not wish to
release any security-related information per company policy.
b. Assess security vulnerabilities, including the possibility of
faulty network design, and recommend mitigation procedures
for each vulnerability.
c. Justify your cryptography recommendations based on data-
driven decision making and objective opinions.
3. Examine whether your risk assessment methodology is
quantitative, qualitative, hybrid, or a combination of these.