Cyber Security - Threats, Vulnerability, Risk, and Control

This assignment is a learners' guide for the ICT40118 Certificate IV in Information Technology course on Cyber Security. It includes information on the course duration, mode of study, recommended textbooks, and the skills and knowledge required for the course. The assignment also includes three assessment tasks: a knowledge assessment, a case study analysis, and a presentation.

13 Pages2618 Words100 Views

Added on 2022-11-16

About This Document

This document discusses the nature of cyber security threats, vulnerabilities, and risks. It also covers the control measures that can be implemented to mitigate these risks. The document provides an overview of the STRIDE model of threat and the ISMS 27001. It also discusses the advantages and disadvantages of using Google Scholar for research. The document is relevant for students studying cyber security and related subjects.

Cyber Security - Threats, Vulnerability, Risk, and Control

Added on 2022-11-16

Related Documents

Running head: CYBER SECURITY
Cyber Security
Name of Student
Name of University
Author Note

Cyber Security - Threats, Vulnerability, Risk, and Control_1

1
CYBER SECURITY
Table of Contents
Task 1: Threat and Vulnerability.........................................................................................2
Task 2: Cyber Security Risk................................................................................................2
Task 3: Nature of Threats and Control................................................................................3
Task 4...................................................................................................................................5
Task 5...................................................................................................................................6
Task 6...................................................................................................................................6
Task 7...................................................................................................................................6
Task 8...................................................................................................................................7
Task 9...................................................................................................................................7
Task 10.................................................................................................................................8
Task 11.................................................................................................................................8
Task 12.................................................................................................................................9
Task 13.................................................................................................................................9
Bibliography......................................................................................................................11

Cyber Security - Threats, Vulnerability, Risk, and Control_2

2
CYBER SECURITY
Assessment 1 – Knowledge
Task 1: Threat and Vulnerability
There are certain significant differences between a threat and a vulnerability. Threat can
be described as a possible danger that is capable of exploiting a vulnerability (Scholz 2017).
Threat is therefore, a possible danger that has the power of damaging or destroying a particular
asset.
Vulnerability can further be described as a gap in the implemented security program,
which is mainly exploited by the present threats to get an unauthorized admittance to a particular
asset.
Task 2: Cyber Security Risk
There are certain factors that affect and influences the cyber security landscape within an
organization. Identification of the main factors that determine the cyber security risk to an
organization is critically essential to understand the various risk factors penetrating in the
organization.
One key factor that determine the cyber security risk to an organization involves the
extent to which the threat can affect internal functionality of an organization. Along with that
identification of the potential consequences of a threat is another factor that determines the cyber
security risk to an organization (Burger et al. 2014). The identification of the impact of any
particular risk helps in defining the possible cyber security in the organization. The significant
factors that determines the occurrence of cyber security risk in any particular organization is
indicated as follows.

Cyber Security - Threats, Vulnerability, Risk, and Control_3

3
CYBER SECURITY
1. The risk management process or frameworks that has been adapted in the organization.
2. The knowledge of the staffs and employees of the organization regarding the risk
management and disaster recovery
3. The availability of cyber security expert for detecting and managing the cybersecurity
risks
4. The efficiency of the risk management plan in detecting and management of the risk
and issues.
The above factors are responsible for determining the cyber security risk to an
organization. These factors are significantly related to each other. These factors indicate the
efficiency of an organization in managing and eliminating any type of cyber security risks. The
cyber security risks are manageable and the extent to which an organization is able to manage the
cyber security risks determine the cyber security risk to an organization. If an organization takes
proper measures in determination and management of the cyber security risks, the similar risks in
the organization can be reduced.
Task 3: Nature of Threats and Control
The STRIDE model of threat was established by Praerit Garg and Loren Kohnfelder at
Microsoft. The acronym STRID stands for six types of security risks, which comprise spoofing,
information disclosure, repudiation, denial of service, tampering and elevation of the privileges.
The STRIDE model indicates that the mentioned six categories of security risks are needed to be
controlled for reducing the threats and issues in an organization.

Cyber Security - Threats, Vulnerability, Risk, and Control_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Cyber Security Assessment 20222

|1846

|19

Identification of the four Vulnerabilities for the Various Assets

|12

|2717

|30

Cyber Security Applied Research 2022

|2211

|24

Cyber Security Assessment 2022

|10

|2116

|38

IT Risk Assessment and Cyber Security Lead Consultant for Gigantic Corporation

|10

|3551

|91

Assignment on CyberSecurity

|823

|86

Cyber Security - Threats, Vulnerability, Risk, and Control

About This Document

Cyber Security - Threats, Vulnerability, Risk, and Control

End of preview

Cyber Security Assessment 20222lg...

Identification of the four Vulnerabilities for the Various Assetslg...

Cyber Security Applied Research 2022lg...

Cyber Security Assessment 2022lg...

IT Risk Assessment and Cyber Security Lead Consultant for Gigantic Corporationlg...

Assignment on CyberSecuritylg...

Cyber Security Assessment 20222

Identification of the four Vulnerabilities for the Various Assets

Cyber Security Applied Research 2022

Cyber Security Assessment 2022

IT Risk Assessment and Cyber Security Lead Consultant for Gigantic Corporation

Assignment on CyberSecurity