Questions:
• How do you rationalize assigning a risk impact/factor to an identified risk, threat, or vulnerability?
• How do you prioritize similar risk impact/factor values of identified risks? How do you determine which "1" to prioritize? Why would you prioritize a "2" over a "1"? (4 pts)
• Identify a risk-mitigation solution for each of the following risk factors. Provide a URL to support your solution
1. A user clicks on a phishing email
2. A computer is running an out-of-date OS
3. A publicly accessible wireless hotspot.
4. Inefficient firewall rules impact network performance
5. DDoS attack from outside the U.S.
6. Remote access from geographically distributed employees
7. Someone spilling a beverage on a server