Write atleast three to four points
a)Threats that can exploit the Vulnerabilities/Weaknesses that were posted below?
b) Risks that can generate loss to an Asset (Hardware, Software, Data, Service, etc) if the Threat exploit the Weakness?
c) Countermeasures that can mitigate the Risks. There is often more than one Countermeasure for each Weakness/Threat/Risk?
Vulnerabilities/Weaknesses :
1. Regular Firewall maintenance not conducted
2. Computer always left logged-in
3. Client personal data shared with everyone via email
4. Databases/systems not backed-up
5. Info Sec Audits not conducted
6. Client files left out on the desk overnight
7.Record Cabinets cannot be locked or are left unlocked
8. Inventory control and access control policies not followed.
