The task of identifying risks in an IT environment can become overwhelming. Once your mind starts asking “what if…?” about one IT area, you quickly begin to grasp how many vulnerabilities exist across the IT spectrum. It may seem impossible to systematically search for risks across the whole IT environment.

The task of identifying risks in an IT environment can become overwhelming. Once your mind starts asking “what if…?” about one IT area, you quickly begin to grasp how many vulnerabilities exist across the IT spectrum. It may seem impossible to systematically search for risks across the whole IT environment.

Thankfully, a solution is at hand that simplifies identifying threats and vulnerabilities in an IT infrastructure. That method is to divide the infrastructure into the seven domains: Wide Area Network (WAN), Local Area Network-to-Wide Area Network (LAN-to-WAN), Local Area Network (LAN), Workstation, User, System/Application, and Remote Access. Systematically tackling the seven individual domains of a typical IT infrastructure helps you organize the roles, responsibilities, and accountabilities for risk management and risk mitigation.

In this lab, you will identify known risks, threats, and vulnerabilities, and you will organize them. Finally, you will map these risks to the domain that was impacted from a risk management perspective.