To assist PVSS, your contract has been expanded to also create a risk assessment. In addition, PVSS management has asked for information on the vulnerabilities, threats, and exploits.

In a report of 2–3 pages to PVSS management, include the following:

  • Describe the process needed to create a risk assessment.
  • What are the vulnerabilities, threats, and exploits? As part of the description of risk assessment, include the definition of these three terms.
  • For a typical network environment (that includes an Internet-facing Web Site, a human resources database and application, and development workstations that contain copyrighted material), describe some typical devices or assets and vulnerabilities that might be encountered.
    • List and describe at least 4.