A Cyber Security Threat Analyst conducts analysis, digital forensics, and targeting to identify, monitor, assess, and counter cyber-attack threats against information systems, critical infrastructure, and cyber-related interests. Take on the role of a Cyber Security Threat Analyst for the approved organization you chose. Research the following information about the organization you chose and complete the Threats, Attacks, and Vulnerability.
Threats, Attacks, and Vulnerability Assessment Template
Instructions: Replace the information in brackets [ ] with information relevant to your project.
A Cyber Security Threat Analyst conducts analysis, digital forensics, and targeting to identify, monitor, assess, and counter cyber-attack threats against information systems, critical infrastructure, and cyber-related interests. Take on the role of a Cyber Security Threat Analyst for the approved organization you chose. Research the following information about the organization you chose and complete the Threats, Attacks, and Vulnerability Assessment template.
[Organization Name/Description]
Assessment Scope
What are the tangible assets included? (Must include virtualization, cloud, database, network, mobile, information systems.) Identify all information systems, critical infrastructure, and cyber-related interests and combinations that will be assessed. Also, describe information systems, critical infrastructure, and cyber-related interests which will not be assessed and explain why.
[Response]
System Model
A diagram and descriptions of each asset included in the assessment scope.
[Diagram here or attached]
[Response]
Existing Countermeasures
Describe existing countermeasure already in place.
[Response]
Threat Agents and Possible Attacks
Define 12 to 15 threat agents and possible attacks.
[Response]
Exploitable Vulnerabilities
Identify 7 to 9 exploitable vulnerabilities.
[Response]
Threat History/Business Impact
| Threat History Events | Duration | Business Impact | Threat Resolution |
| [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] |
Risks and Contingencies Matrix
| Risk | Probability | Priority | Owner | Countermeasures/Contingencies/Mitigation Approach |
| [Response] | [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] | [Response] |
| [Response] | [Response] | [Response] | [Response] | [Response] |
