Submission requirements details: All work must be submitted on Moodle by the due date followed by the presentation in week 12. Reference sources must be cited in the text of the report, and listed...

Part A: Risk Identification
Question 1
Securing sensitive information: It will help in ensuring that the information is secured and it will help in protecting the information.
Order Database: Order database includes the management for application and it includes the table on SQL server database.
Filter emails: Email filtering is required for analysis of incoming emails and this will help in filtering spam.
Security policy: Security policy is defined for securing the system and it can help in addressing constraints on flow and functions. It will help in accessing external systems that include programs and access to data.
Receive emails: Email service will help in receiving the email by user.
Question 2
Securing sensitive information
· The risk includes accidental loss of the data
· The risk includes inside attacks that does not provide a verifiable level of assurance.
Order Database
· The threat includes stealing of sensitive data through the legitimate users using the infected devices.
· The security breach can involve theft of database backup tapes and disks.
Filter emails
· Attackers can take advantage of e-mail to deliver a variety of attacks to organizations through the use of malware.
· Email threats are a reality and it attempts to access both business and personal information.
Security policy
· The security threat includes malicious acts that aim to steal and corrupt data. It continues to evolve more sophisticated and it can create security threats.
· The insider can bypass security measures out of considered attempts to become more productive. It can delete the data and steal the data that can harm the business.
Receive emails
· The threat can help attackers deliver a variety of attacks to the organization with the use of malware. It includes worms, Trojan horses, spyware and viruses. The attack can result in malicious entity control over the server and workstation that can exploit vulnerabilities.
· Phishing and spam can send unwanted bulk email messages. It can disrupt users' productivity and it can be used as a distributed mechanism for malware. Phishing attacks can be done with the use of email attacks.
Question 3
Securing sensitive information
The vulnerability includes failure to remove the internal content from public content. It includes use of insecure configuration and it can result in failure of disabling of diagnostic features that can result in using tools for helping sensitive information (Gadgil et al. 2020).
Order Database
The database vulnerability can lack due care and it will exploit vulnerability for demonstrating the critical installation of security patches. It can steal the data that misuse the standard database feature.
Filter emails
The vulnerability is not considered and it is only requested with a SQL statement. The user cannot use it for obtaining the information and it processes updation, deletion and creation of objects.
Security policy
The security exposure can result in missing application patches and it can result in inappropriate active and installed services and applications (Prastiti, Rahmanita and Jazari, 2020). The vulnerability includes identification of the right application and system.
Receive emails...