SECURITY ASSESSMENT & TESTING

Business Case: Local airport

The parameters.

15,000 passengers a day

530 flights daily  

350 fulltime employees

There are three databases in the Airport’s data center.

1-Passenger database to record and authenticate each passenger in the airport

2-Employee database to record and authenticate each employee in the airport

3-Flight database to record each flight in the airport

Every day the following processes must be done:

Process 1:  For each passenger: a Boarding Pass will be calculated, prepared, and stored. The final version of the boarding pass will be printed on the printers at the airport

Process 2: For each aircraft; Flight logs along with the passenger checklist will be prepared and stored.

Process 3: One-week old Passenger and Flight data will be stored in long-term storage (archive)

Question 1 Identify cyber assets based on the NIST definition in the given Local airport business case. List the cyber assets.

Question 2 What are the steps that you would follow to fulfill the requirement of the NIST Risk Management Framework for the Airport? Write each step

Question 3 Do your search and find common cybersecurity threats in aviation.  And prepare your Risk Assessment Report (RAR) Based on the following threat sources

  • Adversarial
  • Structural
  • Environmental

Question 4 List the Risk Treatment Alternatives you would consider for each cybersecurity threat for the Airport. 

Tags: No tags