INFORMATION SECURITY FUNDAMENTALS

More documents

Recommendations

Info

Copyright © 2004 by Course Technology. All rights reserved.This publication is protected by federal copyright law. No part of this publication may be reproduced without prior permission in writing from Course Technology. Some of the product names and company names have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufactures and sellers. 6 Chapter 1 Information Security Fundamentals 5. Identify the potential consequences as one of the following: ■ Loss of privacy ■ Loss of trust ■ Loss of asset ■ Loss of service Certification Objectives Objectives for CompTIA Security+ Exam: Operational/Organizational Security: Risk Assessment Review Questions 1. An event that may disrupt normal business operations would be classified as . a. very serious b. serious c. less serious 2. An event that is classified as having significant history is considered to have a likelihood of occurring. a. low b. medium c. high 3. An event that may disrupt noncritical business operations and cause employee inconvenience would be . a. very serious b. serious c. less serious 4. An event that is classified as having no history is considered to have a likelihood of occurring. a. low b. medium c. high
Copyright © 2004 by Course Technology. All rights reserved.This publication is protected by federal copyright law. No part of this publication may be reproduced without prior permission in writing from Course Technology. Some of the product names and company names have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufactures and sellers. Lab 1.3 Risk Analysis—Risk Assessment 7 5. Which of the following are potential consequences of an event? a. loss of asset b. loss of privacy c. loss of trust d. loss of service e. all of the above 1 LAB 1.3 RISK ANALYSIS—RISK ASSESSMENT Objectives At this point you must evaluate a company’s existing safeguards to see what assets have not been protected.Most companies have some safeguards in place,but they are usually minimal. You may want to consider a compare-and-contrast approach to risk assessment. It is also important to research examples of how other similar companies are handling risk. After completing this lab, you will be able to: Perform a risk assessment Understand the importance of risk assessments Materials Required This lab requires the following: Internet access Estimated completion time: 20 minutes ACTIVITY In this activity you assess the adequacy of the company’s existing safeguards to protect against potential threats. 1. List the existing safeguards that protect against a potential event. For example, the company may have after-hours security and surveillance cameras installed at all entrances to the facility to protect against theft or vandalism, or access security already built into the present system to protect against computer hackers. 2. In consideration of existing safeguards, is the company still vulnerable to the possible threat? Describe the vulnerability. In other words, how can a threat or threat agent attack the asset being protected?
Page 1 and 2: 1 C H A P T E R O N E INFORMATION S
Page 3 and 4: Copyright © 2004 by Course Technol
Page 5: Copyright © 2004 by Course Technol
Page 9 and 10: Copyright © 2004 by Course Technol

INFORMATION SECURITY FUNDAMENTALS

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?