INFORMATION SECURITY FUNDAMENTALS

More documents

Recommendations

Info

Copyright © 2004 by Course Technology. All rights reserved.This publication is protected by federal copyright law. No part of this publication may be reproduced without prior permission in writing from Course Technology. Some of the product names and company names have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufactures and sellers. 8 Chapter 1 Information Security Fundamentals 3. What is the risk to the company of the event occurring? Risk refers to the company’s ability to protect itself in the face of the event occurring, not to the likelihood of the event happening. 4. Rate the potential risk as: ■ Low—Requires some attention and consideration for safeguard implementation as good business practice ■ Moderate—Requires attention and safeguard implementation in the near future ■ High—Requires immediate attention and safeguard implementation Certification Objectives Objectives for CompTIA Security+ Exam: Operational/Organizational Security: Risk Assessment Review Questions 1. A company puts a in place to protect against an attack. a. risk b. safeguard c. vulnerability d. threat 2. Risk refers to a company’s ability to protect itself from the likelihood of an event occurring.True or False? 3. A is considered a breakdown in company protection. a. risk b. safeguard c. vulnerability d. threat 4. Which of the following are considered safeguards? a. after-hours security b. surveillance cameras c. firewalls d. all of the above
Copyright © 2004 by Course Technology. All rights reserved.This publication is protected by federal copyright law. No part of this publication may be reproduced without prior permission in writing from Course Technology. Some of the product names and company names have been used for identification purposes only and may be trademarks or registered trademarks of their respective manufactures and sellers. Lab 1.4 Risk Analysis—Recommendations 9 5. Which level of potential risk requires attention and safeguard implementation in the near future? a. high b. moderate c. low d. none of the above 1 LAB 1.4 RISK ANALYSIS—RECOMMENDATIONS Objectives After you have performed the definition of assets, threat assessment, and risk assessment, you can make some recommendations to management. First you must develop a proposal that documents the specific risks to the company. After presenting the risks,you can recommend safeguards to reduce the risk. After completing this lab, you will be able to: Develop risk analysis recommendations Understand the importance of risk analysis recommendations Materials Required This lab requires the following: Internet access Estimated completion time: 20 minutes ACTIVITY 1. In consideration of the potential vulnerability and risk, what additional safeguards are recommended to lower the risk to an acceptable level? Describe the proposed measures. There may be a number of alternative safeguards, providing different levels of protection, that may be selected based on the availability of resources, acceptable level of risk, and so forth.
Page 1 and 2: 1 C H A P T E R O N E INFORMATION S
Page 3 and 4: Copyright © 2004 by Course Technol
Page 5 and 6: Copyright © 2004 by Course Technol
Page 7: Copyright © 2004 by Course Technol

INFORMATION SECURITY FUNDAMENTALS

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?