A security program should address issues from a strategic, technical, and operational view. The security program should be integrated at every level of the enterprise's architecture. List a security program in each level and provide a list of security activities or controls applied in these levels. Support your list with real-world application data.
The objectives of security are to provide availability, integrity, and company confidentiality protection to data and resources. List examples of the security state where an asset to move security state when attacked, compromise, or become horrible. Your examples can include fictitious assets to have undergone some changes.
Risk assessment can be completed in a qualitative or quantitative manner. Explain each risk assessment methodology and provide an example of each.