1. Identify and describe the five goals of information security governance:
2. Identify and describe the three types of security policy:
3. What is a DMZ and what is it used for? (You may want to do a little web research)
4. Describe how a proxy server works and what is the benefit of having a proxy server?
5. What are the primary functions of an incident response plan, disaster recovery plan, and business continuity plan?
6. What is the purpose of a business impact analysis?
7. Part of having a functional Incident response plan is notifying the right people when an incident occurs. In the event of an incident, who would you notify (or who do you think needs to be notified) and how would you notify them?
8. Identify the ways on how an organization can regain control over an incident.
9. Part of a business continuity plan is having continuity strategies. Identify three of these strategies and explain which strategy you think is most applicable to IUPUI and why.
10. Classify each of the following occurrences as in incident or disaster. If an occurrence is a disaster, determine whether or not business continuity plans would be called into play.
a. A hacker gets into the network and deletes files from a server.
b. A fire breaks out in the storeroom and sets off sprinklers on the floor. Some computers are damaged, but the fire is contained.
c. A tornado hits a local power company, and the company will be without power for three to five days.
d. Employees go on strike, and the company could be without critical workers for weeks.