1) You have just completed a qualitative threat assessment of the computer security of your organization, with the impacts and probabilities of occurrence listed in the table that follows. Properly place the threats in a 3-by-3 table. Which of the threats should you take action on, which should you monitor, and which ones may not need your immediate attention?
Threat Impact Probability of Occurrence
Virus attacks High High
Internet hacks Medium High
Disgruntled employee hacks High Medium
Weak incidence response mechanisms Medium Medium
Theft of information by a trusted third-party contractor Low Medium
Competitor hacks High Low
Inadvertent release of noncritical information Low Low
2) You have been asked by management to secure the laptop computer of an individual who was just dismissed from the company under unfavorable circumstances. Pretend that your own computer is the laptop that has been secured. Make the first entry in your log book and describe how you would start his incident off correctly by properly protecting and securing the evidence.