Q1. Summarize in your own words why it is beneficial to create a vulnrability map for a planned software system. What the risks when you do not consider the inherent system vulnerabilities in planning ?
Q5. Why is it important to establish a ranking of vulnerabilities in a system ? Use examples to show vulnerability priorities in action.
Q8. What is the purpose of the complete business system specification ? Why is it important from the perspective of security ?
Q10. Would there be risks associated with an attackr getting a copy of the complete business system specification ? Justify your position and provide examples to support your argument.