Write the questions followed by your answers.
Describe why having an information security strategy is important for an organization.
List four (4) items with descriptions that should be part of a security strategy.
A key part of a security strategy is to include sub-strategies for dealing with various aspects of security incidents. For example; depending on the security incident there should be policies and procedures defined for: 1) incident prevention, 2) incident detection, 3) incident response 4) incident recovery. The lecture notes described this using the example of repeated entry of incorrect passwords.
Select a particular type of security incident and describe a process or procedure that illustrates addressing each of the four (4) areas.
What is the purpose of performing an asset classification or asset assessment as part of the security strategy?
There are many other very good security resources on the web that publish information on various security topics. Find three (3) websites and describe what each of them offers. Include the url with your description. Include the information here and also place it in the discussion board under the designated topic.
The notes enumerate several information system assets. While these assets are important to an organization they are not the most important assets to a company or organization. What do you consider to be the top two (2) assets to an organization? Note that the information assets enumerated in the notes are NOT the correct answers to this problem. This question is asking for the most important assets, which means they may extend beyond the notion of information assets. Explain your reasoning for the assets you have selected.
In the notes there were two graphs presented from the CERT on incidents reported and vulnerabilities reported. Keep in mind the difference between an incident and vulnerability. Good answers will provide facts and references that go beyond anecdotal information.
What reasons can you provide for the general upwards trend in the number of incidents reported? You should provide at least four (4) reasons with supporting data and reasoned arguments to support your answer.
- Define what a security incident is.
- Define what a security vulnerability is.
- Define what a zero-day vulnerability.
- Why can an exploit of a zero-day vulnerability be particularly devastating?