Information Security Risk Analysis
Not what you're looking for?
1. What is the meaning of the CIA triad in Information Security?
2. What is the difference between Symmetric and Asymmetric Key Cryptography
3. What is SSL? What is SET? Which one is technically superior? Which one is the de-facto standard on commercial selling on the Internet?
4. Mention four advantages of Qualitative risk analysis
5. Mention four disadvantages of quantitative risk analysis
6. Define a safeguard....also known as ...................... or .........................
Define a threat
Define vulnerability
7. How do you calculate the total threat impact?
8. Give two examples of each of the following
Risk Avoidance
Risk Assurance
Risk Detection
Risk Recovery
9. What should be included in a risk analysis report? Be brief
10. Sketch the different tables for the following with one example row in each
Financial Loss table
Extent of legal implications table
Enterprise Embarrassment table
11. Sketch a Risk Analysis Matrix filled with a few suggested solutions
12. Which method(s) would you use for risk Analysis in the Military Base Network?
Select your top two favorites. Explain why?
1- Vulnerability Analysis
2- Hazard Impact Analysis
3- Threat Analysis
4- Questionnaires
5- Single-time loss algorithm
13. What is the formula used for ALE? (Annualized loss expectancy or Exposure)
14. A company's premises have one chance in a million of being affected by flooding. A flood would cost the company $10 million.
What would be your budget for mitigating the effects of the flood?
Would you start stocking up sand bags in preparation of the flood?
15. A company has a chance 1 in 3,000 of being within ten miles of an earthquake epicenter measuring 5.0 on the Richter scale. The Earthquake will cause $60 million of loss.
What would be the budget for reducing or preventing that damage?
16. A company has one large router that ties all their network segments. If the router dies it will take one day to repair. There is 70% chance that failure will occur once every 24 months. The outage will cause 1000 people to be out of work for a day. The company estimates the loss of productivity to be $68,000
How much should you spend for router redundancy?
17. What is BS7799? What is ISO 17799?
18. What is the difference between the Red Book and the Orange book in US government and defense security
19. What is ITSEC?
20. What is The Common Criteria?
21. T or F In risk analysis, the value of an asset can be estimated by asking for the book value from the accountant
22. T or F Security policies usually have to be written in a policy document
23. T or F Cost Benefit analysis is probably the most important step in any risk analysis process
24. Give an example of risk avoidance
25. Give an example of risk acceptance
Purchase this Solution
Solution Summary
Information Security Risk Analysis is considered.
Purchase this Solution
Free BrainMass Quizzes
Basic UNIX commands
Use this quiz to check your knowledge of a few common UNIX commands. The quiz covers some of the most essential UNIX commands and their basic usage. If you can pass this quiz then you are clearly on your way to becoming an effective UNIX command line user.
Word 2010: Tables
Have you never worked with Tables in Word 2010? Maybe it has been a while since you have used a Table in Word and you need to brush up on your skills. Several keywords and popular options are discussed as you go through this quiz.
Java loops
This quiz checks your knowledge of for and while loops in Java. For and while loops are essential building blocks for all Java programs. Having a solid understanding of these constructs is critical for success in programming Java.
C# variables and classes
This quiz contains questions about C# classes and variables.
Word 2010: Table of Contents
Ever wondered where a Table of Contents in a Word document comes from? Maybe you need a refresher on the topic? This quiz will remind you of the keywords and options used when working with a T.O.C. in Word 2010.