The institute had no dedicated security team and therefore till now no security policy is in place. Recently, the governing body of this business forms a security team and makes following two goals that they would like to achieve in six months – Assessing the current risk of the entire organization Treat the Risk as much as possible Task I: Risk Identification In achieving the above two goals, you will do the followings – Find at least five assets Find at least two threats against each asset Identify vulnerabilities for the assets Task II: Risk Assessment At the end of the risk identification process, you should have i) a prioritized list of assets and ii) a prioritized list of threats facing those assets and iii) Vulnerabilities of assets. At this point, create Threats- Vulnerabilities-Assets (TVA) worksheet and calculate the risk rating. Task III: Risk Treatment In terms of Risk Treatment, for each of the five identified risks, state what basic strategy you will take. Justify for each decision. Also, advise all possible protection mechanisms and corresponding place of application.
The institute had no dedicated security team and therefore till now no security policy is in place. Recently, the governing body of this business forms a security team and makes following two goals that they would like to achieve in six months – Assessing the current risk of the entire organization Treat the Risk as much as possible Task I: Risk Identification In achieving the above two goals, you will do the followings – Find at least five assets Find at least two threats against each asset Identify vulnerabilities for the assets Task II: Risk Assessment At the end of the risk identification process, you should have i) a prioritized list of assets and ii) a prioritized list of threats facing those assets and iii) Vulnerabilities of assets. At this point, create Threats- Vulnerabilities-Assets (TVA) worksheet and calculate the risk rating. Task III: Risk Treatment In terms of Risk Treatment, for each of the five identified risks, state what basic strategy you will take. Justify for each decision. Also, advise all possible protection mechanisms and corresponding place of application.
Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
Related questions
Question
The institute had no dedicated security team and therefore till now no security policy is in place. Recently, the governing body of this business forms a security team and makes following two goals that they would like to achieve in six months –
- Assessing the current risk of the entire organization
- Treat the Risk as much as possible
Task I: Risk Identification
In achieving the above two goals, you will do the followings –
- Find at least five assets
- Find at least two threats against each asset
- Identify vulnerabilities for the assets Task II: Risk Assessment
At the end of the risk identification process, you should have i) a prioritized list of assets and ii) a prioritized list of threats facing those assets and iii) Vulnerabilities of assets. At this point, create Threats- Vulnerabilities-Assets (TVA) worksheet and calculate the risk rating.
Task III: Risk Treatment
In terms of Risk Treatment, for each of the five identified risks, state what basic strategy you will take. Justify for each decision. Also, advise all possible protection
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by step
Solved in 3 steps with 2 images
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Recommended textbooks for you
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education