Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 9, Problem 18RQ
Explanation of Solution
Water:
In any organization water plays a major role to defend against resources and data loss. Water is used in case of fire. Fire suppressions systems contain a liquid, mostly water which can be applied when fire has been detected.
Critical factors that are affected when water is not available:
The two critical factors that are affected during the absence of water are:
- Fire safety
- Air conditioning
Factors that are importance to the operation of organization’s information assets:
Fire safety:
- One of the most serious threats to physical security is fire...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Security breaches in information systems are very commonplace these days even though some organizations have what they believe is good security controls. Because of their vulnerability to threats from hackers, internal personnel, and poor management of Hardware and software devices, security controls always need revisiting.From my perspective as manager of the Accounts and Finance department, every security breach affects this department even if it is just down time to be at meetings, to discuss strategies and costs to repair damages. When the breaches occur, unauthorized access is gained to either, do something malicious to the organization's resources to steal or sabotage data for financial gain.This usually results in the company's reputation/integrity being damaged, Loss of revenue during downtime, high costs to repair and restructure. legal ramifications are expected as well if guilty persons are found or if customers decide to sew for breach of contract and losses.Two Reasons…
Susan is the lead investigator for a security incident and realizes that she will not be able to complete her investigation without causing severe disruption to the business. The action she feels she must take exceedsthe authority granted to her under the incident response plan. What should Susan do?
a)Shut down all business operations immediately until she develops a plan
b)Take the action immediately to protect the business
c)Discount the action as a possibility because it exceeds her authority
d)Consult with higher levels of management
For an airline, what are its most important assets? What are the minimal computing resources it would need to continue business for a limited period (up to 2 days). What other systems or processes could it use during the period of the disaster?
Chapter 9 Solutions
Principles of Information Security (MindTap Course List)
Ch. 9 - Prob. 1RQCh. 9 - Prob. 2RQCh. 9 - Prob. 3RQCh. 9 - Prob. 4RQCh. 9 - Prob. 5RQCh. 9 - Prob. 6RQCh. 9 - Prob. 7RQCh. 9 - Prob. 8RQCh. 9 - Prob. 9RQCh. 9 - Prob. 10RQ
Ch. 9 - Prob. 11RQCh. 9 - Prob. 12RQCh. 9 - Prob. 13RQCh. 9 - Prob. 14RQCh. 9 - Prob. 15RQCh. 9 - Prob. 16RQCh. 9 - Prob. 17RQCh. 9 - Prob. 18RQCh. 9 - Prob. 19RQCh. 9 - Prob. 20RQCh. 9 - Prob. 1ECh. 9 - Prob. 2ECh. 9 - Prob. 3ECh. 9 - Prob. 4ECh. 9 - Prob. 5ECh. 9 - Prob. 6ECh. 9 - Prob. 1CEDQCh. 9 - Prob. 2CEDQCh. 9 - Prob. 1EDM
Knowledge Booster
Similar questions
- Chain Link Consulting is an information technology consulting company that focuses on system security concerns. When the company's president asks you to assist her with the preparation of a presentation for a group of potential clients at a trade show meeting next month, you say "yes." First and foremost, she would like you to examine system security concerns in light of all six security levels. Afterwards, she wants you to come up with a list of methods that Chain Link might evaluate a client's security procedures in order to obtain an accurate evaluation of their level of exposure.It was her way of making the situation more intriguing by saying that it was fine to be imaginative in your ideas, but that you should avoid proposing anything that would be unlawful or immoral. Example: It might be OK to pretend as a job candidate with phony references to see whether they were being reviewed, but it would be inappropriate to steal a lock and access the computer room to check on things.Your…arrow_forwardthe answer is not DRP Jason has just been hired as the Director of IT. He is reviewing existing policies and procedures to determine how well the company has defined the roles of its employees in order to keep the organization secure and operating efficiently under any scenario. He finds that the company does not have an existing plan for how their offices in a hurricane-prone area will continue to operate during a hurricane. Which of the following plans should he consider implementing to ensure that employees at this location and supporting locations will be well prepared to both handle and continue to operate through whatever situations may arise as a result of natural disasters? the answer is not DRParrow_forwardAny organization or business that has had to deal witha cyber breach understands the stress that accompanies the process, no matter how well prepared or rehearsed it is for cyber events. All breaches come with a unique set of challenges and requirements. An incident response team often referred to as an IRT, is a team of individuals who are available, are ready, and have the expertise to investigate a data breach. IRT must understand the full scope of the breach to contain it, which typically includes understanding the entire life cycle of the attack. Forensic specialists can provide valuable information to the rest of the IRT team by examining logs, traffic, and systems to gain insight on the full scope of a breach. Discuss what the forensics investigators need to identify to understand how to scope the data breach incident.arrow_forward
- What kind of safety problems must be addressed in a Parking Management System (software), starting with development and continuing through deployment and ongoing program use? Address just the security concerns that are associated with the parking software; do not address concerns about other entities, such as vehicles.arrow_forwardA project plan is a company's information security blueprint, but how does this occur?arrow_forwardMaintenance is an essential task that is often considered to be dull. In information security, implementing a routine maintenance program can make a positive difference in network availability. Discuss the maintenance model and why implementation of the model is important. Be sure to address (at least 250 words):- How to collect and track performance measures- Name and discuss the elements of a system security plan- Defend the need for a contingency planarrow_forward
- a Cybersecurity expert has determined ICS vulnerability would destroy 50 percent of the process asset that is valued $10,000,000. The vulnerability has the projected occurrence of once every 4 years. The mitigation control for the ICS vulnerability is $5,500,000 with annual maintenance cost of $300,000. What is your recommended way forward in addressing the vulnerability?arrow_forwardWhile society expects businesses to be prepared for disasters and to recover using their own resources, it does not appear that individuals are equipped to endure a crisis. Should we expect the government, at any level, to be in charge of catastrophe recovery, whether at the personal or commercial level? If so, why or why not? What kind of concessions would a company have to make if the catastrophe recovery process was handed over to a government agency?arrow_forwardThe degree of information exposure may be reduced by two stages or countermeasures, according to you. Where relevant, do you have a good reason for your decisions?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning