User Account

All Pages

Briefly discuss what risks these controls address

Assignment Help Other Subject
Reference no: EM133225758

Question 1. The compliance approach to ISM, as exemplified by organizations doing the minimum to obtain certification against ISO/IEC 27001, has been widely criticized.

a. Look for such criticism, e.g. on the Internet, and summarize in a paragraph or two some of the main critical arguments.

b. Can you think of possible alternatives to the ISO/IEC 27001 approach?

Question 2. Find and describe an example from the press (or elsewhere) of an organization that has suffered a major security breach

Discuss whether this breach means that the organization has not followed the requirements of ISO/IEC 27001; this will involve thinking about the nature of the breach and

(a) whether the attack could have been anticipated, and (b) whether appropriate controls were used to address the risk(s) related to the attack.

Question 3. identify an organizational scenario to provide context for the remainder of the answer to this question.

Choose one of the security policies;

Access Control, Backup, Information Transfer, Protection from Malware, Cryptographic Control, Communication Security, Privacy and Protection of PII, Physical and Environmental Security), and give two information security risks for this topic area that apply in the identified scenario.

Assessed these risks within the context of the identified scenario, following the three-stage the approach outlined in ISO/IEC 27005, and suggest possible treatments.

Question 4. Choose a personal computing device that you own, e.g. a smartphone, tablet, notebook, or desktop computer, to answer this question. Start your answer by briefly describing the device.

a) List three security controls that you employ to protect this device. In each case indicate which of the standardized control types from ISO/IEC 27002 these controls correspond to.

b) List three other controls that you could have employed but which you have chosen not to, again indicating which of the standardized control types from ISO/IEC 27002 these controls correspond to.

c) For each of the identified controls in your answers to a) and b), briefly discuss what risks these controls address, and, in the case of controls in b), indicate why you have chosen not to address these risks.

Question 5. Describe briefly, a recent security breach affecting a major company that involved a compromise of sensitive data, and explain why you believe it did (or did not) breach European data privacy requirements (e.g. those imposed by GDPR). Please choose a different example to that used to answer question 2.

Reference no: EM133225758

Questions Cloud

Build their own music-streaming website called musicmatic : Capture as much of the semantics of this situation as you can in an EER diagram - build their own music-streaming website called Musicmatic.
Developing budget statement : Developing a budget statement In excel for mobile applications. Also explain working capital.
Develop a project network to implement the project plan : Develop a project network to implement the project plan, manage projects effectively, and complete required resource reallocation.
Define expatriate managers and domestic managers : Define expatriate managers and domestic managers using the literature.
Briefly discuss what risks these controls address : Briefly discuss what risks these controls address, and, in the case of controls in b), indicate why you have chosen not to address these risks.
Describe the societal benefits of initiative : Describe the societal benefits of each initiative, specifically noting the expected positive impact of completing each.
Adaptive-consultative selling based on their use usefulness : Discuss importance of personal selling in success of a business. Compare between adaptive and consultative selling based on their usefulness.
Describe in step-by-step that in one go maximum bytes : Describe in step-by-step that in one go maximum bytes of data can be encrypted. Now, if the modulus n is increased from 1024 bit to 2048 bit
Find the numbers that can be expressed : Find the numbers that can be expressed as the product of two nonnegative integers in succession and print them in increasing order.

Reviews

Write a Review

Other Subject Questions & Answers

  Critical thinking instructional unit

Plan and develop a 1-week critical thinking instructional unit. The unit must include the following components and address Common Core State Standards or other relevant national or state academic standards**:

  Examine the significant manner in which power bargaining

Examine the significant manner in which power struggles, bargaining, and conflict avoidance with medical staff may complicate the ability of a public leader to carry out the role and improve operations within a hospital.

  How has this class enhanced knowledge of professionalism

Your final exam is a Reflection paper and consists of two questions.How has this class enhanced your knowledge of professionalism in the business world?

  What advantages do cascading style sheets

Explain which structure you prefer and why you prefer it. Locate two Web sites that use this structure and list their URLs. What advantages do Cascading Style Sheets (CSS) have when creating Web pages?

  Explain differences between deontology and teleology

Explain fundamental differences between deontology and teleology. Identify the central thesis of your textbook, explain how author develops and defends it, and critically evaluate the author's major themes, evidence, and logic.

  Discuss legal implications arising from bettys resistance

Compose a 250-500-word response to Betty that addresses her resistance to having Jake in her class and Jake's readiness to be in a general education classroom full-time

  Describe the relationship between learning and memory

In preparation for this assessment, select a research question that addresses the relationship between learning, cognition, and memory. Take time to use.

  Command console

write an example code snippet of changing the values of a large string that a user will input through the Command Console.

  Describe the us government reimbursement policies

How does U.S. government reimbursement policies for healthcare providers impact the use of telemedicine in your state? Length: A minimum of 250 words.

  Debutanizer operation

In a debutanizer operation, it is required to recover 97% of n-butane (present in the feed) in the distillate, and 98% of i-pentane (present in the feed) in the bottoms.  Calculate the number of actual trays required in the debutanizer.  Mean tower c..

  Principles of perceptual organization

Describe some of the principles of perceptual organization?

  How paradigms could be applied to human services research

Explain the most important similarities and differences between the two. Finally, explain how each could be applied to human and social services research.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd