User Account

All Pages

Briefly discuss what risks these controls address

Assignment Help Other Subject
Reference no: EM133225758

Question 1. The compliance approach to ISM, as exemplified by organizations doing the minimum to obtain certification against ISO/IEC 27001, has been widely criticized.

a. Look for such criticism, e.g. on the Internet, and summarize in a paragraph or two some of the main critical arguments.

b. Can you think of possible alternatives to the ISO/IEC 27001 approach?

Question 2. Find and describe an example from the press (or elsewhere) of an organization that has suffered a major security breach

Discuss whether this breach means that the organization has not followed the requirements of ISO/IEC 27001; this will involve thinking about the nature of the breach and

(a) whether the attack could have been anticipated, and (b) whether appropriate controls were used to address the risk(s) related to the attack.

Question 3. identify an organizational scenario to provide context for the remainder of the answer to this question.

Choose one of the security policies;

Access Control, Backup, Information Transfer, Protection from Malware, Cryptographic Control, Communication Security, Privacy and Protection of PII, Physical and Environmental Security), and give two information security risks for this topic area that apply in the identified scenario.

Assessed these risks within the context of the identified scenario, following the three-stage the approach outlined in ISO/IEC 27005, and suggest possible treatments.

Question 4. Choose a personal computing device that you own, e.g. a smartphone, tablet, notebook, or desktop computer, to answer this question. Start your answer by briefly describing the device.

a) List three security controls that you employ to protect this device. In each case indicate which of the standardized control types from ISO/IEC 27002 these controls correspond to.

b) List three other controls that you could have employed but which you have chosen not to, again indicating which of the standardized control types from ISO/IEC 27002 these controls correspond to.

c) For each of the identified controls in your answers to a) and b), briefly discuss what risks these controls address, and, in the case of controls in b), indicate why you have chosen not to address these risks.

Question 5. Describe briefly, a recent security breach affecting a major company that involved a compromise of sensitive data, and explain why you believe it did (or did not) breach European data privacy requirements (e.g. those imposed by GDPR). Please choose a different example to that used to answer question 2.

Reference no: EM133225758

Questions Cloud

Build their own music-streaming website called musicmatic : Capture as much of the semantics of this situation as you can in an EER diagram - build their own music-streaming website called Musicmatic.
Developing budget statement : Developing a budget statement In excel for mobile applications. Also explain working capital.
Develop a project network to implement the project plan : Develop a project network to implement the project plan, manage projects effectively, and complete required resource reallocation.
Define expatriate managers and domestic managers : Define expatriate managers and domestic managers using the literature.
Briefly discuss what risks these controls address : Briefly discuss what risks these controls address, and, in the case of controls in b), indicate why you have chosen not to address these risks.
Describe the societal benefits of initiative : Describe the societal benefits of each initiative, specifically noting the expected positive impact of completing each.
Adaptive-consultative selling based on their use usefulness : Discuss importance of personal selling in success of a business. Compare between adaptive and consultative selling based on their usefulness.
Describe in step-by-step that in one go maximum bytes : Describe in step-by-step that in one go maximum bytes of data can be encrypted. Now, if the modulus n is increased from 1024 bit to 2048 bit
Find the numbers that can be expressed : Find the numbers that can be expressed as the product of two nonnegative integers in succession and print them in increasing order.

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd