Please answer Each question, and cite any sources used.

1. Review: Guide for Developing Security Plans for Federal Information Systems By Marianne Swanson and Joan Hash and Pauline Bowen.

How does the the approach of information security implementation, security objective, and potential impact influence the effectiveness and cost management of the task?

2. Question A:

Describe threats and vulnerabilities and how to address them using a business impact analysis. Scenario: You are pen-testing a financial corporation and have found threats and vulnerabilities and need to explain to the business owner what they are. You must also provide an explanation on how a BIA can help the business secure their confidentiality, Integrity and Availability.

Question B:

Research a unique news story or article related to Information Technology. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

3. Question A:

Describe physical and logical access controls when and where would you implement them. Pick a type of physical and logical control i.e. Firewall or CCTV and explain how they work and what type of controls they provide.

Question B:

Research a unique news story or article related to Access controls. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

4. Question A:

Describe the risk management process and explain each step in detail.

Question B:

Research a unique article on Risk Management. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

5. Question A:

Describe asymmetric, symmetric and public versus private keys. Also pick a type of encryption AES, DES some type and provide an explanation of how that encryption can be used to protect the CIA triad.

Question B:

Research a unique article on encryption techniques. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please fully cite you source.

6. Question A:

Describe the OSI model and break down each layer, explaining what functions they perform.

Question B:

Pick an article on The 17 biggest data breaches of the 21st century By Taylor Armerding. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

7. Question A:

Pick two US compliance laws and provide a brief description. Then, provide your thoughts on if the laws need to be updated or changed in any way. Describe how these laws relate to the CIA triad.

Question B:

Research a unique article on compliance laws. Write a short summary of what you learned, and please also provide a link to the original article. The source is your choice; however, please fully cite your source.

8. What is the most practical and easily-applied lesson you learned after answering the previous questions? What was the hardest to grasp? Why?