(Answered) Review questions1how can a security framework assist in the

Management Studies

Review Questions

1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it?

2. Where can a security administrator find information on established security frameworks?

3. What is the ISO 27000 series of standards? Which individual standards make up the series?

4. What are the inherent problems with ISO 17799, and why hasn't the United States adopted it? What are the recommended alternatives?

5. What documents are available from the NIST Computer Resource Center, and how can they support the development of a security framework?

6. What benefit can a private, for-profit agency derive from best practices designed for federal agencies?

7. What Web resources can aid an organization in developing best practices as part of a security framework?

8. Briefly describe management, operational, and technical controls, and explain when each would be applied as part of a security framework.

9. What are the differences between a policy, a standard, and a practice? What are the three types of security policies? Where would each be used? What type of policy would be needed to guide use of the Web? E-mail? Office equipment for personal use?

10. Who is ultimately responsible for managing a technology? Who is responsible for enforcing policy that affects the use of a technology?

11. What is contingency planning? How is it different from routine management planning? What are the components of contingency planning?

12. When is the IR plan used?

13. When is the DR plan used?

14. When is the BC plan used? How do you determine when to use the IR, DR, and BC plans?

15. What are the five elements of a business impact analysis?

16. What are Pipkin's three categories of incident indicators?

17. What is containment, and why is it part of the planning process?

18. What is computer forensics? When are the results of computer forensics used?

19. What is an after-action review? When is it performed? Why is it done?

20. List and describe the six continuity strategies identified in the text.

View complete question

Management Information System, Management Studies

Category:- Management Information System
Reference No.:- M92005814
Price:- $15

Verified Expert

Priced at $30 Now at $15, Verified Solution

Have any Question?Write your Review or question?

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Recent Questions

Ask Management Information System Expert

Management Studies

Related Questions in Management Information System

Search the csu library the internet or any specific

Question how can company protect the new emerging

Communication and team decision makingpart 1 sharpening the

Question provide an explanation of ifwherehow does active

Question how companies could effectively use emerging

Question how customers could effectively use emerging

Part 1 - create an 8 slide powerpoint presentation on

In chapter 2 of the text - managing amp using information

Review at least 4 articles on balanced scorecard and

Data resources management questionsq1 the dama dmbok

Ask Experts for help!!

Looking for Assignment Help?

Why might a bank avoid the use of interest rate swaps even

Describe the difference between zero coupon bonds and

Compute the present value of an annuity of 880 per year

Compute the present value of an 1150 payment made in ten

Compute the present value of an annuity of 699 per year

Follow Us