information security 3
PLEASE ANSWER IN YOUR OWN WORDS
1. In risk management strategies, why must periodic review be a part of the process?
2 Why do networking components need more examination from an information security perspective than from a systems development perspective?
3. What information attribute is often of great value for local networks that use static addressing?
4. What is residual risk?
5. What is competitive disadvantage? Why has it emerged as a factor?
6. Describe the “defend” strategy. List and describe the three common methods.
7. How is an incident response plan different from a disaster recovery plan?
8. What is risk appetite? Explain why risk appetite varies from organization to organization.
9. What is a cost benefit analysis?
10. What is the definition of single loss expectancy? What is annual loss expectancy?