cyber security 15

1. “Managing Data Security” Please respond to the following:

• Imagine you are part of a security policy development team. Compose four policies that could prevent threats to the information assets of an organization. Select one policy you believe would be the best policy for strengthening data security and explain why.
• Explain how you would factor risk management practices into the development of the policies you constructed above. Outline specific measures, processes, and activities in your answer.

2. “Applying Forensics Within the Enterprise” Please respond to the following:

• Distinguish the three most important factors that will protect and enhance the confidentiality and integrity aspects of data assets. Provide a rationale for your chosen factors.
• Imagine you are a member of an organization’s forensics support team. Suppose that the data security countermeasures of your organization have been breached. Outline possible activities that you would perform to complete the digital forensic process. Determine the importance of establishing routine evaluations of security controls for ensuring consistent results.

3. “Ensuring Continuity Across the Enterprise” Please respond to the following:

• Identify three of the most important benefits derived from performing an effective risk assessment and explain the relationship between the risk assessment and the development of a preparedness plan. Explain why a preparedness plan is critical for operations.
• Provide two examples that demonstrate how preparation plans could ensure effective crisis management operations. Describe two risks that could surge if crisis management is not planned adequately.

4. “Managing the Incident” Please respond to the following:

• Provide three examples that demonstrate how a well-prepared incident response team (IRT) may minimize damages that an organization may experience after a disaster. Give your opinion of two quality control measures that could be used in order to validate actions of the IRT.
• Suggest three factors that should be analyzed and three activities that should be performed when planning for incident management. Select which activity would offer the most effective response support for an organization and explain why.

5. “Developing a Knowledgeable Workforce” Please respond to the following:

• Determine three benefits that could be derived from designing an effective training and awareness program. Select what you believe to be the most important benefit to the organization and explain why.
• Suggest three focus areas that a security training program should cover and explain why you believe these areas should be covered. Give your opinion on how these focus areas mitigate potential risks and threats that an organization may face.

6. “Instilling Security Within Operations” Please respond to the following:

• Evaluate the importance of designing a controls framework, ensuring proper performance, and ensuring proper support to determine how reliable the operational security function is for the organization. Describe how these measures help maintain operational capability.
• Assess the importance of managing operational capability. Provide two examples of how managing operational capability ensures the execution security strategy of an organization. Describe potential challenges an organization may face by not planning adequate controls for managing operational capability.