Information Security


  • Consider the difference between qualitative and quantitative risk assessments; you should be able to distinguish the two.
  • Differentiate threat from vulnerability and use this information as the basis for threat analysis and planning.
  • Understand that every risk does not require mitigation. A good threat analysis requires analyzing probability of occurrence and impact on the company (including cost). This analysis can be performed qualitatively and quantitatively.
  • Analyze the situation, utilizing established analytic approaches, and reproduce that data visually (for example, using a matrix).
  • See attached file for the scenarios you need for this assignment.