Week 7 not graded answer key

Week 7 not graded answer key - Week 7 not graded answer key...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Week 7 not graded answer key. Chap 11. 2. Briefly outline the steps required to complete a risk assessment. 1. Develop a control spreadsheet in which you prioritize assets, specify threats, and identify and document controls 2. Evaluate adequacy of existing controls and resulting degrees of risk associated with each threat 3. Establish priorities for meeting threats (including use of a Delphi team) 4. What are some of the criteria that can be used to rank security risks? Importance can be based on number of criteria such as which would have the greatest dollar loss, be the most embarrassing, be the most prone to liability judgments, and have the highest probability of occurrence. The relative importance of a threat to your organization depends upon your business. A bank for example, is more likely to be a target of fraud than a restaurant with an electronic marketing site on the Web. Some other criteria that can be used to rank risk in a data communication network are: Most damaging, most dangerous, most risky. Most sensitive, most critical to organization, most likely to cause political problems Most costly to recover, most difficult to recover, most time consuming to recover Greatest delay, most likely to occur The steps required to rank risk threats to a network are: 1. Select the Delphi team 2. Identify the threats to the network 3. List the threats on the ranking sheet 4. Ask the question, “Which of these threats is the most risky to this network?” 5. Record the votes of the Delphi team members 6. Sum the votes vertically and horizontally 7. Arrange the threats into a final ranked list with the highest ranked threat (largest number of votes) at the top and the lowest ranked threat (smallest number of votes) at the bottom
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The assessment of a network’s security can be done by the network manager, but it is better done by a team of experts chosen for their in-depth knowledge about the network and environment being reviewed. This team, known as the Delphi team, is composed of three to nine key people. Key managers should be team members because they deal with both the long-term and day-to-day operational aspects of the network. More importantly, their participation means the final results can be implemented quickly, without further
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/11/2011 for the course CIS 589 taught by Professor Dave during the Spring '11 term at Keller Graduate School of Management.

Page1 / 5

Week 7 not graded answer key - Week 7 not graded answer key...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online