View the step-by-step solution to:

Special Publication 800-30 Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and

Question 1) In a page, explain the McCumber cube and how we can use it in information security?
Question 2) How is SecSDLC related to SDLC? What are the differences in each stage?
Question 3) What are the US efforts in protecting privacy? In a page, explain chronically how each effort contributes to privacy.
Question 4) In two pages, compare SP 800-30 “Risk Management Guide for Information Technology Systems” to the risk management framework we discussed in class. You can find SP-800 document in the “Reading” folder under “Week 4” folder.
Question 5) In order to develop an information security blueprint, we can use published information security models. Let’s assume that you want to develop an information security blueprint for penn campus. In a page, compare and contrast “ISO 27000” series to “ST 800” series. Then, decide which series you would prefer, and identify specifically which document you would choose to start developing your own information security blueprint, and explain why. (Make sure that your answer is no longer than two pages.)

Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and Technology Gary Stoneburner, Alice Goguen, and Alexis Feringa Special Publication 800-30
Background image of page 01
SP 800-30 Page ii C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 1 Booz Allen Hamilton Inc. 3190 Fairview Park Drive Falls Church, VA 22042 July 2002 U.S. DEPARTMENT OF COMMERCE Donald L. Evans, Secretary TECHNOLOGY ADMINISTRATION Phillip J. Bond, Under Secretary for Technology NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Arden L. Bement, Jr., Director NIST Special Publication 800-30 Risk Management Guide for Information Technology Systems Recommendations of the National Institute of Standards and Technology Gary Stoneburner, Alice Goguen 1 , and Alexis Feringa 1
Background image of page 02
Show entire document
Sign up to view the entire interaction

Top Answer

attached solution.... View the full answer

8547145.docx

Question 1 The three pillars of McCumber are based on confidentiality, integrity and availability. The
main features of the cube to protect are transmission, storage and processing. The main...

Sign up to view the full answer

Why Join Course Hero?

Course Hero has all the homework and study help you need to succeed! We’ve got course-specific notes, study guides, and practice tests along with expert tutors.

-

Educational Resources
  • -

    Study Documents

    Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access.

    Browse Documents
  • -

    Question & Answers

    Get one-on-one homework help from our expert tutors—available online 24/7. Ask your own questions or browse existing Q&A threads. Satisfaction guaranteed!

    Ask a Question
Ask a homework question - tutors are online