Assignment
Instructions:
Responses to each question are expected to be between 100 and 200 words. Students will not be penalized for exceeding 200 words, but they should strive to reach a minimum of 100 words when constructing their response for each question.
Questions:
1. Describe the seven critical characteristics of information. How are they used in the study of computer security?
2. What is risk management? Why is the identification of risks, by listing assets and their vulnerabilities, so important to the risk management process?
3. What is risk appetite? Explain why risk appetite differs for every organization.
4. What are the differences between policies, standards, and practices? Identify and describe the three types of security policies covered in the book.
5. What is the difference between law and ethics? How does a law differ from a policy?