1. What are the five domains of the maintenance model?
2. What are the three primary aspects of information security risk management?
3. What is a vulnerability assessment?
4. What is penetration testing?
5. What are the differences between penetration testing and a vulnerability assessment?
6. What is a performance baseline?
7. What does CERT stand for? Is there more than one CERT? What is the purpose of a CERT?
8. What is the primary objective of the internal monitoring domain?
9. List and describe the five vulnerability assessment processes described in the text.
10. What is digital forensics, and when is it used in a business setting?