1. Why are security policies important? What happens without a security policy? What are the elements that a good security policy should contain?
2. Explain information security confidentiality, integrity, and availability. Summarize one common attack (e.g., Denial of Service) and state whether the attack compromises confidentiality, integrity, and/or availability. Be sure to explain why or how the attack compromises one, two, or three of the pillars of information security. Note: You can also discuss authenticity and non-repudiation, if you want to.