Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 12, Problem 1DQ
Explanation of Solution
Steps to reduce the risk of the situation recurring:
- New staffs should be on the floor after training, completing some mock drill and qualifying the test.
- Attentiveness program associated to new threats should be a regular action...
Explanation of Solution
Justification:
“No”, these types of circumstances can only be reduced, but cannot be entirely avoided.
Reason:
- Information Technology (IT) commerce includes both good people and bad people...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
It is important to establish both the risk appetite and the hazards that are still present. A situation that takes place in the real world may be used to illustrate the trade-off that exists between a person's appetite for risk and their level of residual risk.
There should be a list with brief explanations of the five risk-control approaches.
Is there an optimal amount of preventive maintenance? What caution should be exercised before calculating this optimal amount?
Chapter 12 Solutions
Management Of Information Security
Ch. 12 - Prob. 1RQCh. 12 - Prob. 2RQCh. 12 - Prob. 3RQCh. 12 - Prob. 4RQCh. 12 - Prob. 5RQCh. 12 - Prob. 6RQCh. 12 - Prob. 7RQCh. 12 - Prob. 8RQCh. 12 - Prob. 9RQCh. 12 - Prob. 10RQ
Ch. 12 - Prob. 11RQCh. 12 - Prob. 12RQCh. 12 - Prob. 13RQCh. 12 - Prob. 14RQCh. 12 - Prob. 15RQCh. 12 - Prob. 16RQCh. 12 - Prob. 17RQCh. 12 - Prob. 18RQCh. 12 - Prob. 19RQCh. 12 - Prob. 20RQCh. 12 - Prob. 2ECh. 12 - Prob. 3ECh. 12 - Prob. 4ECh. 12 - Prob. 5ECh. 12 - Prob. 1DQCh. 12 - Prob. 2DQCh. 12 - Prob. 3DQCh. 12 - Prob. 4DQ
Knowledge Booster
Similar questions
- A recommended approach is that the people assigned to implement a risk management program should begin by studying the models presented earlier in this chapter and identifying what each offers to the envisioned process. Once the organization understands what each risk management model offers, it can adapt one that is a good fit for the specific needs at hand. Which risk control strategy would you consider the most effective and why? When should the strategy be used and why should it not be used for all risks?arrow_forwardCan you distinguish between inherent and control risk?arrow_forwardAfter reading the case presented in the module, write a short response to the following discussion questions and ethical decision making scenario. Discussion Questions Before the discussion at the start of this chapter, how do Fred, Gladys, and Charlie each perceive the scope and scale of the new information security effort? Did Fred’s perception change after that? How should Fred measure success when he evaluates Gladys’ performance for this project? How should he evaluate Charlie’s performance? Which of the threats discussed in this chapter should receive Charlie’s attention early in his planning process?arrow_forward
- How does simulation help address risk?arrow_forwardDefine risk appetite and residual hazards. Real-world scenarios may demonstrate the risk appetite-residual risk trade-off.arrow_forwardRisk reduction strategy(ies) is (are): Select one: a. Damage limitation b. Risk avoidance, Risk detection and removal, and Damage limitation c. Risk detection and removal d. Risk avoidancearrow_forward
- The concept of risk is interpreted differently by network/OS systems. Finally, do you have any specific examples of potential danger to offer?arrow_forwardThe five risk-control strategies are listed and briefly described below.arrow_forwardThe concept of risk is interpreted differently by network/OS systems. In addition, do you have any specific examples of potential danger to offer?arrow_forward
- Write at least 4 examples of how you arrive at the risk rating for a given threat by asking questions to quantify the DREAD categories?arrow_forwardRisk tolerance and residual hazards must be specified. Using a real-world example, the trade-off between risk appetite and residual risk may be shown.arrow_forwardWhich of the following is the best description of purpose of risk management? a. To implement measures to reduce risks to an acceptable level. b. To outline the threats to which IT resources are exposed. c. To determine the damage caused by possible security incidents. d. To determine the probability that a certain risk will occur.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Information Technology Project ManagementComputer ScienceISBN:9781337101356Author:Kathy SchwalbePublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning