1. Today, both security incidents and security vulnerabilities continue to rise for a variety of reasons.
What reasons can you provide for the continuing upwards trend in the number of incidents reported? You should provide at least four (4) reasons with supporting data and reasoned arguments to support your answer. Good answers will provide facts, reasoned arguments and references that go beyond anecdotal information.
2. Consider threat, vulnerability, exploit, and risk.
What are they?
What is the difference between them?
Discuss.
3. What is the purpose of performing an asset classification, asset assessment and risk assessment as part of the security strategy? Take each item in turn defining what it is and describing the purpose of it.
6. a. Describe the concept of “Separation of Duties (SoD)”.
b. Provide 3 examples of the general benefits of following the principle of SoD for tasks?
c. What problems can SoD not help with?