Question: 1. The NIST Risk Management Framework uses the security category (SC) (see chapter 1, sections 1.1.2 and 1.2) as part of the selection of security

1. The NIST Risk Management Framework uses the security category (SC) (see chapter 1, sections 1.1.2 and 1.2) as part of the selection of security controls to reflect the impact of cybersecurity failures of an assets CIA properties on the organization or individual.

a) Using the NIST Risk Management Framework (RMF), Determine and briefly explain the security category of two information technology devices you use b) Finally, compute the relative significance (see section 1.4) of one risk for each device studied above using numerically measurable information. Choose risks you argue are the most relevant to your ability to continue your life and work.

2. Choose a real organization (for example hospital, military organization, bank, online business) you are familiar with or interested in, and perform an assessment of the following

a) Briefly explain how to apply the principle of least privilege to the members of this organization to maximize the information security of this business b) Briefly explain how to apply the principle of defense in depth to protect the assets you argue this organization has

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Grunar Industries produces the component parts needed for its popular non-commercial-use drones. One of the key parts has become more costly to produce than first planned, however, so management is...

You are a security analyst working on a Department of Defense contract. Since your organization supports a government agency, you are required to use the NIST Risk Management Framework. Your...

ISSUES IN ACCOUNTING EDUCATION Vol. 26, No. 3 2011 pp. 521-545 American Accounting Association DOI: 10.2308/iace-50031 Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with...

Write a report for MYOB Group Limited, it should including: Budgets and Performance Measures 1. Look for your company's mission statement or statement that sets out the overall philosophy and...

Hi, based on the Western Australian Auditor General's Reportmy focuse is only on RAMS part. I need help and ideas on how to implemente a literature review and an implementation report based on the...

Information Security Risk Management ITC6315 Assignment 2 Assignment For this exercise, read the provided case study about AcmeHealth, and rate the risk exposure for each finding related to the...

Consider and discuss the specific risks and nature of the company you will be auditing and create comprehensive work programs for the Acquisition, Payment, Property Plant, and Equipment (Fixed...

As a CPA, you have received offers to audit new company (Francesca's Holding Group). You need to understand the previous years' financial statement (F/S), notes to F/S, predecessor opinion, and...

Please help, this is actually due today and the person who said they would answer this question that was initially due last night. Thank you for the help if possible. I need help with putting the...

Need the following info with explanations as soon as possible. using the attached 10K Prepare a horizontal analysis of your company's Income Statement over the past two years. Calculate the following...

I want to have the individual assignment essay answerddddd For personal use only JB Hi-Fi Limited Annual Report 2013 2013 ANNUAL REPORT jbhifi.com.au CORPORATE INFORMATION ABN 80 093 220 136...

A company has just invested in a fleet of 12 new delivery trucks. They are identical in terms of features, capability, and price. The companies operation involves deliveries to long haul'...

On April 1, 2009, Cortez Co. purchased new machinery for $240,000. The machinery has an estimated useful life of five years, and depreciation is computed by the sum-of-the- years'-digits method. The...

Which of the following cash transfers results in a misstatement of cash at December 3 1 , 2 0 X 7 ? Bank Transfer ScheduleDisbursement recorded in booksDeposit received in booksPaid by bankRecorded...

As an analyst at Delta Air Lines, you are asked to help the operations staff. Operations has identified a new method of loading baggage that is expected to result in a 3 0 percent reduction in labor...

Question What happens to my plan if I die?

Question Since a 501(c)(3) organization can sponsor both Section 401(k) plans and TDA plans, what are the considerations in choosing between the two?

Question Can TDA plans cover independent contractorsfor example, anesthesiologists or radiologists associated with, but not formally employed by, hospitals?