a. Read the iPremier case and read the definitions and examples of countermeasure categories in the class handout on Page 35 (Access Control, Human Resource Control, Operational Control, Communications Control, Application Control, Incidence Control, and Compliance Control). Explain briefly how each of these countermeasure categories would have made iPremier less vulnerable to information security attacks? Is there anything else you recommend that they should do to mitigate information security risks? b. In class, one of the vulnerability disclosure methods we discussed was market disclosure where the security professional discloses a vulnerability to vulnerability markets that buy the vulnerability from the security professional, protect their own subscribers by including a signature of the vulnerability in intrusion detection systems, inform the vendor, and do public disclosure after a relatively long time (see class handout). What are the advantages and disadvantages of market disclosure? c. Consider the 7 Fair Information Practices described in the class handout (Page 41). Google wants to see if they can use the framework as the basis of their approach to consumer privacy. As you know, Googles primary revenue comes from targeted advertising and sponsored search. For each of the 7