answer this question based on The Security Risk Assessment Handbook by DOUGLAS J$.$ LANDOLL $.$ Exercises

Discuss the implementation of Basic Security Design Principles $($Section $(7\mathrm{.}2\mathrm{.}1\mathrm{.}3\mathrm{.}2)$ with respect to the following topics:

a$.$ Cloud computing

b$.$ Virtual machines

c$.$ Outsourcing code development

d$.$ Outsourcing Web hosting

Based on current capabilities, what are the reasonable minimums for encryption key strength for each of the following encryption techniques $($include sources of information$)?$

a$.$ Hashing

b$.$ Symmetric encryption

c$.$ Asymmetric encryption

How would the principle of "Assume those untrusted will seek to do harm" apply in a system connection between business partner organizations?

Which of the following can be considered a secure protocol?

a$.$ Telnet

b$.$ HTTPS

c$.$ TFPT

d$.$ BIOS

e$.$ WPA$2$

f$.$ CHAP

g$.$ SSH

Explain the difference between a vulnerability scan based on TCP and a vulnerability scan based on UDP.

How could the RIIOT data$-$gathering method be used to specify the scope and rigor of a technical security risk assessment?