RM
- What are the definitions of a (security) risk assessment in the textbook and in Appendix B of NIST SP 800-53a? Which definition do you prefer? Why?
- What is a security control? Give three examples of a security control, one each for a physical control, a technical control, and an administrative (people) control.
- List the primary benefits of a security risk assessment. Which one do you think is the most important? Why?
- If security spending is not based on a security risk assessment, how are spending priorities typically determined?
- Why are security controls assessed?
- How do the guidelines provided in NIST SP 800-53A help achieve more secure information systems?
7 years ago 8
Answer(1)
Purchase the answer to view it
- Hi.docx
- Aak_0801_Review_08-01-20190.docx
other Questions(10)