Part 1: Review Questions
- What is a security model?
- What are the essential processes of access control?
- Identify at least two different approaches used to categorize access control methodologies. List the types of controls found in each.
- What is COBIT? Who is its sponsor? What does it accomplish?
- What is the standard of due care? How does it relate to due diligence?
- What is baselining? How does it differ from benchmarking?
Make a list of at least ten information security metrics that could be collected for a small internet commerce company with 10 employees. For this senario, the company uses an outside vendor for packaging and distribution. Whom should the metrics be reported?
No comments:
Post a Comment