Professional Documents
Culture Documents
Lab 02 - Risk Management Controls
Lab 02 - Risk Management Controls
Lab 02 - Risk Management Controls
1
Risk Management 2021-22
i. Information
ii. Application
iii. Infrastructure
iv. People
b. Threat or Vulnerability #2:
i. Information
ii. Application
iii. Infrastructure
iv. People
c. Threat or Vulnerability #3:
i. Information
ii. Application
iii. Infrastructure
iv. People
d. Threat or Vulnerability #4:
i. Information
ii. Application
iii. Infrastructure
iv. People
e. Threat or Vulnerability #5:
i. Information
ii. Application
iii. Infrastructure
iv. People
Questions
1. Why is it important to address each identified threat or vulnerability from C-I-A
perspective?
2. How can a data classification standard help one to access the risk impact on
“information” assets?
3. How can one communicate to the end-user community that a security threat or
vulnerability has been identified? How can one prioritize risk remediation tasks?
4. Highlight the difference between effectiveness vs efficiency when assessing risk
and risk management?
Conclusion: [Kindly write down your conclusion regarding this tutorial]