+1443 776-2705 panelessays@gmail.com

 Section 5: Controlling Risk

  • Given the following categories or areas where risk exists, and then the 3 assets for each, describe how you will test for associated risk:
    • Administrative
      • Human resources: Hiring and termination practices
      • Organizational structure: A formal security program
      • Security policies: Accurate, updated, and known or used
    • Technical
      • Access control: Least privileged
      • System architecture: Separated network segments
      • System configurations: Default configurations
    • Physical
      • Heating and air conditioning: Proper cooling and humidity
      • Fire: Fire suppression
      • Flood: Data center location