Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

select three different areas in the narrative of the topic and provide a fictiti

ID: 3812322 • Letter: S

Question

select three different areas in the narrative of the topic and provide a fictitious example of that application. For example, if you selected this: “Any, or a combination, of the following techniques can be used in gathering information relevant to the IT system within its operational boundary: • Questionnaire. To collect relevant information, risk assessment personnel can develop a questionnaire concerning the management and operational controls planned or used for the IT system. This questionnaire should be distributed to the applicable technical and nontechnical management personnel who are designing or supporting the IT system. The questionnaire could also be used during on-site visits and interviews.“ You might develop a questionnaire for use in your fictional IT consulting firm here you are assessing the knowledge of senior IT management in the firm you are assessing, ABC Consulting

Explanation / Answer

1.On-Site Interview:These visits allows the risks assessment personnel to gather information about environmental,physical and operational security of the IT systems.How the operation and management of the system is done,such types of questions can be answered from the interviews with IT system support. For the systems included in the designing phase,on site visits are the face to face data gathering exercises which provide the opportunity to evaluate that physical environment in which the IT system is operating.

For example the questions which can be asked during interviews with site personnel to gather the information of operational characteristics of an organization includes:

what incoming and outgoing information is required by the organization?

who are the valid users? etc.

2. making use of automated scanning tools:proactive technical methods can be used for information gathering efficiently.

For example the network mapping tool which can be used to check the services which are running among the large group of hosts and it can provide a quick way of building individual profiles of the target IT systems.

3.Review of the document:system documentation and documentation related to security and the policy documents can provide a good information about the security controls used by and planned for the IT system. An organization's asset criticality assessment provide information regarding system and sensitivity and criticality of the data.

for example system user guide,previous audit report,system security plans, security policies etc.

Related Questions

select the correct sequence of steps as energy is extracted from glucose during
Question #312587
select the instruments that are appropriate to mobilize the ureter from its conn
Question #3517415
select the letter that contains the word, phrase, name, etc that best matches th
Question #1139539
select the molecules shown above that are planar. in this case, planar implies t
Question #561257
select the ones that correspond to a system in thermal equilibrium a) A metal ro
Question #1511720
select the statement that correctly represents the relationship among endocrine
Question #163034
select the statement(s) that are true about the chemical safety and handling of
Question #910826
select the statement(s) that are true about the chemical safety and handling of
Question #910830

Navigate

Previous
select three (3) of the following items of performance and prepare an instructio
Next
select three interfaces, and consider how the teamwork application could be rede