Mitigate risks in an information security management system, Computer Network Security

Assignment Help:

Question:

(a) What are the various options to mitigate risks in an Information Security Management System (ISMS)? For each option specify an instance where it can be used.

(b) Explain what is meant by ‘clear desk and clear screen policy' and how is compliance verified. Mention the control and clause number in ISO 27001:2005.

(c) Explain briefly the vulnerability exploited by the following access control threats and their possible countermeasures (i) Buffer Overflow and (ii) Botnets.

(d) Explain what is meant by Type I error, Type II error and the cross over error rate for a biometric system. What is considered the most important error for a biometric access control system?

(e) Explain the difference between a signature based IDS and a statistical anomaly IDS.


Related Discussions:- Mitigate risks in an information security management system

Base lining-information security, Base lining •    Organizations do not ...

Base lining •    Organizations do not have any contact to each other •    No two organizations are identical to each other •    The best practices are a moving target •    K

Corresponding access control matrix, Consider a computer system with three ...

Consider a computer system with three users: Alice, Bob and Cindy. Alice owns the file alicerc, and Bob and Cindy can read it. Cindy can read and write the file bobrc, which Bob ow

Explain authentication process in a synchronous token system, Question: ...

Question: (a) Explain briefly the PCI Control Objectives which enterprises must meet to be compliant with the Payment Card Industry Data Security Standard (PCI DSS). Specify a

Evaluations, Evaluations, Assessment, and Maintenance of Risk Controls W...

Evaluations, Assessment, and Maintenance of Risk Controls When the control strategy has been implemented, it should be monitored and measured on an ongoing basis to determine ef

Hardware, Hardware, Software, and Network Asset Identification What info...

Hardware, Software, and Network Asset Identification What information attributes to track is dependent on: •    Requires of organization/risk management efforts •    Management

Security goals, what is relation ship between computer security goals?

what is relation ship between computer security goals?

Issue-specific security policy (issp), Issue-Specific Security Policy (ISSP...

Issue-Specific Security Policy (ISSP) The ISSP addresses specific areas of technology, needs frequent updates and having statement on organization’s position on a particular iss

Ip datagrams, on LAN,where are IP datagrams transported?

on LAN,where are IP datagrams transported?

Secure routing protocols for wireless sensor networks, Q. Secure routing Pr...

Q. Secure routing Protocols for Wireless Sensor Networks? A secure routing information protocol enables effective implementation of authentication and integrity checking defens

Network security attacks, (a) Show four Network Security attacks. How do th...

(a) Show four Network Security attacks. How do they compromise security? (b) In what ways do the following devices or services contribute to security: (i) Firewall (ii) In

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd