Explain two practical guidelines to follow in risk treatment strategy selection.
What will be an ideal response?
- When a vulnerability (flaw or weakness) exists: Implement security controls to reduce the likelihood of a vulnerability being exploited.- When a vulnerability can be exploited: Apply layered protections, architectural designs, and administrative controls to minimize the risk or prevent the occurrence of an attack.- When the attacker's potential gain is greater than the costs of attack: Apply protections to increase the attacker's cost or reduce the attacker's gain by using technical or managerial controls.- When the potential loss is substantial: Apply design principles, architectural designs, and technical and non-technical protections to limit the extent of the attack, thereby reducing the potential for loss.
You might also like to view...
The __________ payload contains either error or status information associated with this SA or this SA negotiation.
A) Encrypted B) Notify C) Configuration D) Nonce
The Turing test is used to determine if a machine exhibits behavior indistinguishable from __________.
A. another machine B. a human C. an insect D. a rodent
Consider the graph G shown in Figure 2.47 (reproduced in this document as Figure 2.5). Answer the following.
Storing data in a list box whose ________ property is set to True is an easy way to organize the data contained in a sequential access file.
A. Alpha B. Grouped C. Sorted D. Ordered