- There are many different threats to the confidentiality, integrity, and availability of data-at-rest. Some threats affect one of these security risks (like confidentiality only), and some threats affect more than one or even all of these risks.
Create a 1-page table in Microsoft® Word or Excel® listing a minimum of five threats using the column headers Threat to Data-at-Rest, Confidentiality/Integrity/Availability, and Suggestion on Countering the Threat.
In the Confidentiality/Integrity/Availability column, identify whether each of the following are affected:
- Some or all of the three (Confidentiality, Integrity, and/or Availability)
Include suggestions on how to counter each threat listed.
Place your list in the 3 columns of a table in a Microsoft® Word or Excel® document.
- You have been hired as a security specialist by a company to provide methods and recommendations to create a more secure environment for company data.
Write a 1- to 2-page recommendation paper outlining methods the company should consider to protect access to data, including recommendations for policies to be enacted that will increase data security.
Risk Management Framework and CIA
- In Ch. 1, “Introduction to Information Security,” of Elementary Information Security, you read about National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and how it expands on the CIA concepts.
Assume that a security model is needed for the protection of information in your class.
In a 1/2- to 1-page paper, describe the RMF and how it relates to the CIA concepts and expands on them. Explain how this framework is used to address the need to protect information in your class.