Computers and Technology, 15.04.2020 20:11 zitterkoph
After the productive team meeting, Fullsoft’s chief technology officer (CTO) wants further analysis performed and a high-level plan created to mitigate future risks, threats, and vulnerabilities. As part of this request, you and your team members will create a plan for performing a gap analysis, and then research and select an appropriate risk assessment methodology to be used for future reviews of the Fullsoft IT environment.
An IT gap analysis may be a formal investigation or an informal survey of an organization's overall IT security. The first step of a gap analysis is to compose clear objectives and goals concerning an organization's IT security. For each objective or goal, the person performing the analysis must gather information about the environment, determine the present status, and identify what must be changed to achieve goals. The analysis most often reveals gaps in security between "where you are" and "where you want to be."
Two popular risk assessment methodologies are NIST SP 800-30 revision 1, Guide for Conducting Risk Assessments, and Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE). Your focus will be on the OCTAVE Allegro version, which is a more concise version of OCTAVE. When reviewing the methodologies, consider the following:
Which features or factors of each methodology are most important and relevant to Fullsoft?
Which methodology is easier to follow?
Which methodology appears to require fewer resources, such as time and staff, but still provides for a thorough assessment?
Tasks
Create a high-level plan to perform a gap analysis.
Review the following two risk assessment methodologies:
NIST SP 800-30 rev. 1, Guide for Conducting Risk Assessments (formerly titled " Risk Management Guide for Information Technology Systems")
Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), Allegro version
Create a report that includes the gap analysis plan, a brief description of each risk assessment methodology, a recommendation for which methodology Fullsoft should follow, and justification for your choice.
Answers: 2
Another question on Computers and Technology
Computers and Technology, 23.06.2019 08:00
Michael has written an e-mail to his employees that describes a new product special that will be introduced to the customers next week. by taking time to make sure the e-mail is well written, logical, and organized, michael has made sure his message has the characteristics of a) effective communicationb) ineffective communicationc) barriers to communicationd) workplace communication
Answers: 2
Computers and Technology, 23.06.2019 08:00
Which argument is not a valid filter? does not equal this quarter filter by cell color all of these are valid filter arguments.
Answers: 2
Computers and Technology, 24.06.2019 07:20
Ingrid started speaking about her slide presentation. when she clicked to th"third slide, which had just a picture of an elephant, she forgot what she wassupposed to talk about. what could ingrid do to avoid this situation in thefuture? oa. print handouts for her audience.ob. add presenter's notes to each slide.oc. add a video to each slide.od. save her slide presentation to a flash drive
Answers: 2
Computers and Technology, 24.06.2019 11:00
Which of the statements below describe the guidelines for the use of text in presentation programs? a. do not use numbered lists. b. fonts should be appropriate for your audience. c. limit the number of fonts you use to three or four. d. only use bulleted lists for sales promotions. e. select font sizes that are appropriate for your delivery method. f. use font colors that work well with your background. select all that apply
Answers: 1
You know the right answer?
After the productive team meeting, Fullsoft’s chief technology officer (CTO) wants further analysis...
Questions
Spanish, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
Physics, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
English, 18.10.2021 08:10
Advanced Placement (AP), 18.10.2021 08:10
History, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
Mathematics, 18.10.2021 08:10
