April 2000 QUESTION 5 Total Marks: 15 Marks |
Click here to access other
questions
Click to access |
|
(a) Your senior management hold the view that network security is a waste of time and money, and is merely a distraction from the main aim of your organization. How would you go about persuading them otherwise? [4 marks] (b) What is the purpose of sensitivity assessment in network risk analysis, and what information is needed for this process? [3 marks] (c) One aspect of the economic assessment phase of network risk analysis is computing residual risk. (i) What is residual risk? [1 mark] (ii) What information is needed to compute the residual risk? [2 marks] (iii) Complete the following table for computing residual risk. (Don’t forget to include row and column headings.)
[2 marks] (d) Identify three benefits of including security design activities in the system design process. [3 marks] |
|||||||||||||||||||||