Homework 02

Objective: Answer each question

Questions

1. Explain the security implications of hiring a new employee.

2. Please give examples of risks on onboarding and offboarding employees?

3. What is the principle of least privilege?

4. What is employee oversight?

5. Why are mandatory vacations needed?

6. Explain UBA/UEBA.

7. Explain employee transfers.

8. What is a termination policy?

9. What is risk management?

10. What is risk analysis?

11. How would you evaluate threats?

12. Please explain the difference between qualitative risk analysis and quantitative risk analysis.

13. What is SLE and how would you calculate it?

14. What is ALE and how would you calculate it?

15. What is the formula for safeguard evaluation?

16. What are the options for handling risk?

17. What is an SCA?

18. Explain security monitoring and measurement.

19. What is a risk report?

20. What is RMM?

21. What is the security risk from legacy systems?

22. What is social engineering and can you give three examples?

23. How would you implement security awareness training and education?

24. Why do we need periodic content reviews and effectiveness for security training?