1. This chapter’s opening scenario illustrates a specific type of incident/disaster. Using a Web browser, search for information related to preparing an organization against terrorist attacks. Look up information on (a) anthrax or another biological attack (like smallpox), (b) sarin or another toxic gas, (c) low-level radiological contamination attacks.
2. Using a Web browser, search for available commercial applications that use various forms of RAID technologies, such as RAID 0 through RAID 5. What is the most common implementation? What is the most expensive?
1. Using a Web browser, identify at least five sources you would want to use when training a CSIRT.
2. Using a Web browser, visit http://www.mitre.org. What information is provided there, and how would it be useful?
3. Using a Web browser, visit http://www.securityfocus.com. What is Bugtraq, and how would it be useful? What additional information is provided under the Vulnerabilities tab?
Search the Internet for IT governance planning. Select a specific governance plan that exists at a company or a plan framework from an organization. Write a 2-page paper on three or four of the most important suggestions from the plan you select.
You must provide a reference to the site where you found the governance plan, in APA format.
Which of the following is NOT characteristic of IT-enabled value?
IT value is both tangible and intangible.
IT value is not variable across organizations.
A single IT investment can have a diverse value proposition.
Different IT investments have different objectives, value propositions, and value assessment techniques.
At the end of 2006, a new edition of the Federal Rules of Civil Procedure (FRCP) went
into effect. Using a web search tool, learn more about the FRCP. What likely effect will its
emphasis on electronically stored information (ESI) have on an organization’s need for a digital
Identify what you consider is the best data visualization and what you think is a bad visualization on the web discuss why you think so. Provide URLs to the visualizations .Also discuss your classmates posting and your opinion on their choice.
- Why is educating users of information systems about security particularly difficult?
- What are some of the problems with using traditional educational approaches when teaching information security?