For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively
For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers.
a. An organization managing public information on its Web server.
b. A law enforcement organization managing extremely sensitive investigation information.
c. A financial organization managing routine administrative information (not privacy-related information).
d. An information system used for large acquisitions in a contracting organization contains both sensitive, pre-solicitation phase contract information and routine administration information. Assess the impact for the two data sets separately and the information as a whole.
e. A power plant contains a SCADA (supervisory control and data acquisition) system controlling the distribution of electric power for a large military installation.The SCADA system contains both real-time sensor data and routine administrative information. Assess the impact for the two data sets separately and the information system as a whole.
Homework Answers
a.
Organization managing public information on its web server:
Confidentiality:
Web server contains the public information. So everyone can access that information.
So there is no confidentiality is provided.
So impact of confidentiality level is low
Integrity:
Server maintains public information. So there may be anyone can modify that is either authorized user or intruder.
So impact of integrity level is moderate.
Availability:
Loss of information is not a biggest issue in this server.
So impact of availability level is moderate.
b.
Confidentiality:
Web server contains the sensitive information. If any of data loss is occurred then it gives high loss.
So impact of the confidentiality level is high.
Integrity:
Server maintains private information. If any modifications occurred it gives huge loss
So impact of integrity level is high.
Availability:
Information is only available to organization that is stored at a single location.
So impact of availability level is high.
c.
Organization managing public information on its web server:
Confidentiality:
Web server contains only routine information not privacy related information. So everyone can access that information.
So there is no confidentiality is provided.
So impact of confidentiality level is low
Integrity:
Server maintains routine information. If data loss is occured , it is not a big issue.
So impact of integrity level is low.
Availability:
Loss of information is not a biggest issue in this server.
So impact of availability level is low.
d.
Security contact information:
Confidentiality:
Web server contains private information that is pre solicitation phase contract information only.
So impact of confidentiality level is low
Integrity:
Loss data is not a huge problem.
Therefore impact of integrity level is moderate.
Availability:
Loss of availability is not a huge.
Therefore impact of availability level is low
Routine administrative information:
Confidentiality:
Web server does not contain private information.
So impact of confidentiality level is low
Integrity:
Loss data is not a huge problem.
Therefore impact of integrity level is low.
Availability:
Loss of availability is not a huge.
Therefore impact of availability level is low.
e.
Real time sensor information:
Confidentiality:
Web server maintains real time information. So loss of confidentiality is not a big problem.
So impact of confidentiality level is low
Integrity:
Web server provides exact data is necessary. So there is no modification allowed
Therefore impact of integrity level is high.
Availability:
Data availability is required at any time.
Therefore impact of availability level is high.
Routine administrative information:
Confidentiality:
Web server does not contain private information.
So impact of confidentiality level is low
Integrity:
Loss data is not a huge problem.
Therefore impact of integrity level is low
Availability:
Loss of availability is not a huge.
Therefore impact of availability level is low.
Add Answer to:
For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively
For each of the following assets, assign a low, moderate, or high impact level for the...
For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers An organization managing public information on its Web Server. A law enforcement organization managing extremely sensitive investigation information. A financial organization managing routine administrative information (not privacy-related information). An information system used for large acquisitions in a contracting organization contains both sensitive, pre-solicitation phase contract information and routine administrative information. Assess the impact for...
How can we assess whether a project is a success or a failure? This case presents...
How can we assess whether a project is a success or a
failure?
This case presents two phases of a large business transformation project involving the implementation of an ERP system with the aim of creating an integrated company. The case illustrates some of the challenges associated with integration. It also presents the obstacles facing companies that undertake projects involving large information technology projects. Bombardier and Its Environment Joseph-Armand Bombardier was 15 years old when he built his first snowmobile...
First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below...
First, read the article on "The Delphi Method for Graduate Research." ------ Article is posted below Include each of the following in your answer (if applicable – explain in a paragraph) Research problem: what do you want to solve using Delphi? Sample: who will participate and why? (answer in 5 -10 sentences) Round one questionnaire: include 5 hypothetical questions you would like to ask Discuss: what are possible outcomes of the findings from your study? Hint: this is the conclusion....
How can we assess whether a project is a success or a
failure?
This case presents two phases of a large business transformation project involving the implementation of an ERP system with the aim of creating an integrated company. The case illustrates some of the challenges associated with integration. It also presents the obstacles facing companies that undertake projects involving large information technology projects. Bombardier and Its Environment Joseph-Armand Bombardier was 15 years old when he built his first snowmobile...
Most questions answered within 3 hours.
-
Problem 2: The Problem of Social Cost. A Rancher and Farmer live
side-by-side to each other....
asked 53 minutes ago -
a uniform bar of weight 40N is 4 meter long. weights
on 60N and 100N are...
asked 22 minutes ago -
Define Diet counceling? What are the
responsibilities of a counselor?
asked 2 hours ago -
Hey im just confused about how to put the ' A angle n' and ' S...
asked 2 hours ago -
A short essay about the WSJ article on Oreo versus Hydrox.
asked 2 hours ago -
##8. A program contains the following function definition:
##def cube(num):
##return num * num * num...
asked 2 hours ago -
find the value z of a standard Normal variable that satisfies
each of the given conditions....
asked 2 hours ago -
"banana".find('z')
Out[22]: -1
why is this -1
python 3.7
asked 2 hours ago -
Ilegal Consideration Marna Balin was involved in two automobile
accidents in which she suffered severe injures.She...
asked 2 hours ago -
Walk through the operation of QuickSort when n = 7 and the input
array is A...
asked 2 hours ago -
Answer with True or False. Argue the answers
7) The circulation of field B on any...
asked 2 hours ago -
Chase Co. uses the perpetual inventory method. The inventory
records for Chase reflected the following
Jan...
asked 2 hours ago