In this lab, you defined COBIT P09, you described COBIT P09’s six control objectives, you explained...
In this lab, you defined COBIT P09, you described COBIT P09’s six control objectives, you explained how the threats and vulnerabilities align to the definition for the assessment and management of risks, and you used COBIT P09 to determine the scope of risk management for an IT infrastructure. Lab Assessment Questions & Answers 1. What is COBIT P09’s purpose? 2. Name three of COBIT’s six control objectives. 3. For each of the threats and vulnerabilities from the Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure? 4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk. 17 Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual 5. What is the name of the organization that defined the COBIT P09 Risk Management Framework? 6. Describe three of the COBIT P09 control objectives. 7. Describe three of the COBIT P09.1 IT Risk Management Framework control objectives.
Homework Answers
1.What is COBIT P09’s Purpose?
Answer:
The purpose of COBIT is to provide management and business process owners with an information technology (IT) governance model that helps in delivering value from IT and understanding and managing the risks associated with IT.COBIT helps bridge the gaps amongstbusiness requirements, control needs and technical issues. It is a control model to meet the needs of IT governance and ensure the integrity of information and information systems.
2. Name three of COBIT’s six control objectives
Answer:
a.Plan and Organize
b.Acquire and Implement
c.Monitor and Evaluate
3. For each of the threats and vulnerabilities from the Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure?
Answer:
Denial of service attack- close the ports and change the passwords
Loss of Production Data- Backup the data and restore the data from the most recent known safe point.
Unauthorized access Workstation- Implement a policy where employees have to adjust their passwords every sixty days and that they must set a screen lockout when they step away from their workstation
4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk
Answer:
True
Explanation:
COBIT P09 risk management control objectives focus on assessment and management of IT risk.
5. What is the name of the organization that defined the COBIT P09 Risk Management Framework?
Answer:
Information Systems Audit and Control Association (ISACA)
6. Describe three of the COBIT P09 control objectives
Answer:
The framework documents a common and agreed-upon level of IT risks, mitigation strategies and residual risks.
Any potential impact on the goals of the organization caused by an unplanned events is identified, analyzed andassessed.
Risk mitigation strategies are adopted to minimize residual risk to an accepted level
7. Describe three of the COBIT P09.1 IT Risk Management Framework control objectives.
Answer:
Hazard Management structure control goals would be to first ensure that the dangeradministration is completely presented in the organization technique both inside and externaland that it is always associated. Second to perform hazard appraisals and third to recommend and pass on the danger activityarrangement
Add Answer to:
In this lab, you defined COBIT P09, you described COBIT P09’s
six control objectives, you explained...
Lab Assessment Questions & Answers 1. What is the main advantage of a bootable forensic suite...
Lab Assessment Questions & Answers 1. What is the main advantage of a bootable forensic suite like Helix? 2. Describe five Process Explorer (ProcExp) features that can be used in computer forensics as part of an investigation. 3. Which forensics tool would you use to reveal recent pages viewed via the Internet Explorer browser? 4. How would IECacheView help a forensic investigator? Copyright 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab...
Chapter 10 Lenses Learning Objectives During this lab, you will, use the Law of Sagitta to determ...
Chapter 10 Lenses Learning Objectives During this lab, you will, use the Law of Sagitta to determine the radius of curvature of a lens use the lens equation to determine focal length, . use the lensmaker's formula to determine the index of refraction of a trans- parent material. 10.1 Pre-lab This pre-lab will introduce you to a concept in geometrical optics known as ray tracing. Given an object that emits or reflects light, you can place a lens in the...
just the prelab worksheet, no data yet Lab Six: Fermentation Learning Objectives: • Explain the biochemistry...
just the prelab worksheet, no data yet
Lab Six: Fermentation Learning Objectives: • Explain the biochemistry of fermentation, substrates and products, conditions, and purpose for cells • Describe alcoholic fermentation of yeast, naming reactants and products Perform a pre-designed experiment to measure the rate of yeast fermentation of glucose under two different conditions. Propose hypotheses and make predictions based on them. Design and perform a novel experiment to test additional substrates for yeast fermentation using findings of the pre-designed experiment....
Review the Audit report (found in the 10-K) for the following two companies. Highlight or summarize...
Review the Audit report (found in the 10-K) for the following
two companies. Highlight or summarize
differences between the reports (other than the name of Company,
Audit Firm, Financial statement
period covered).
Note:
1. Each Company may have two audit reports (one opinion on
financial statements and one for
audit of internal controls) or the two opinions may be combined
into one report.
2. You are not required to review the entire 10-K. Find the
audit report in the 10-K...
You and Shawn are now ready to meet with John and AGC’s investor group. Shawn calls...
You and Shawn are now ready to meet with John and AGC’s investor group. Shawn calls to check in with you about the executive report. You need to add one more section of information that will help ensure that AGC remains proactive and competitive in a quickly changing global environment. You have enjoyed working with Shawn on the change management project and know that you will soon have fond memories of helping AGC be more aware of the value of...
Please read the article and answer about questions. You and the Law Business and law are...
Please read the article and answer about questions. You and the Law Business and law are inseparable. For B-Money, the two predictably merged when he was negotiat- ing a deal for his tracks. At other times, the merger is unpredictable, like when your business faces an unexpected auto accident, product recall, or government regulation change. In either type of situation, when business owners know the law, they can better protect themselves and sometimes even avoid the problems completely. This chapter...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
Subject: HRM Introduction and Instructions You have recently been hired as the Director of Human Resources...
Subject: HRM
Introduction and Instructions
You have recently been hired as the Director of Human Resources
for Wilson Brothers Canada and have HR responsibility for all of
the company’s Canadian operations. Bob and John Wilson have asked
you to prepare a report for their review focusing specifically on
organizational behavior within the company. Review the Wilson
Brothers Case Scenario in depth and address the required topic
listed below in your analysis report. Marks are allocated for
thoroughness of coverage of...
I need help with my very last assignment of this term PLEASE!!, and here are the instructions: After reading Chapter T...
I need help with my very last assignment of this term
PLEASE!!, and here are the instructions: After reading Chapter Two,
“Keys to Successful IT Governance,” from Roger Kroft and Guy
Scalzi’s book entitled, IT Governance in Hospitals and Health
Systems, please refer to the following assignment instructions
below.
This chapter consists of interviews with executives
identifying mistakes that are made when governing healthcare
information technology (IT). The chapter is broken down into
subheadings listing areas of importance to understand...
How can we assess whether a project is a success or a failure? This case presents...
How can we assess whether a project is a success or a
failure?
This case presents two phases of a large business transformation project involving the implementation of an ERP system with the aim of creating an integrated company. The case illustrates some of the challenges associated with integration. It also presents the obstacles facing companies that undertake projects involving large information technology projects. Bombardier and Its Environment Joseph-Armand Bombardier was 15 years old when he built his first snowmobile...
Lab Assessment Questions & Answers 1. What is the main advantage of a bootable forensic suite like Helix? 2. Describe five Process Explorer (ProcExp) features that can be used in computer forensics as part of an investigation. 3. Which forensics tool would you use to reveal recent pages viewed via the Internet Explorer browser? 4. How would IECacheView help a forensic investigator? Copyright 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab...
Chapter 10 Lenses Learning Objectives During this lab, you will, use the Law of Sagitta to determine the radius of curvature of a lens use the lens equation to determine focal length, . use the lensmaker's formula to determine the index of refraction of a trans- parent material. 10.1 Pre-lab This pre-lab will introduce you to a concept in geometrical optics known as ray tracing. Given an object that emits or reflects light, you can place a lens in the...
just the prelab worksheet, no data yet
Lab Six: Fermentation Learning Objectives: • Explain the biochemistry of fermentation, substrates and products, conditions, and purpose for cells • Describe alcoholic fermentation of yeast, naming reactants and products Perform a pre-designed experiment to measure the rate of yeast fermentation of glucose under two different conditions. Propose hypotheses and make predictions based on them. Design and perform a novel experiment to test additional substrates for yeast fermentation using findings of the pre-designed experiment....
Review the Audit report (found in the 10-K) for the following
two companies. Highlight or summarize
differences between the reports (other than the name of Company,
Audit Firm, Financial statement
period covered).
Note:
1. Each Company may have two audit reports (one opinion on
financial statements and one for
audit of internal controls) or the two opinions may be combined
into one report.
2. You are not required to review the entire 10-K. Find the
audit report in the 10-K...
Subject: HRM
Introduction and Instructions
You have recently been hired as the Director of Human Resources
for Wilson Brothers Canada and have HR responsibility for all of
the company’s Canadian operations. Bob and John Wilson have asked
you to prepare a report for their review focusing specifically on
organizational behavior within the company. Review the Wilson
Brothers Case Scenario in depth and address the required topic
listed below in your analysis report. Marks are allocated for
thoroughness of coverage of...
I need help with my very last assignment of this term
PLEASE!!, and here are the instructions: After reading Chapter Two,
“Keys to Successful IT Governance,” from Roger Kroft and Guy
Scalzi’s book entitled, IT Governance in Hospitals and Health
Systems, please refer to the following assignment instructions
below.
This chapter consists of interviews with executives
identifying mistakes that are made when governing healthcare
information technology (IT). The chapter is broken down into
subheadings listing areas of importance to understand...
How can we assess whether a project is a success or a
failure?
This case presents two phases of a large business transformation project involving the implementation of an ERP system with the aim of creating an integrated company. The case illustrates some of the challenges associated with integration. It also presents the obstacles facing companies that undertake projects involving large information technology projects. Bombardier and Its Environment Joseph-Armand Bombardier was 15 years old when he built his first snowmobile...
Most questions answered within 3 hours.
-
Discuss the pros and cons of immigration for the Canadian labour
force and for the economy...
asked 49 seconds ago -
Q6: Subnet the Class C IP Address 195.1.1.0 So that you
have 10 subnets each with...
asked 2 minutes ago -
You own a bond portfolio and decide to hedge using futures on 10
year Treasury notes....
asked 3 minutes ago -
A flea is able to jump straight up about 0.58 m. It has been
said that...
asked 7 minutes ago -
For a digital communication system,
(i) if the energy per bit is 12 dB and the...
asked 14 minutes ago -
Questions 5 – 7 use the following setup.
Summit Systems will pay a dividend of $1.50...
asked 13 minutes ago -
Annuities are used to: a. Provide cash management services to
small businesses. b. To provide tax...
asked 21 minutes ago -
I need help with my accounting questions and was wondering if
you could help me?
1....
asked 17 minutes ago -
A monetary advantage foregone due to limited resources is known
as:
A. Standard Cost
B. Life...
asked 21 minutes ago -
Is Indirect Labor part of Fixed Overhead
Costs?
I have to calculate the Overhead Allocation Rate...
asked 23 minutes ago -
This assignment is mainly to practice Selection programming
structure. That is IF ... THEN ... ELSE...
asked 23 minutes ago -
MOMENTUM
What's the difference between
m1v2 =
m1v2 &
m1v1 + m2v2
= m1v1' +
m2v2'...
asked 43 minutes ago