a. Apply the following data to evaluate the time-based model of security for the XYZ Company. Does the XYZ Company satisfy the requirements of the time-based model of security? Why?
• Estimated time for attacker to successfully penetrate system = 25 minutes
• Estimated time to detect an attack in progress and notify appropriate information security staff = 5 minutes (best case) to 10 minutes (worst case)
• Estimated time to implement corrective actions = 6 minutes (best case) to 20 minutes (worst case)
b. Which of the following security investments do you recommend? Why?
1. Invest $50,000 to increase the estimated time to penetrate the system by 4 minutes
2. Invest $50,000 to reduce the time to detect an attack to between 2 minutes (best case) and 6 minutes (worst case)
3. Invest $50,000 to reduce the time required to implement corrective actions to between 4 minutes (best case) and 14 minutes (worst case)
We need at least 10 more requests to produce the solution.
0 / 10 have requested this problem solution
The more requests, the faster the answer.