Instructions:

Responses to each question are expected to be between 100 and 200 words. Will not be penalized for exceeding 200 words, but they should strive to reach a minimum of 100 words when constructing the response for each question.

Questions:

1. What are the three components of the CIA triangle? Describe what they are used for and provide examples of threats that could impact each component.

2. Why do employees constitute one of the greatest threats to information security? How can organizations mitigate the threats presented by employees?

3. What is access control? Describe the four mechanisms upon which all access control approaches rely on and provide examples of each one.

4. In order to properly convey the importance of security and justify the need to establish controls to upper management it is important to clearly understand the following terms; threat, threat agent, vulnerability, and exposure. Describe the difference between a threat and a threat agent, as well as the difference between a vulnerability and exposure.

5. Firewalls are a critical technical control that both enterprise and personal security programs rely heavily upon. What is a firewall? Identify and describe the differences between the three types of packet filtering firewalls.