Information system security

Attached file. No plagiarism please and follow the instruction.

Cybersecurity information system

WEEK 1 ESSAY QUESTIONS

Instructions: Answer all questions in a single document. Then submit to the appropriate assignment folder. Each response to a single essay question should be about a half-page in length (about 150 words).

1. In this week’s readings, you learned about two methods of risk analysis: quantitative assessment and qualitative assessment. Explain the steps taken to assess a risk from a quantitative perspective where monetary and numeric values are assigned and discuss the formulas used to quantify risk. Then, explain the methods used to assess risk from a qualitative perspective where intangible values are evaluated such as the seriousness of the risk or ramifications to the reputation of the company.

2. Domain 1 introduced numerous security terms that are used in assessing risk. Please define the terms vulnerability, threat, threat agent, risk, exposure and control. Then, describe the three different control types and give examples for each.

3. After you’ve conducted your risk assessment and determined the amount of total and residual risk, you must decide how to handle it. Describe the four basic ways of handling risk.