Basic information security principles

Your firm “Technology Commandos Inc. (TCI)” is a new progressive training and
consulting firm that has been hired by the US Department of Defense to conduct a new
federal in-service training requirement for the DoD technology personnel, as part of a
federal information security team mandate.
Your supervisor has tasked you to develop a14 slide PowerPoint presentation, (it is okay to
go over) dedicated to in-service training for New Information Management Team members
that that will help these new IT Team members understand some basic security
principles that help hardened and secure their infrastructure.
Specific Training Tasks
• Describe the CNSS security model
• Describe the difference between a threat of vulnerability and exploit
• List five different types of hackers and how they will attempt to infiltrate the company.
• List five different types of malware and their countermeasures
• Explain five of 10 Commandments of computer ethics and explain why each is important
to understand in terms of harm to individuals or organizations.
• Describe the differences between risk identification, risk assessment and risk control.
• Describe five categories of risk management components and explain why they are
important in terms of risk management identification.
• Describe residual risk give an example.
• Explain risk control, elaborate on how a team can determining which risk control options
are cost effective for the organization.
• Name three risk controls and explain why they might be important to understand.
• Highlight the need for database security.
• Describe a relational database
• Describe different database cyber-attacks and their countermeasures.
• Describe database access control methods.
• Describe cloud security as a service.
• Describe cloud computing and some of the risk associated including countermeasures

Sample Solution