1.What is the purpose of identifying IT assets and inventory?

2.What is the purpose of an asset classification?

3.Why might an organization’s Web site classification be minor but its e-commerce server be

considered critical for your scenario?

4.Why would you classify customer privacy data and intellectual property assets as critical?

5.What are some examples of security controls for recent compliance law requirements?

6.How can a data classification standard help with asset classification?

7.Given the importance of a Master SQL database that houses customer privacy data and

intellectual property assets, what security controls and security countermeasures can you apply to

help protect these assets?

8.From a legal and liability perspective, what recommendations do you have for ensuring the

confidentiality of customer privacy data throughout the Mock IT infrastructure?

9.What can your organization document and implement to help mitigate the risks, threats, and

liabilities typically found in an IT infrastructure?

10.Why is it important to identify where privacy data resides throughout your IT infrastructure?

Note:

Text Book Reference: Grama, Joanna Lyn. Legal Issues in Information Security, 2nd ed. Burlington, MA: Jones & Bartlett

Learning, 2015

Sample Solution

This question has been answered.

Get Answer