Risk Assessment and Security Controls Assignment

Risk Assessment and Security Controls - Assignment Example 4. Incident response management – management oversight, plans, defined roles to quickly discover an attack and effectively containing the damage and remove the attackers' presence, and restore the integrity of the network and system (www.sans.org, nd.) Boundary defence – detect/prevent/correct flow of data transfer in the network by establishing different trust levels. Application software security – all acquired software must be managed to prevent, detect and correct security weakness (sans.org c, nd). Malware defence – control the spread of malicious code at multiple points. This would include the rapid update of malware defence, data gathering and corrective action (sans.org b, nd). Data protection – must have tools that will prevent data exfiltration to preserve the integrity of critical data. Data recovery capability – the system must properly back up critical data and must have the capability to recover it in the event of the attack and /or loss. 10. Continuous vulnerability assessment and remediation - - continuous evaluation of new information to identify vulnerabilities that would minimize if not totally eliminate opportunities for attackers.     Ã‚