Part 1: Review Questions
- What is a security model?
- What are the essential processes of access control?
- Identify at least two different approaches used to categorize access control methodologies. List the types of controls found in each.
- What is COBIT? Who is its sponsor? What does it accomplish?
- What is the standard of due care? How does it relate to due diligence?
- What is baselining? How does it differ from benchmarking?
Part 2: Module Practice
Make a list of at least ten information security metrics that could be collected for a small internet commerce company with 10 employees. For this scenario, the company uses an outside vendor for packaging and distribution. Whom should the metrics be reported?
The Module Review activity is a graded assignment. Use th