Description of this paper

Are the eight FISMA requirements a good model for business information security programs




1. Why do you think SRA has chosen to focus its efforts on federal government departments and agencies within the national security market? Explain why this has been a good strategy for SRA.;2. What is open source intelligence? What is the relationship between open source intelligence, national security, and text and data mining software? Why should businesses be concerned about open source intelligence?;3. What are critical infrastructures? List the U.S. critical infrastructure sectors and provide examples of each.;4. Why is improved interoperability between federal agency systems necessary for national security purposes?;5. FISMA replaced the Government Information Security Reform Act (GISRA). Provide an overview of GISRA. Do you think that there are significant differences between FISMA and GISRA?;6.Are the eight FISMA requirements a good model for business information security programs? Explain your answer.;7. In spite of FISMA's mandate to strengthen information security within the federal government, many federal agencies receive low grades on the Federal Computer Security Report Card because of the weaknesses in their information systems and information security programs. Explain why this has happened.;8. What are the differences, in terms of legal regulations and guidance for compliance, between the federal government and industry in managing the security of information and information systems?;9. Compare the classes and families of the minimum security control requirements, shown in Table 5-5, to the classes and control objectives of ASSERT's assessment questions, shown in Table 5-6. How do you explain the discrepancies?;10. Explain how ASSERT's questions could be used by a business to better control its IT systems and to mitigate its security risks.


Paper#19568 | Written in 18-Jul-2015

Price : $57