Case Studies with Questions and Answers
Chapter 02: Vulnerability and Threat Identification
You are a security specialist who is called into the office of your boss who is the Chief Security Officer (CSO) for the company. The CSO says that as part of developing a corporate security assets protection program a risk management program is to be developed.
The CSO goes on to say that the program must begin with an established baseline, and that the best way to do that is to begin with a checklist to be used in conducting a security survey that indicates the current status of assets protection within the company. You are asked to develop that checklist.