Lab Assessment Questions & Answers
1. What is the purpose of identifying IT assets and inventory?
2. What is the purpose of an asset classification?
3. Why might an organizationâ€™s Web site classification be minor but its e-commerce server be considered critical for your scenario?
4. Why would you classify customer privacy data and intellectual property assets as critical?
5. What are some examples of security controls for recent compliance law requirements?
6. How can a data classification standard help with asset classification?
7. Given the importance of a Master SQL database that houses customer privacy data and intellectual property assets, what security controls and security countermeasures can you apply to help protect these assets?
8. From a legal and liability perspective, what recommendations do you have for ensuring the confidentiality of customer privacy data throughout the Mock IT infrastructure?
9. What can your organization document and implement to help mitigate the risks, threats, and liabilities typically found in an IT infrastructure?
10. True or false: Organizations under recent compliancy laws, such as HIPAA and the Gramm- Leach-Bliley Act (GLBA), are mandated to have documented IT security policies, standards, procedures, and guidelines.
11. Why is it important to identify where privacy data resides throughout your IT infrastructure?