managing data security and forming the csirt

Two pages, double spaced, no cover page needed.

First Part of Assignment

Please respond to one of the following:

  • Imagine you are part of a security policy development team. Compose four policies that could prevent threats to the information assets of an organization. Select one policy you believe would be the best policy for strengthening data security and explain why.
  • Explain how you would factor risk management practices into the development of the a specific security policy of your choice.. Develop specific measures, processes, and activities in your answer.
  • Distinguish the three most important factors that will protect and enhance the confidentiality and integrity aspects of data assets. Provide a rationale for your chosen factors.
  • Imagine you are a member of an organization’s forensics support team. Suppose that the data security countermeasures of your organization have been breached. Outline possible activities that you would perform to complete the digital forensic process

Second Part of assignment

  • Determine what you believe are the top two considerations that should be addressed when forming the CSIRT in terms of skills, abilities, procedures, training, deployment, etc.
  • Explain what you believe to be the most critical flaw or failure when it comes to CSIRT organization and preparation. Suggest ways management can avoid this pitfall altogether.…

-From the link above explain in your own words the purpose of the Software Engineering Institute’s (SEI) exercises regarding team communication, and determine whether or not you believe this type of testing and analysis is a beneficial use of resources.

– Justify your answer. Based on the testing and analysis described in the link aboved, indicate the two most important things that you believe are needed in order for cross-team communication to be successful when dealing with potential widespread incidents