Lecture presentation
1b: Data Classification Process and Models
Question 1
What are the 3 types of risk mitigating controls? Which is the most important? Why is it the most important?
Question 2
How you would apply the FIPS security categorizations to decide if each of the information security risk mitigations (“safeguards”) described in the FGDC guidelines is needed?
Question 3
Which two information security objectives could be put at risk if the alternative mitigations (i.e. “safeguards”) recommended by the FGDC guidelines are applied? Explain how each of the two objective is put at risk by the safeguards.