2 Fundamentals of Security: Gap Analysis

Question 1

Process of evaluating the differences between an organization’s current performance and its desired performance

Answer 1

Gap Analysis

Question 2

Conducting a gap analysis can be a valuable tool for organizations looking to improve
their operations, processes, performance, or overall security posture True or False

Answer 2

True

Question 3

Steps in Gap Analysis

Answer 3

Define Scope of analysis
Gather Data on the current state of the organiztion
Analyze the data to identify any areas where the organizations current performacne falls short of its desired performance
develop a plan to bridge the gap

Question 4

Two types of gap analysis are?

Answer 4

Technical
Business

Question 5

Involves evaluating an organization’s current technical infrastructure
identifying any areas where it falls short of the technical capabilities
required to fully utilize their security solutions

Answer 5

Technical

Question 6

Involves evaluating an organization’s current business processes
● Identifying any areas where they fall short of the capabilities required to
fully utilize cloud-based solutions

Answer 6

business gap analysis

Question 7

● Outlines the specific measures to address each vulnerability
● Allocate resources
● Set up timelines for each remediation task that is needed

Answer 7

POA&M Plan of Action and Milestones