Part 3

Question 0

TEN STEPS TO BUILDING A SECURE ORGANIZATION

Having identified some of the challenges to building a secure organization, let’s now look at 10 ways to successfully build a secure organization.
The following steps will put a business in a robust
____

Answer 0

security posture.

Question 1

Evaluate the ____

Answer 1

Risks and Threats

Question 2

Another approach is to begin by evaluating the ____.

Answer 2

threats posed to your organization and your data

Question 3

Threats Based on the Infrastructure Model

The first place to start is to ____ based on an organization’s infrastructure model.

Answer 3

identify risks

Question 4

What ____ is in place that is necessary to support the operational needs of the business?

Answer 4

infrastructure

Question 5

A small business that operates out of one office has ___ as opposed to an organization that operates out of numerous facilities, includes a mobile workforce utilizing a variety of handheld devices, and offers products or services through a Web-based interface.

Answer 5

reduced risks

Question 6

An organization that has a large number of telecommuters must take steps to protect its ____ that could potentially reside on personally owned computers outside company control.

Answer 6

proprietary information

Question 7

An organization that has widely dispersed and disparate systems will have more ____ than a centrally located one that utilizes uniform systems.

Answer 7

risk potential

Question 8

Threats Based on ____

Are there any specific threats for your particular business?

Answer 8

the Business Itself

Question 9

Threats Based on ____

Businesses belonging to particular industries are targeted more frequently and with more dedication than those in other industries.

Answer 9

Industry

Question 10

Financial institutions and online retail- ers are targeted because ____

Answer 10

“that’s where the money is.”

Question 11

Pharmaceutical manufacturers could be targeted to steal ____, but they also could be targeted by special interest groups, such as those that do not believe in testing drugs on live animals.

Answer 11

intellectual property

Question 12

Global Threats

Businesses are often so narrowly focused on their local sphere of influence that they forget that by having a network connected to the Internet, they are now ____

Answer 12

connected to the rest of the world.

Question 13

If a piece of malware identified on the other side of the globe targets the ____ used in your organization, you can be sure that you will eventually be impacted by this malware.

Answer 13

identical software

Question 14

Once threats and risks are identified, you can take one of four steps:

Ignore the risk. This is never an acceptable response. This is simply burying your head in the sand and hoping the problem will go away—the business equivalent of _____

Answer 14

not wearing a helmet when riding a motorcycle.

Question 15

_____ When the cost to remove the risk is greater than the risk itself, an organization will often decide to simply _____ This is a viable option as long as the organization has spent the time required to evaluate the risk.

Answer 15

Accept the risk.

Question 16

____ Organizations with limited staff or other resources could decide to ____. One method of ______ is to purchase specialized insurance targeted at a specific risk.

Answer 16

Transfer the risk.

Question 17

_____. Most organizations ______by applying the appropriate resources to minimize the risks posed to their network.

Answer 17

Mitigate the risk