Basic information security principles

Your firm “Technology Commandos Inc. (TCI)” is a new progressive training and
consulting firm that has been hired by the US Department of Defense to conduct a new
federal in-service training requirement for the DoD technology personnel, as part of a
federal information security team mandate.

• Describe the CNSS security model
• Describe the difference between a threat of vulnerability and exploit
• List five different types of hackers and how they will attempt to infiltrate the company.
• List five different types of malware and their countermeasures
• Explain five of 10 Commandments of computer ethics and explain why each is important
to understand in terms of harm to individuals or organizations.
• Describe the differences between risk identification, risk assessment and risk control.
• Describe five categories of risk management components and explain why they are
important in terms of risk management identification.
• Describe residual risk give an example.
• Explain risk control, elaborate on how a team can determining which risk control options
are cost effective for the organization.
• Name three risk controls and explain why they might be important to understand.
• Highlight the need for database security.
• Describe a relational database
• Describe different database cyber-attacks and their countermeasures.
• Describe database access control methods.
• Describe cloud security as a service.
• Describe cloud computing and some of the risk associated including countermeasures to
help reduce the risk