1. Why is a threat assessment so important to an organization; both for its business and security benefit. 2. What should be reviewed first before conducting a vulnerability assessment? Why? 3. What b

1. Why is a threat assessment so important to an organization; both for its business and security benefit.

2. What should be reviewed first before conducting a vulnerability assessment? Why?

3. What benefits can we get by funding periodic penetration tests?

4. Explain what a security control is and how they are generally managed.

5. What happens to found risks/vulnerabilities that cannot be mitigated? Explain in detail.