Please answer Each question, and cite any sources used. 1. Review: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-18r1.pdfHow does the the approach of information security imple

Please answer Each question, and cite any sources used. 

1. Review: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-18r1.pdf

How does the the approach of information security implementation, security objective, and potential impact influence the effectiveness and cost management of the task?

2. Question A: 

Describe threats and vulnerabilities and how to address them using a business impact analysis. Scenario: You are pen-testing a financial corporation and have found threats and vulnerabilities and need to explain to the business owner what they are. You must also provide an explanation on how a BIA can help the business secure their confidentiality, Integrity and Availability. 

Question B:

Research a unique news story or article related to Information Technology. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

3. Question A: 

Describe physical and logical access controls when and where would you implement them. Pick a type of physical and logical control i.e. Firewall or CCTV and explain how they work and what type of controls they provide.

Question B: 

Research a unique news story or article related to Access controls. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

4. Question A: 

Describe the risk management process and explain each step in detail. 

Question B: 

Research a unique article on https://www.infosecurity-magazine.com/risk-management/. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

5. Question A: 

Describe asymmetric, symmetric and public versus private keys. Also pick a type of encryption AES, DES some type and provide an explanation of how that encryption can be used to protect the CIA triad.

Question B: 

Research a unique article on encryption techniques. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please fully cite you source.

6. Question A: 

Describe the OSI model and break down each layer, explaining what functions they perform. 

Question B:

Pick an article on https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html. Write a short summary of what you learned, please also provide a link to the original article. Source is your choice; however please full cite you source.

7. Question A: 

Pick two US compliance laws and provide a brief description. Then, provide your thoughts on if the laws need to be updated or changed in any way. Describe how these laws relate to the CIA triad. 

Question B: 

Research a unique article on compliance laws. Write a short summary of what you learned, and please also provide a link to the original article. The source is your choice; however, please fully cite your source.

8. What is the most practical and easily-applied lesson you learned after answering the previous questions? What was the hardest to grasp? Why?