Question

1. Explain why Critical Infrastructures Systems are so hard to protect and provide a recommendation of how to fix issues these issues for these types of systems.
2. Explain the three tiers of Risk Management and how they work together to provide a Risk Management Strategy for an Organization.
3. Please explain the IRP Process. We discussed 5 steps concerning this.
4. We talked about different Security Laws. In your opinion explain why it is so hard to pass an updated IT Security Law  
5. Explain the Risk Management Process (4 tasks) and explain the 4 ways to respond to risk and provide an example of each.
6. Explain the reason for having a Configuration Management Plan
7. Explain why Critical Infrastructures Systems are so hard to protect and provide a recommendation of how to fix issues these issues for these types of systems.
8. Explain the three tiers of Risk Management and how they work together to provide a Risk Management Strategy for an Organization.
9. Please explain the IRP Process. We discussed 5 steps concerning this.
10. We talked about different Security Laws. In your opinion explain why it is so hard to pass an updated IT Security Law  
11. Explain the Risk Management Process (4 tasks) and explain the 4 ways to respond to risk and provide an example of each.
12. Explain the reason for having a Configuration Management Plan

Answer 1

Explain why Critical Infrastructures Systems are so hard to protect and provide a recommendation of how to fix issues these issues for these types of systems.

The critical infrastructure system are mainly privately owned and primarily depends of the knowledge and action of the private sector, becuase they do not employ service provider to protect the CIS becuase the data is confidential and needs to be protected at all cost and the service provider are not trustable enough in this scenario and theses CIS does not have enough fund for vulneravility reduction. The best recommendation to fix the issues is that they should have people that have skills in this field and should run a regular testing to check for vulneabilities. The main recommendation are patch the vulnerabiities, reduce the surface of attack, build a defensive environment to protect the CIS, properly monitor and act upon the system and implement proper contorl over the rights.