Hello Friends in this article i am gone to share Coursera Course: Cybersecurity Policy for Water and Electricity Infrastructures Week 2 | L14 Challenge Questions Answers with you..
Homeland security is about safeguarding the United States from domestic catastrophic destruction. Domestic catastrophic destruction comes in two forms: natural and manmade. For most of history, the manmade variety came in the form of warfare and required the combined resources of a nation state.
L14 Challenge Questions Answers
Question 1)
You are the system security officer for a drinking water utility servicing a large city of about 3.8 million residents in California. In 2014, your department allocated funding to start implementing the NIST Cybersecurity Framework. By 2017, your office succeeded in completing two cycles of the Framework Process, and now assess your Current Profile at Tier 3, “Repeatable”. At the annual business review meeting, management asks if you are going to try and attain a Tier 4 “Adaptive” Target Profile. Because your system is riddled with single points of failure that could shut down water to the city for a week a more, you recommend proceeding with Tier 4 implementation even though it will require a 20% increase to your department budget. How should management respond to your recommendation?
- Management should agree with you because you are the designated expert in this area.
- Management should agree with you because the risk is too great not to proceed.
- Management should make their own decision based on their own judgment.
- Management should make their own decision based on cost.
Question 2)
You are the system security officer for a drinking water utility servicing a large city of about 2.7 million residents in Illinois. In 2014, your department allocated funding to start implementing the NIST Cybersecurity Framework. By 2017, your office succeeded in completing two cycles of the Framework Process, and now assess your Current Profile at Tier 3, “Repeatable”. At the annual business review meeting, management asks if you are going to try and attain a Tier 4 “Adaptive” Target Profile. Because your system is redundant and likely to survive even a sophisticated cyber attack, you recommend remaining at Tier 3 because the additional cost will result in virtually no additional protection. How should management respond to your recommendation?
- Management should agree with you because you are the designated expert in this area.
- Management should agree with you because the risk is too great not to proceed.
- Management should make their own decision based on their own judgment.
- Management should make their own decision based on cost.
Correct
Answer C is best because it takes into account many other factors that may not be known to the SSO, not just cost, and influence management’s own perception of risk.