1. What are various categories of Risk Assessment? Explain each.

2. What are the three categories of control types of risk assessment that can be administered?

3. What are Security Models relating to business issues in an organisation?

4. List and explain the three goals of an Attack?

5. What is the difference between quantitative and qualitative risk assessment?

6. Differentiate authentication and identification in access control and identity management?

7. What are key elements of Physical Security in the ICT environment?

8. Explain the policies that govern the workplace in accessing the ICT system?

9. Explain in brief the process used to educate users in workplace about security issues?