SSK5501 Information Security Management Workshops 1. Consider a small e-business enterprise with its Web site hosted at a secure ISP company Customers buy online on the company Web site. Assume that the enterprise has a computing environment consisting of two LANs: a private LAN for the administration of the computing environment and a public LAN for employees. How can you best devise a security program based on the concepts you learned in this chapter? 2. Consider your home computing environment. Assume that your home has a wireless router connected to a local Internet service provider. Assume that your family has three computers and a printer connected to the router. Using the concepts you learned in this chapter, devise a security program that maximizes your home security. Show sufficient details when presenting your security program steps. 3. Assume that managerial levels are concerned with information security management in different ways. Assume that managers play roles in managing the security of various computing environments' components: people, activities, data, technology, and network, as explained in Chapter 1. Draw a 3 x 5 matrix showing the managerial levels as columns and the computing environment components as rows. In each cell of the matrix, identify the three main security management roles that the corresponding management level manager plays in managing the computing environment's component in this cell Now that you defined the roles in security management that various managerial levels should play, use Chapter 1 and literature from the Internet to define the appropriate security training program for each of the managerial levels. Use the management concepts you learned in this chapter to distinguish between managerial duties at different managerial levels. 4. In a small business, most managerial roles and functions overlap. Discuss how this overlap affects information security management. Devise a solution that circumvents any negative effects and defines strategic, functional, and operational plans that are favourable to effective security management in the small business. You may either redefine managerial roles and functions in the small business, or define new information security positions SSK5501 Information Security Management Workshops 1. Consider a small e-business enterprise with its Web site hosted at a secure ISP company Customers buy online on the company Web site. Assume that the enterprise has a computing environment consisting of two LANs: a private LAN for the administration of the computing environment and a public LAN for employees. How can you best devise a security program based on the concepts you learned in this chapter? 2. Consider your home computing environment. Assume that your home has a wireless router connected to a local Internet service provider. Assume that your family has three computers and a printer connected to the router. Using the concepts you learned in this chapter, devise a security program that maximizes your home security. Show sufficient details when presenting your security program steps. 3. Assume that managerial levels are concerned with information security management in different ways. Assume that managers play roles in managing the security of various computing environments' components: people, activities, data, technology, and network, as explained in Chapter 1. Draw a 3 x 5 matrix showing the managerial levels as columns and the computing environment components as rows. In each cell of the matrix, identify the three main security management roles that the corresponding management level manager plays in managing the computing environment's component in this cell Now that you defined the roles in security management that various managerial levels should play, use Chapter 1 and literature from the Internet to define the appropriate security training program for each of the managerial levels. Use the management concepts you learned in this chapter to distinguish between managerial duties at different managerial levels. 4. In a small business, most managerial roles and functions overlap. Discuss how this overlap affects information security management. Devise a solution that circumvents any negative effects and defines strategic, functional, and operational plans that are favourable to effective security management in the small business. You may either redefine managerial roles and functions in the small business, or define new information security positions