In the following exercises, you apply what you’ve learned in this chapter. The answers for these exercises are located in the Answers section at the end of this chapter.

Exercise 1-1

Limiting the scope to a single laptop computer that you own, perform a risk assessment. Identify each asset but perform the assessment only on the computer hardware itself. Perform the ALE calculation for the threat of hard disk failure only. Assume the disk drive has a mean-time-between-failure rating of three years.

Exercise 1-2

Based on the results from the risk assessment performed in Exercise 1-1, list each policy document and a brief description of its contents that would help manage risks to the computer.

Get CISSP Training Kit now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.