
9. Compare the classes and families of the minimum security control
requirements, shown in Table 5-5, to the classes and control objec-
tives of ASSERT’s assessment questions, shown in Table 5-6. How
do you explain the discrepancies?
10. Explain how ASSERT’s questions could be used by a business to
better control its IT systems and to mitigate its security risks.
KEY TERMS
Asynchronous Transfer Mode (ATM): High-speed switching tech-
nology capable of transmitting data, video, and voice over the
same network.
Availability: Ensuring that information is accessible to authorized parties.
Confidentiality: Preventing the unauthorized disclosure of information. ...