Define, explain, and provide examples of the difference between a Quantitative and Qualitative Analysis, identify two security metrics for each analytic approach, and select one of the risk assessment methods (e.g., FAA Security Risk Management Process, OCTAVE, FRAP, CRAMM, and NSA IAM) that would effectively employ an approach useful in your current work setting — why would your selected approach be more effective?
(250 words)
Search these questions on the web under “Telecommunication & Network Security”. Then provide the reference to the resource as well as cite in your answers with (author, year, and page or paragraph number(s).
1. List at least five security threats specific to VoIP. Give a brief description and possible scenario.
2. List at least 10 Vulnerabilities in VoIP. Briefly describe each of the listed vulnerability, along with a possible recommendation for a countermeasure.
3. Explain the end-to-end process of how VoIP works.
4. Go back to problem 3 and list possible vulnerabilities in each step of the process.
5. In problem 4 list what would be most risky vulnerability, with the most possible damage
6. In problem 5 – list how you would create a plan to mitigate possible damages and have services running smoothly and securely.
