What value should an automated asset inventory system have for the risk

identification process?
We moved from a process of manual inventory Of assets to automatic Asset
inventory because the manual form of asset inventory requires a lot of human
source and so much of time. Automatic asset inventory is one of the most
important process in cyber security analysis and management it is majorly
required for increasing the security and identifying the risks. as we see the
organisations around us processes heterogeneous data on a very large scale
and that data is dynamically changing so it is very tough to manage that data
manually hence automatic asset inventory is the innovation which simplifies
the task of management off asset. In case of automatic asset inventory the
asset inventory should be continuously with a constant Time interval should
undergo modification of objects and that modification of objects results in the
change in topology which in turns leads to Change in network station which
can also be described as cyber security station. Hence to track down this we
need a technique which is automatic inventory assets and connexion between
them in different organisations. The current technique on which this
automatic inventory system is working upon is called as correlation method it
is basically linking the system processes to each other. The other best to use
off automatic asset inventory is that It assigns a specific event characteristic to
an asset type. The security risk depends upon the importance of the side this it
is really very important to make out how important the asset is and what kind
of security would be appropriate for it. That means providing high security for
a less important data would not be an ideal situation. the events that are
assign to the assets help us to outline system objects and to apologies with this
weekend further restore the possible attack paths and security assessments
hence in this way an automated asset inventory system is very useful and
please an essential role in identifying the risk to the asset because it is
interconnected with all the components of a system.

2} How many threat categories are listed in this chapter? Which is noted as
being the most frequently occurred and why?

Threats are the activities done by individual with an unethical intention to

cause harm to the organization’s reputation by stealing it’s data
Threats can be of many types but mainly we categorise the threads into three
major categories they are described as
 intentional threats
 Unintentional threats
 Natural threats
Natural threat:- Fire, floods, power failures and other disasters cannot be
always prevented but we can minimise the risk by making policies that guard
against hazard causing dangers to computers we can also plan for tracking a
critical data off side by regularly maintaining backup of the data that can be
used in when an emergency occurs
Unintentional threats:- Ignorance are laziness create danger to the system the
System Administrator needs to know the importance of the data he is
handling any kind of In appropriate act while handling the sensitive data of an
organisation could leads to the loss of data unintentional threats are the
outcome of unawareness
Intentional threats :-these are caused by of will full desire of attacking the
systems and stealing the information stored which means confidential for the
company unintentional threat is mainly caused by a very talented person most
popularly termed as hacker hackers can be categorised into three categories
basically they are white hat hackers, grey hat hackers and black heart hackers.
keeping this threats aside we have other categories of threads also like virus,
malware, Key blogger ,password cracking, phishing etc.
in the above listed threats the most frequently happened is the unintentional
threat which is also known as human caused threats because human is more
venerable Dan a machine the humans which aren’t the sorts of threads
actually employees of a company who have lack of knowledge about the
secure handling of information they do very common mistakes which open
doors for disaster to overcome the happening of human cost rates an
organisation needs to take initiative to educate the employees and let them
know the importance of the data that they are handling .they are supposed to
be educated about the procedure that they going to follow while handling the
sensitive information of an organisation because we believe that the data lying
in an organisation is actually an asset for an organisation.