8)Define and explain the following four cybersecurity risk treatment options. Provide a practical example for each:

•Risk Acceptance

•Risk Avoidance

•Risk Transfer

•Risk Reduction   (20 marks)

7) Draft a brief strategic cybersecurity plan outline for a medium-sized company. Include key elements such as governance, risk approach, alignment with business goals, key policy areas, training, and review.(15 marks)

6) Define what a cybersecurity risk register is. Describe its purpose, key components, and how it supports governance and decision-making.(15 marks)

5) Describe the cybersecurity risk management process. Your answer should cover risk identification, analysis, evaluation, treatment, and monitoring.(10 marks)

4) Discuss the role of cybersecurity standards and best practices in improving organizational security. Refer to at least three recognized frameworks or documents in your response.(10 marks)

3) Define and explain the following cybersecurity objectives with an example for each: a. Availability b. Integrity c. Authenticity d. Non-repudiation e. Confidentiality (10 marks)

2) Compare ISO 27001 and ISO 27002. In your answer, describe how they relate to the implementation of an Information Security Management System (ISMS).(10 marks)

1) Explain the five core functions of the NIST Cybersecurity Framework.(10 marks)

• Where can you find the Big Five animals in South Africa? 

• What is the name of the dividing line between the Indian and Atlantic Oceans?