What are the key elements of a multilayer process for managing security

 What are the key elements of a multilayer process for managing security vulnerabilities based on the concept of reasonable assurance?

What actions must be taken in response to a security incident?

What is computer forensics, and what role does it play in responding to a computer incident?