Description
Midterm.docx A word docx version is posted under assignments. Since you did all the work and read only your can answer the questions. I will provide you everything you will need to complete the assignment.
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Explanation & Answer
Review
Review
Anonymous
Excellent! Definitely coming back for more study materials.
Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
24/7 Homework Help
Stuck on a homework question? Our verified tutors can answer all questions, from basic math to advanced rocket science!
Most Popular Content
ISSC 342 Security Design Principles Discussion
Need to respond to the below two students' initial posts, and each of these responses should be at least 150 words. The qu ...
ISSC 342 Security Design Principles Discussion
Need to respond to the below two students' initial posts, and each of these responses should be at least 150 words. The question the students are answering are in bold below.1) Discuss security design principles utilizing different authentication methods and (password) policies.For example, think about the basic security design principles and how organizations utilize password policies and authentication methods.Student one: When discussing and assigning security design principles, certain topics are a must. One of the more critical ones is the use of authentication. Authentication can come in many methods, including the use of biometrics (ex: fingerprint, palmprint, face recognition, voice recognition, etc.), token (ex: smart card, USB token, etc.) and/or the basic username and password combo (Solomon, 2014). Although the basic username and password combo use is a good start, mandating things like multi factor authentication may also be necessary.When it comes to passwords, a policy matching the organizations needs should always be in place and implemented as well. Password policies can include a multitude of options. Some examples include the mandatory use of certain characters like a capital letter, lowercase letter, number, special character, no dictionary words, no repetitive passwords, etc. Apart from restricting the password itself, the password policy can also mandate alternate items like how many password attempts are allowed before being locked out, timed out lock out after failed attempts, password expiration every set amount of days (30, 60, 90, etc.). Which ever policy is selected, it must fit the needs appropriately. For example, if an organization has physical controls in place, the employees are using workstations that don’t leave the premises and the information being processed on the computers are not sensitive, then there would be no need to have a policy in place that would require face recognition, smart chip and a 15 digit password with at least the use one of every character option. Since the stricter authentications are more time consuming and costly, the more complex authentications should be reserved for the more critical data.Solomon, Michael G. (2014). Security Strategies in Windows Platforms and Applications, 2nd ed. Jones & Bartlett Learning: Information Systems Security & Assurance Curriculum. The VitalSource e-book is provided via the APUS Bookstore.-ZapienStudent two:Hello Everyone,Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (Payne) 2006.The authentication process ensures that users are who they claim to be. There are many methods to authenticate users. The most common method in use is the password. Although anyone can claim to be a particular user, no one else but the real user should know the user’s password. The ability to provide both the username and password provides the authentication that the user is valid and authentic (Solomon, 2014). Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification). The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database (Rouse, 2008). Some great examples of Multifactor authentication are:Password – A user created string of characters.Smart cards - Cards that have embedded computing capabilities that typically include authentication credentials such as public key certificates i.e. (C.A.C Card) or common access card commonly used in every branch of the military.Biometrics – Fingerprint identification, Retina Scan, Iris Scan, Voice analysis, and Facial recognition just to name a few. Most of these biometric methods are still slowly but surely gaining there acceptance by the general public, but have been around for quite a while.In 2012 the United States government tried to pass an immigration reform bill that would require the use of biometrics. The United States proposed that “every employed person – whether a citizen or non-citizen, native born or immigrant should have to get a government issued ID card” (Weinberg).Work cited:Solomon, M. G. Security Strategies in Windows Platforms and Applications. [VitalSource Bookshelf]. Retrieved from https://online.vitalsource.com/#/books/9781284047448/Payne, S. (n.d.). Information Security Resources. Retrieved from https://www.sans.org/information-security/Rouse, M. (n.d.). What is biometric verification? - Definition from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/b...-Cook
MIS 320 GMU Networking Proposal Banking Risks and Attacks by Cyber Criminals Essay
Networking proposal bankingThe project proposal should include the following milestones:Introduction.Problem statement and ...
MIS 320 GMU Networking Proposal Banking Risks and Attacks by Cyber Criminals Essay
Networking proposal bankingThe project proposal should include the following milestones:Introduction.Problem statement and short explanation on the project.Initial network design and required devices.Initial budged estimate.Conclusion.References.Submission deadline is Nov. 1
8 pages
Questions
Chatbots are efficient, and a significant of individuals and organizations prefer them when it comes to providing an insta ...
Questions
Chatbots are efficient, and a significant of individuals and organizations prefer them when it comes to providing an instant reply. Besides, nowadays, ...
10 pages
Threat Intelligence Report
Ransomware is one of the common forms of cyber-attacks, especially in the context of institutions of higher learning. A su ...
Threat Intelligence Report
Ransomware is one of the common forms of cyber-attacks, especially in the context of institutions of higher learning. A successful ransomware attack ...
Capella University Network Diagram & Physical Local Area Network Paper
Create a physical local area network (LAN) and wireless LAN (WLAN) diagram for a typical retail location.
Capella University Network Diagram & Physical Local Area Network Paper
Create a physical local area network (LAN) and wireless LAN (WLAN) diagram for a typical retail location.
3 pages
Risk Register
remote access to the company information while the current Company electronic assets may be stolen which may lead to impor ...
Risk Register
remote access to the company information while the current Company electronic assets may be stolen which may lead to important data loss that may may ...
Similar Content
ALG 3000 IUPUFW Polynomials Algorithms Questions
need answer need code ...
Emerging Threats and Counter Measures Final Research Paper
Your final research paper assignment is to write a research paper that explains how defense-in-depth and awareness are com...
American Inst of Certified Public Accountants, computer science homework help
Hybrid Assessment - Search and report on associations:a. List at least five associations that would be useful for Accounti...
New England College Emerging Enterprise Network Application Discussion
Research emerging enterprise network applications and describe 3 that you think are most interesting and briefly explain w...
write a paper
Topic :Mobile application security issuesResearch shows that organizations invest over $34 million in mobile application...
IT 446 Saudi Electronic University ?significance of OLAP and Data Matrix Questions
What are the significance of OLAP (online analytical processing) in Data Mining?
Write about the following Terms ( in data...
Agile Delivery Project.
In the design and establishment of the e-Commerce website, the approach to be leverage on is the Agile Delivery Framework ...
Business Intelligence And Cloud Computing
This refers to the way we can be able to understand the past present and the future of our business (Popovič, 2019). This...
Incident Response
More open ports increase the ability of the honeypot to attract more hackers. The open ports are meant to increase the pot...
Related Tags
Book Guides
To Kill a Mockingbird
by Harper Lee
Twilight
by Stephenie Meyer
The Secret Garden
by Frances Hodgson Burnett
The Glass Palace
by Amitav Ghosh
Little Fires Everywhere
by Celeste Ng
Sharp Objects
by Gillian Flynn
The Aftermath
by Rhidian Brook
The Kite Runner
by Khaled Hosseini
Broke Millennial: Stop Scraping by and Get Your Financial Life Together
by Erin Lowry
Get 24/7
Homework help
Our tutors provide high quality explanations & answers.
Post question
Most Popular Content
ISSC 342 Security Design Principles Discussion
Need to respond to the below two students' initial posts, and each of these responses should be at least 150 words. The qu ...
ISSC 342 Security Design Principles Discussion
Need to respond to the below two students' initial posts, and each of these responses should be at least 150 words. The question the students are answering are in bold below.1) Discuss security design principles utilizing different authentication methods and (password) policies.For example, think about the basic security design principles and how organizations utilize password policies and authentication methods.Student one: When discussing and assigning security design principles, certain topics are a must. One of the more critical ones is the use of authentication. Authentication can come in many methods, including the use of biometrics (ex: fingerprint, palmprint, face recognition, voice recognition, etc.), token (ex: smart card, USB token, etc.) and/or the basic username and password combo (Solomon, 2014). Although the basic username and password combo use is a good start, mandating things like multi factor authentication may also be necessary.When it comes to passwords, a policy matching the organizations needs should always be in place and implemented as well. Password policies can include a multitude of options. Some examples include the mandatory use of certain characters like a capital letter, lowercase letter, number, special character, no dictionary words, no repetitive passwords, etc. Apart from restricting the password itself, the password policy can also mandate alternate items like how many password attempts are allowed before being locked out, timed out lock out after failed attempts, password expiration every set amount of days (30, 60, 90, etc.). Which ever policy is selected, it must fit the needs appropriately. For example, if an organization has physical controls in place, the employees are using workstations that don’t leave the premises and the information being processed on the computers are not sensitive, then there would be no need to have a policy in place that would require face recognition, smart chip and a 15 digit password with at least the use one of every character option. Since the stricter authentications are more time consuming and costly, the more complex authentications should be reserved for the more critical data.Solomon, Michael G. (2014). Security Strategies in Windows Platforms and Applications, 2nd ed. Jones & Bartlett Learning: Information Systems Security & Assurance Curriculum. The VitalSource e-book is provided via the APUS Bookstore.-ZapienStudent two:Hello Everyone,Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (Payne) 2006.The authentication process ensures that users are who they claim to be. There are many methods to authenticate users. The most common method in use is the password. Although anyone can claim to be a particular user, no one else but the real user should know the user’s password. The ability to provide both the username and password provides the authentication that the user is valid and authentic (Solomon, 2014). Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification). The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database (Rouse, 2008). Some great examples of Multifactor authentication are:Password – A user created string of characters.Smart cards - Cards that have embedded computing capabilities that typically include authentication credentials such as public key certificates i.e. (C.A.C Card) or common access card commonly used in every branch of the military.Biometrics – Fingerprint identification, Retina Scan, Iris Scan, Voice analysis, and Facial recognition just to name a few. Most of these biometric methods are still slowly but surely gaining there acceptance by the general public, but have been around for quite a while.In 2012 the United States government tried to pass an immigration reform bill that would require the use of biometrics. The United States proposed that “every employed person – whether a citizen or non-citizen, native born or immigrant should have to get a government issued ID card” (Weinberg).Work cited:Solomon, M. G. Security Strategies in Windows Platforms and Applications. [VitalSource Bookshelf]. Retrieved from https://online.vitalsource.com/#/books/9781284047448/Payne, S. (n.d.). Information Security Resources. Retrieved from https://www.sans.org/information-security/Rouse, M. (n.d.). What is biometric verification? - Definition from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/b...-Cook
MIS 320 GMU Networking Proposal Banking Risks and Attacks by Cyber Criminals Essay
Networking proposal bankingThe project proposal should include the following milestones:Introduction.Problem statement and ...
MIS 320 GMU Networking Proposal Banking Risks and Attacks by Cyber Criminals Essay
Networking proposal bankingThe project proposal should include the following milestones:Introduction.Problem statement and short explanation on the project.Initial network design and required devices.Initial budged estimate.Conclusion.References.Submission deadline is Nov. 1
8 pages
Questions
Chatbots are efficient, and a significant of individuals and organizations prefer them when it comes to providing an insta ...
Questions
Chatbots are efficient, and a significant of individuals and organizations prefer them when it comes to providing an instant reply. Besides, nowadays, ...
10 pages
Threat Intelligence Report
Ransomware is one of the common forms of cyber-attacks, especially in the context of institutions of higher learning. A su ...
Threat Intelligence Report
Ransomware is one of the common forms of cyber-attacks, especially in the context of institutions of higher learning. A successful ransomware attack ...
Capella University Network Diagram & Physical Local Area Network Paper
Create a physical local area network (LAN) and wireless LAN (WLAN) diagram for a typical retail location.
Capella University Network Diagram & Physical Local Area Network Paper
Create a physical local area network (LAN) and wireless LAN (WLAN) diagram for a typical retail location.
3 pages
Risk Register
remote access to the company information while the current Company electronic assets may be stolen which may lead to impor ...
Risk Register
remote access to the company information while the current Company electronic assets may be stolen which may lead to important data loss that may may ...
Earn money selling
your Study Documents