computer information system

Sep 23rd, 2013
HelloWorld
Category:
Other
Price: $30 USD

Question description


Hello, 

I need the answers for the following questions, you also can download the book as a PDF file from the link http://www.4shared.com/office/6jZypRM5/Principles_of_Information_Secu.html?:

but I need the first 3 chapters to get done within 12 hours from now. And I can wait more time for the rest of them. 

Chapter1:

case exercise:

 The next day at SLS found everyone in technical support busy restoring computer systems to their former state and installing new virus and worm control software. Amy found herself learning how to install desktop computer operating systems and applications as SLS made a heroic effort to recover from the attack of the previous day. Questions:

  1. Do you think this event was caused by an insider or outsider? Why do you think this?

  2. Other than installing virus and worm control software, what can SLS do to prepare for the next incident?

  3. Do you think this attack was the result of a virus, or a worm? Why do you think this?


Chapter2: 

1-Using the Internet, browse to http://www.us-cert.gov/ and find the most recent CERT advisory.  What threat group and threat category does this advisory warn against?

2-Using the Internet, find and read the SANS/FBI Top 20 Vulnerabilities. Choose one of the 20 vulnerabilities listed and identify the threat group and threat category it warns about.

3-What is the difference between a threat and an attack? How do exploits relate to vulnerabilities?

4-Is there an ethically acceptable reason to study and use the various attack methods described in this chapter?

Case Exercises: Soon after the board of directors meeting, Charlie was promoted to CISO, a new position that reports to the CIO Gladys Williams, and that was created to provide leadership for SLS's efforts to improve its security profile. Questions:

  1. How do Fred, Gladys, and Charlie perceive the scope and scale of the new information security effort?

  2. Which of the threats discussed in this chapter should receive Charlie's attention early in his planning process?

  3. How will Fred measure success when he evaluates Gladys' performance for this project? How about Charlie's performance?
Chapter3:
1-List both a UNIQUE advantage and disadvantage to the U.S. Laws of Interest to Information Security Professionals. Make sure to include a summary of the Law. You may use the same law but the advantage and disadvantage needs to be unique.
2-List an UNIQUE way to protect yourself from Identity Theft and comment on two other postings under this forum.
3-What IT organization would be most advantageous to join? What SIG would you be most interested in joining with the ACM? Note: See External Links, Organizations....
4-Give one unique example of an RFID applied usage. Be sure not to repeat another students' posting.

chapter4:
1-Explain how to know yourself and/or to know your enemy.
2-You may find using concrete examples of weighted factor analysis from an unrelated topic useful if this concept is not familiar to students. For example, what factors are considered when buying a new car? How much weight is each factor given?
3-Give an example of an operational, technical, and political feasibility analysis.
4-Give examples of each of the five risk control strategies: defend, transference, mitigation, acceptance, & termination.

chapter5:
1-Security policies are the least expensive control to execute, but the most difficult to implement properly. List the reasons shaping policy is difficult:

Also list the three types of management of security policies, according to The National Institute of Standards and Technology’s Special Publication 800-14.

2-Design of Security Architecture

List one of the sections that outline key security architectural components. To assess whether a framework and/or blueprint are on target to meet an organization’s needs you must have a working knowledge of these security architecture components.

3-What does SETA programs mean? Comment on one other students posting under this thread.

4-Managers in the IT and information security communities are called on to provide strategic planning to assure the continuous availability of information systems. What are these continuity strategies?




Tutor Answer

(Top Tutor) Daniel C.
(997)
School: UT Austin
PREMIUM TUTOR

Studypool has helped 1,244,100 students

8 Reviews


Summary
Quality
Communication
On Time
Value
Five Star Tutor
Dec 4th, 2016
" Outstanding Job!!!! "
kpcutie
Nov 21st, 2016
" Excellent job "
Joemoe
Nov 12th, 2016
" <3 it, thanks for saving me time. "
Hemapathy
Nov 7th, 2016
" all I can say is wow very fast work, great work thanks "
pmallory
Oct 29th, 2016
" Totally impressed with results!! :-) "
kevin12622
Oct 16th, 2016
" Goes above and beyond expectations ! "
kiln82
Oct 7th, 2016
" awesome work thanks "
likeplum4
Sep 23rd, 2016
" Excellent work as usual "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1823 tutors are online

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors