INFORMATION AND SECURITY SYSTEMS, technology assignment help

Anonymous
timer Asked: Oct 10th, 2016
account_balance_wallet $20

Question Description

Hello friend,

this is it  will be different topic or subject .let me know if you have question regarding this work !!

- All work should be your own – you’re free to use the text, your notes, or other research sources other than your classmates or other people. All sources must be cited. That means you should have a citation in every answer ... But if the source is the textbook, class discussion, or your own work experience, feel free to cite them that way, e.g. “(textbook)”, “(class discussion)”, or “(work experience)”. No need to go find a specific article or page number from the text.

- Grammar, punctuation, and spelling count for 20% of the total point value.! Answers should be in prose/paragraph form, not outlines. Exceptions: if a bullet list or table is a clear and convincing way to present part of an answer, that will be acceptable.

- Pick five (5) of the following question boxes to address. Include the original question with your answer, so it’s clear which one you’re answering☺. Each question identifies a range of lengths for the answer. Be sure that your answer addresses the specific context of the question.

  1. You are a manager of an e-commerce site in the financial services industry. Users have to log into their account on your site to access your services. The holiday season is approaching and you are looking for ways to ensure the availability of your site. A vendor proposes a solution whereby they monitor your site as follows:

    a- You provide them with credentials (user name and password).

    b- Every ten minutes they run an automated script to log into your site with these credentials to make sure that the site is up and running and services are available.

    Assuming the solution is within your budget, how might you respond and why?

    • Sign up and grant them the credentials with unlimited access so everything is monitored

    • Sign up but limit the access of the credentials to only login to a designated page

    • Don’t sign up due to security concerns

    • Don’t sign up due to too much traffic congestion from the monitoring.

      You might choose to pick a couple of these potential approaches and lay out pros and cons for them (bullet points or table structures are OK; aim for the rough equivalent of a couple of paragraphs of content and thought).

  2. You are responsible for managing elections in the United States. What concerns do you have about the perception of the election process, in terms of its information security? Describe the risks to each part of the CIA triangle

  3. The Internet of Things (IoT) is a big topic of discussion among InfoSec professionals, with new risks created by connecting previously “dumb” devices to the Internet, not only for home use, but also for online security cameras, industrial sensors and controls, and other such things. Pick two examples of newly Internet-connected devices, and describe the potential risks that are created because of the Internet connection. Your answer can be in terms of personal risks (for consumer products) or business risks (because of workplace connections or other reasons). Feel free to use additional research resources. (2-3 paragraphs)

  4. In addition to information security, there are several different types of security systems in any substantial organization, including things like physical security, personnel security, etc. Name at least two additional areas of security focus, and describe why they are important and how they might relate to information security in a banking organization. (2-3 paragraphs)

    5. Consider a company like Facebook, which serves millions (billions?) of customers, and claims to require that each account be associated with exactly one person, and that the person must correctly identify themselves. Describe at least two approaches that might be used to uniquely and positively identify individuals before they sign up for an account (so that I can’t claim to be someone else, for example), and the data access required to make that happen. These could be online or human-assisted validation approaches. Comment briefly on the tradeoffs between your two approaches. (2-3 paragraphs)

    6. Cloud computing, while not new, is gaining in visibility and popularity, both among consumers and businesses. How does using a cloud computing service affect an organization’s risk management? Name at least three aspects of cloud operations that make things easier for the InfoSec team, and three aspects that make things harder for the InfoSec team to be confident about their security management. Explain why.

    7.Consider the legal and regulatory impacts on information security. There were stories that indicated that the US National Security Agency had requested encryption keys from U.S. companies are, so that they could at any time decrypt communications or other data held by those companies, and that Yahoo! had routinely scanned millions of e-mails on behalf of US intelligence agencies. Assuming those stories are true, what two or three approaches might individuals take to protect their data from this type of access? Comment on the tradeoffs between the approaches you identify. Based on Apple and Google’s claims that they have made themselves unable to respond to law enforcement requests, how does this affect your position? (2-3 paragraphs)

    8. Bring your own device, or BYOD, is a hot topic in the security industry. What are at least three areas of the information security practice that are affected by people bringing their own electronic devices into the workplace, and using them for work purposes? Identify the three areas, and comment briefly on how each is affected by BYOD. (2-3 paragraphs)

    9.The text describes a system development life cycle, where security is factored into a number of stages of that life cycle. Why would it be important for a small retailer to use at least a simple form of a standard life cycle model, as opposed to approaching decisions and development in a less-structured fashion? Why does a life cycle model become more important as organizations grow in size and complexity? (1-2 paragraphs)

    10 . Think about home security – how we protect the physical and other assets in our homes. What are at least four layers of “defense in depth” in physical home security, and how do these compare and relate to their counterpart principles in information security? (2-3 paragraphs)

    11. Consider the recent flurry of data leaks and breaches from large, formerly reputable companies (most recently, Yahoo!), which indicate that perhaps organizations continue to be more vulnerable than previously known. What (perhaps additional) risk control strategies might organizations utilize to mitigate the risk and damage of these events? How could disclosure, both of the breach itself, as well as details of how the breach happened, help to improve security for the Internet as a whole? (2-3 paragraphs) 


Tutor Answer

nyajust
School: Duke University

Hello friend these refers to questions that have been done on studypool. This is because you are not the first one to have these questions done ...

flag Report DMCA
Review

Anonymous
Top quality work from this guy! I'll be back!

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors