Information system security

User Generated

Enl_12

Computer Science

Description

Hi I have work for week 4

- 10 questions

- 4 pages writing

- Discussions

I attached files

Unformatted Attachment Preview

Please find and answer 10 CISSP questions on domain 3 - Security Engineering. Please ensure to answer the correct answer but also state why the other answers are incorrect. You will find answer on chapter 7,8,9 in this book https://sybextestbanks.wiley.com/courses/102/data/ebook.pdf 1- Which one of the following technologies is considered flawed and should no longer be used? A. SHA-2 B. PGP C. WEP D. TLS 2- What encryption technique does WPA use to protect wireless communications? A. TKIP B. DES C. 3DES D. AES 3- What does IPsec define? A. All possible security classifications for a specific configuration B. A framework for setting up a secure communication channel C. The valid transition states in the Biba model D. TCSEC security categories 4-Which security models are built on a state machine model? A. Bell-LaPadula and Take-Grant B. Biba and Clark-Wilson C. Clark-Wilson and Bell-LaPadula D. Bell-LaPadula and Biba 5- For what type of information system security accreditation are the applications and systems at a specific, self-contained location evaluated? A. System accreditation B. Site accreditation C. Application accreditation D. Type accreditation 6- . What part of the TCB concept validates access to every resource prior to granting the requested access? A. TCB partition B. Trusted library C. Reference monitor D. Security kernel 7- Which security model addresses data confidentiality? A. Bell-LaPadula B. Biba C. Clark-Wilson D. Brewer and Nash 8- What technology provides an organization with the best control over BYOD equipment? A. Application whitelisting B. Mobile device management C. Encrypted removable storage D. Geotagging 9- What type of federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system? A. Dedicated B. System high C. Compartmented D. Multilevel 10- What is a security risk of an embedded system that is not commonly found in a standard PC? A. Software flaws B. Access to the Internet C. Control of a mechanism in the physical world D. Power loss Discussion part There are 3 discussions post a new thought on two, reply on the other. 1- answer on this question by write 170-200 words - Discuss what your thoughts are on Kerckhoffs principle... It is on the slides but you can google it as well. 2- answer on this question by write 170-200 words - Since many security systems are automated, IT gets to design and manage them. Discuss one issue, concept or technology for facility security. 3- a response on this Discussion at least 70 words on - The security models are important concepts to know. Discuss the differences between the Bell / LaPadula & Biba. Include comments about the properties of the models - The student said about this: - Security Models Bell-LaPadula Model was made by the Department of Defense (DoD) to address concerns about protecting classified information. The Bell-LaPadula multilevel model was derived from the DoD’s multilevel security policies. The Bell-LaPadula model is to prevent any leakage or transfer any classified information. The Biba model was designed after the Bell-LaPadula model. The Biba model is to address the integrity, and as for Bell-LaPadula model is meant to address the confidentiality. The difference between the two is Biba primarily protect data integrity the basic properties it protects are the simple integrity property, and the star integrity property. Biba was to address three integrity issues which are prevent modification by unauthorized subjects, prevent unauthorized modification and protect internal and external object consistency. Security Breech Comparison • Security Breach Comparison paper is due – comparing breaches •Four pages •Are there common themes? •What common critical or potentially dangerous areas can you find? •What are common protection measures that you can do?
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

1

Running head: CISSP WORKSHEET

CISSP WORKSHEET
Institutional affiliation:
Date:

2

CISSP WORKSHEET
CISSP WORKSHEET
Question 1
C. WEP

The WEP algorithm has recognized errors which have to make it insignificant to fracture. It
ought to in no way be applied to defend or to guard networks which are in all means wireless.
QUESTION 2
A. TKIP

For Wi-Fi Protected Access (WPA) to be successful as well as strong it has to employ `Temporal
Key Integrity Protocol (TKIP) to safeguard or defend the wireless communications. AES
encryption is applied by WPA2.
Question 3
B. A framework for setting up a secure communication channel.
IPSec is a framework that ensures secure and private communication over an open network such
as the internet through the use of open standards. It uses cryptographic services in order to make
sure the data sent over the network is secure.
Question 4
D. Bell-LaPadula and Biba

The state model machine is known by building up The Bell-LaPadula and Biba.
Question 5

3

CISSP WORKSHEET
B. Site accreditation

DITSCAP and NIACAP are used to evaluate self-contained location on applications and also
systems.

Question 6
C. Reference monitor

Preference D, the safety essence, is the compilation of TCB works that exertion mutually to
apply the suggestion monitor task. In additional words, the safety essence is the completion of
the suggestion monitor notion. Preference A and B are not applicable TCB notion means. Before
the reference monitor conceding applied for access it has to legalize or authorize the resources
Question 7
A. Bell-LaPadula

Simply the Bell-LaPadula mold tackles information privacy. The Biba and Clark-Wilson mold
tackle information reliability. The Brewer and Nash mold averts arguments of significance.

Question 8
B. Mobile device management

Mobile device management (MDM) is defined as a program resolution to the tough duty of
administration the numerous mobile apparatus that workers employ to entrance business assets.

4

CISSP WORKSHEET
The objectives of MDM are to advance safety, offer the observation, allow distant management,
and support troubleshooting. It is evident that not all the mobile apparatus maintain detachable

maintenance, and even less maintains detachable maintenance which is encrypted. Geotagging is
applied or employed to spot pictures and communal system place, not for BYOD organization.
Question 9
A. Dedicated

In a fanatical organization, all clients have to have suitable safety authorization for the utmost
level of data practiced by the structure, they have to admission support for all data processed by
the structure, and they ought to have a suitable want to identify of all data practiced by the
structure.
Question 10
C. Control of a mechanism in the physical world

Since a fixed structure is in managing of a method in the material world, a safety infringe might
source damage to public and assets. This naturally is not accurate of a normal computer. Power
loss, Internet admission, and software errors are safety threats of the mutually entrenched system
and distinctive computers.


Running head: CISSP WORKSHEET OUTLINE

CISSP WORKSHEET OUTLINE
Institutional affiliation:
Date:

1

CISSP WORKSHEET OUTLINE

2

CISSP WORKSHEET OUTLINE

Thesis statement: The WEP algorithm has recognized errors which have to make it insignificant
to fracture. It ought to in no way be applied to defend or to guard networks which are in all
means wireless.
Answers for question 1 to 10


Running head: SAVING TIME IN SUPPLY CHAIN OUTLINE

Saving Time in Supply Chain Outline
Name
Institutional Affiliation
Date

1

SAVING TIME IN SUPPLY CHAIN OUTLINE

2

Saving Time in Supply Chain Outline

Thesis statement: In the world that we live in today, time is a highly valuable
commodity. People wake up early so that they can have more time to cover extra
activities or just a lot in a day. For this reason, individuals lean towards things and
services that save them time. Saving time means they will have more time to make
more money or whatever their goal is. The service industry has taken note of this need
and has made efforts to focus on saving their clients time. Say for instance
McDonald's. One of the unique characteristics that McDonald has is that they have
reduced the time used to prepare a burger or fries from the traditional 30 minutes to a
30 seconds span of time. This has been one of the selling points for McDonald's. Their
clients do not have to wait for a very long time to wait for their order to get ready.
Answer

S...


Anonymous
Really great stuff, couldn't ask for more.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags