Information system security

timer Asked: Oct 18th, 2018
account_balance_wallet $45

Question Description

Hi I have work for week 4

- 10 questions

- 4 pages writing

- Discussions

I attached files

Unformatted Attachment Preview

Please find and answer 10 CISSP questions on domain 3 - Security Engineering. Please ensure to answer the correct answer but also state why the other answers are incorrect. You will find answer on chapter 7,8,9 in this book 1- Which one of the following technologies is considered flawed and should no longer be used? A. SHA-2 B. PGP C. WEP D. TLS 2- What encryption technique does WPA use to protect wireless communications? A. TKIP B. DES C. 3DES D. AES 3- What does IPsec define? A. All possible security classifications for a specific configuration B. A framework for setting up a secure communication channel C. The valid transition states in the Biba model D. TCSEC security categories 4-Which security models are built on a state machine model? A. Bell-LaPadula and Take-Grant B. Biba and Clark-Wilson C. Clark-Wilson and Bell-LaPadula D. Bell-LaPadula and Biba 5- For what type of information system security accreditation are the applications and systems at a specific, self-contained location evaluated? A. System accreditation B. Site accreditation C. Application accreditation D. Type accreditation 6- . What part of the TCB concept validates access to every resource prior to granting the requested access? A. TCB partition B. Trusted library C. Reference monitor D. Security kernel 7- Which security model addresses data confidentiality? A. Bell-LaPadula B. Biba C. Clark-Wilson D. Brewer and Nash 8- What technology provides an organization with the best control over BYOD equipment? A. Application whitelisting B. Mobile device management C. Encrypted removable storage D. Geotagging 9- What type of federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system? A. Dedicated B. System high C. Compartmented D. Multilevel 10- What is a security risk of an embedded system that is not commonly found in a standard PC? A. Software flaws B. Access to the Internet C. Control of a mechanism in the physical world D. Power loss Discussion part There are 3 discussions post a new thought on two, reply on the other. 1- answer on this question by write 170-200 words - Discuss what your thoughts are on Kerckhoffs principle... It is on the slides but you can google it as well. 2- answer on this question by write 170-200 words - Since many security systems are automated, IT gets to design and manage them. Discuss one issue, concept or technology for facility security. 3- a response on this Discussion at least 70 words on - The security models are important concepts to know. Discuss the differences between the Bell / LaPadula & Biba. Include comments about the properties of the models - The student said about this: - Security Models Bell-LaPadula Model was made by the Department of Defense (DoD) to address concerns about protecting classified information. The Bell-LaPadula multilevel model was derived from the DoD’s multilevel security policies. The Bell-LaPadula model is to prevent any leakage or transfer any classified information. The Biba model was designed after the Bell-LaPadula model. The Biba model is to address the integrity, and as for Bell-LaPadula model is meant to address the confidentiality. The difference between the two is Biba primarily protect data integrity the basic properties it protects are the simple integrity property, and the star integrity property. Biba was to address three integrity issues which are prevent modification by unauthorized subjects, prevent unauthorized modification and protect internal and external object consistency. Security Breech Comparison • Security Breach Comparison paper is due – comparing breaches •Four pages •Are there common themes? •What common critical or potentially dangerous areas can you find? •What are common protection measures that you can do? ...
Purchase answer to see full attachment

Tutor Answer

School: UC Berkeley




Institutional affiliation:


Question 1

The WEP algorithm has recognized errors which have to make it insignificant to fracture. It
ought to in no way be applied to defend or to guard networks which are in all means wireless.

For Wi-Fi Protected Access (WPA) to be successful as well as strong it has to employ `Temporal
Key Integrity Protocol (TKIP) to safeguard or defend the wireless communications. AES
encryption is applied by WPA2.
Question 3
B. A framework for setting up a secure communication channel.
IPSec is a framework that ensures secure and private communication over an open network such
as the internet through the use of open standards. It uses cryptographic services in order to make
sure the data sent over the network is secure.
Question 4
D. Bell-LaPadula and Biba

The state model machine is known by building up The Bell-LaPadula and Biba.
Question 5


B. Site accreditation

DITSCAP and NIACAP are used to evaluate self-contained location on applications and also

Question 6
C. Reference monitor

Preference D, the safety essence, is the compilation of TCB works that exertion mutually to
apply the suggestion monitor task. In additional words, the safety essence is the completion of
the suggestion monitor notion. Preference A and B are not applicable TCB notion means. Before
the reference monitor conceding applied for access it has to legalize or authorize the resources
Question 7
A. Bell-LaPadula

Simply the Bell-LaPadula mold tackles information privacy. The Biba and Clark-Wilson mold
tackle information reliability. The Brewer and Nash mold averts arguments of significance.

Question 8
B. Mobile device management

Mobile device management (MDM) is defined as a program resolution to the tough duty of
administration the numerous mobile apparatus that workers employ to entrance business assets.


The objectives of MDM are to advance safety, offer the observation, allow distant management,
and support troubleshooting. It is evident that not all the mobile apparatus maintain detachable

maintenance, and even less maintains detachable maintenance which is encrypted. Geotagging is
applied or employed to spot pictures and communal system place, not for BYOD organization.
Question 9
A. Dedicated

In a fanatical organization, all clients have to have suitable safety authorization for the utmost
level of data practiced by the structure, they have to admission support for all data processed by
the structure, and they ought to have a suitable want to identify of all data practiced by the
Question 10
C. Control of a mechanism in the physical world

Since a fixed structure is in managing of a method in the material world, a safety infringe might
source damage to public and assets. This naturally is not accurate of a normal computer. Power
loss, Internet admission, and software errors are safety threats of the mutually entrenched system
and distinctive computers.


Institutional affiliation:





Thesis statement: The WEP algorithm has recognized errors which have to make it insignificant
to fracture. It ought to in no way be applied to defend or to guard networks which are in all
means wireless.
Answers for question 1 to 10


Saving Time in Supply Chain Outline
Institutional Affiliation




Saving Time in Supply Chain Outline

Thesis statement: In the world that we live in today, time is a highly valuable
commodity. People wake up early so that they can have more time to cover extra
activities or just a lot in a day. For this reason, individuals lean towards things and
services that save them time. Saving time means they will have more time to make
more money or whatever their goal is. The service industry has taken note of this need
and has made efforts to focus on saving their clients time. Say for instance
McDonald's. One of the unique characteristics that McDonald has is that they have
reduced the time used to prepare a burger or fries from the traditional 30 minutes to a
30 seconds span of time. This has been one of the selling points for McDonald's. Their
clients do not have to wait for a very long time to wait for their order to get ready.


flag Report DMCA

Thanks, good work

Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors