Description
In a 2 to 3 page paper using APA format and adhering to the writing rubric, from chapter 10, discuss means to cope with the complexity of computer and communication systems other than modularity, layering and hierarchy.
Writing Requirements
- 2-3 pages in length (excluding cover page, abstract, and reference list)
- APA format, Use the APA template located in the Student Resource Center to complete the assignment.
- Please use the Case Study Guide as a reference point for writing your case study.
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Explanation & Answer
Review
Review
Anonymous
Very useful material for studying!
Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
24/7 Homework Help
Stuck on a homework question? Our verified tutors can answer all questions, from basic math to advanced rocket science!
Most Popular Content
Need help with "Personal Computers and Networks"
determine whether you prefer a laptop or desktop. Elaborate on the features that you would want your desktop or laptop to ...
Need help with "Personal Computers and Networks"
determine whether you prefer a laptop or desktop. Elaborate on the features that you would want your desktop or laptop to offer, and provide an explanation of why you would want such features.
Authentication, Authorization and Session Management Security Controls
SDEV 460 – Homework 3Authentication, Authorization and Session Management Security ControlsOverview:This homework will d ...
Authentication, Authorization and Session Management Security Controls
SDEV 460 – Homework 3Authentication, Authorization and Session Management Security ControlsOverview:This homework will demonstrate your knowledge of testing security controls aligned withAuthentication, Authorization and Session ManagementAssignment: Total 100 pointsUsing the readings from weeks 5 and 6 as a baseline, analyze, test and document the results for the tutoring web application found on the SDEV virtual machine. You must use a combination of automated (e.g., OWASP ZAP) and manual methods. Specific tests to be conducted include:1. Test Role Definitions (OTG-IDENT-001) Create a test matrix for the Roles you see in the application- including the role, permissions for what actions, objects and constraints.2. Test User Registration Process (OTG-IDENT-002) Describe why this test is important to conduct and what threat does it mitigate against. Be sure to the answer the six questions and two validation processes found in the OWASP testing guide for the user registration process and make at least three recommendations for improvements for this aspect of the application.3. Testing for Credentials Transported over an Encrypted Channel (OTG-AUTHN-001) Describe why this test is important to conduct and what threat does it mitigate against. Note since HTTPS is not implemented, this will fail. But what recommendations (at least three) would you make to rectify the situation? What do other sites do for Authentication?4. Testing for default credentials (OTG-AUTHN-002) Describe why this test is important to conduct and what threat does it mitigate against. Are you able to guess a username and default email address for the application or underlying components such as the database? Does the application store any credentials in the database or in a flat file unencrypted?5. Testing for Weak lock out mechanism (OTG-AUTHN-003) Describe why this test is important to conduct and what threat does it mitigate against. Will the system lock-out after X attempts for a period of time. If not, what issues are associated with this and how could it be remedied (at least three recommendations)?6. Testing for Weak password policy (OTG-AUTHN-007) Are passwords weak? If so, describe at least three recommendations for improvement? What is at least one recommended password and lockout policy in the industry (e.g., NIST) – listing what they recommend for a strong password policy.7. Testing Directory traversal/file include (OTG-AUTHZ-001) Describe why this test is important to conduct and what threat does it mitigate against. Are you able to traverse to another directory? If so, what can be done to fix this? Note: This can be difficult to manually verify without testing all possible cases – thus lending itself to automatic scanning.8. Testing for Bypassing Authorization Schema (OTG-AUTHZ-002) Is it possible to obtain Admin rights through the non-admin path? Verify and demonstrate.9. Testing for cookies attributes (OTG-SESS-002) Describe why this test is important to conduct and what threat does it mitigate against. Are cookies present? Are they expired? Do they have the HttpOnly attribute set? Are they easy to guess – why or why not?10. Testing for logout functionality (OTG-SESS-006) Describe why this test is important to conduct and what threat does it mitigate against. Can a user logout of their session properly. If not, what recommendations (at least three) do you have to improve session security?Other Guidance:You should document the results for the tests and your comments, and recommendations for improved security for each security control tested in a word or PDF document. Provide screen captures and descriptions for all tests conducted. Discuss any issues found and possible mitigations. Review the grading rubric below to verify completeness.Note: The SDEV Virtual Machine you downloaded and used for SDEV 300. The URL is here if you need to download it again:https://citeapps.umuc.edu/SDEV/The VM runs on the latest version of Oracle Virtual Box. Full instructions, as well as the necessary passwords, are included in the course materials within this course.Deliverables:You should submit your document by the due date. Your document should be well-organized, include all references used and contain minimal spelling and grammar errors. Screen captures should be clearly labeled indicating exactly what the screen capture represents.Grading Rubric: Attribute MeetsRole Definitions10 pointsConducts Test Role Definitions for OTG-IDENT-001 as applied to the sample tutor application- including all attributes. (5 points)Creates a test matrix for the roles seen in sample tutor application. (5 points)User Registration10 pointsDescribes importance of this test and threat it addresses. (2 points)Tests the user registration process (OTG-IDENT-002) as applied to the sample tutor application. (3 points)Answers the six questions and two validation processes found in the OWASP testing guide for the user registration process and make at least three recommendations for improvements for this aspect of the application. (5 points)Credentials Transported5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for Credentials Transported over an Encrypted Channel (OTG-AUTHN-001) as applied to the sample tutor application. (2 points)Provides 3 or more recommendations to mitigate against threat and discusseswhat other sites do for authentication. (2 points)Default Credentials5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for default credentials (OTG-AUTHN-002) as applied to the sample tutor application. (2 points)Discusses findings about guessing credentials and the storage of credentials on flat files or the database. (2 points)Weak lock out mechanism10 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for weak lock-out mechanism (OTG-AUTHN-003) as applied to the sample tutor application. (4 points)Discusses results from system lock-out after X attempts and associated issues. Provides at least three recommendations to remedy. (5 points)Weak password policy10 pointsTests for Weak password policy (OTG-ATHN-007) as applied to the sample tutor application. (4 points)Discusses if passwords are weak and provides at least 3 recommendations to remedy. (3 points)Researches and describes at least one recommendedpassword policy in the industry – listing what they recommend for a strong password policy.(3 points)Directory traversal/file include10 pointsDescribes importance of this test and threat it addresses. (1 point)Tests Directory traversal/file include (OTG-AUTHZ-001) as applied to the sample tutor application. (5 points)Discusses if a user is able to traverse to another directory and what can be done to fix the issue. (4 points)Bypassing Authorization Schema10 pointsTests for Bypassing Authorization Schema (OTG-AUTHZ-002) as applied to the sample tutor application. (5 points)Discusses and demonstrates if a user can obtain Admin rights through the non-admin path. (5 points)Cookies Attributes5 pointsDescribes importance of this test and threat it addresses. (1 point)Discusses if cookies are present, are they expired, easy to guess, and have the HttpOnly attribute set. (4 points)Logout Functionality5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for logout functionality (OTG-SESS006) as applied to the sample tutor application. (2 points)Discusses if a user can logout of their session properly and provides at least 3 recommendations to improve session security. (2 points)Documentation and Submission20 pointsSubmits Word or PDF document including results from all security control testing. (10 points)Screen captures are clearly labeled and visible indicating exactly what the screen capture represents. (5 points)Document is well-organized, including page numbers, includes all references used, and contains minimal spelling and grammatical errors. (5 points).
ISSC341 discussion response
Hello,I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold b ...
ISSC341 discussion response
Hello,I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.Questions:As you learned in this lesson, there are many threats in networking. How would you proactively plan against these threats?Student one:Hello Class, In today’s digital age, information ranging from public to private, can easily be accessible with a click of a mouse or a slip of the tongue. These possibilities are the reasons why it is imperative that a business is proactive in ensuring the security of their networks. The most common threats that we’re most aware of are malicious threats. Daily there are thousands of new viruses, Trojan attacks, worms and spyware being created to access a wide range of networks across the globe. These threats can cost not only companies dearly but individuals themselves. The appropriate way to combat these threats is to install antivirus software into the system and ensuring that the software is updated regularly. Just this measure can mitigate these threats substantially (Lammle, 2012). An additional measure that should be considered when purchasing antivirus software is to ensure that they can scan e-mails and all the files downloaded from the internet. This one measure, although which can be considered a nuisance for employees, can eliminate an avenue from which hackers can infiltrate a businesses’ network.Another measure that should also be placed is the utilization of a firewall. Firewalls are basically barriers established by network administrators to monitor the flow of traffic (Tyson, 2000). By monitoring incoming and outgoing network traffic, they can flag suspicious packets and remove them prior to its entry into the network. Firewalls can prevent attacks such as application backdoors and Denial of Service (DoS), which anti-virus software is not really equipped for. Although anti-virus software and firewalls are good tools for network administrators, they only stop the attack. System and network administrators would never know what types and how many attacks were attempted without using some other programs. This is where intrusion detection systems (ID) come into play. One final measureIDS monitors network traffic for suspicious activity and alerts the system or network administrator. IDS can also take action on anomalous or malicious traffic by blocking the user or source IP address from accessing the network (Bradley, 22019). An IDS can act as a secondary measure if suspicious or malicious traffic were to have bypassed the firewall. Or it can also detect traffic that may be emanating from inside the network. An IDS as well as anti-virus software and firewalls once finely tuned can be great tools for system and network administrators in combating network threats.NilWorks CitedBradley, T. (22019, June 1). Introduction to Intrusion Detection Systems (IDS). Retrieved from Lifewire.com: https://www.lifewire.com/introduction-to-intrusion...Lammle, T. (2012). CompTIA Network+ Study Guide, Second Edition (Exam N10-005). Indianapolis, IN: Wiley & Sons, Inc.Tyson, J. (2000, October 24). How Firewalls Work. Retrieved from HowStuffWorks.com: https://computer.howstuffworks.com/firewall.htmStudent two:Good afternoon everyone!First you need to know what is out there – the threat actors. Once you know the threats, you can take measures to negate their effectiveness, but you must have a means of performing risk management. My personal choice for risk management and establishing a framework is the National Institute of Standards and Technology (NIST), Special Publication (SP) 800-30r1 and 800-39. NIST SP 800-39 provides structured guidance on assessing, responding to, and monitoring information security risk to organizational operations (NIST SP 800.39). Whereas NIST SP 800.30r1 amplifies guidance found in 800.39 and provides additional guidance on performing each of the risk assessment process steps, which include preparing the assessment, its conduct, communicating results, and maintaining the assessment (NIST SP 800.30r1).Our text provides three ways to detect intruders, which are active and passive detection and proactive defense. Active detection involves looking for known attack methods and scans to detect unusual traffic. Passive detection evaluates log events taken from the network. A proactive defense looks for holes and plugs them as quick as possible. I feel it is safe to say no one way is the best way and when possible, a risk mitigation program should include elements of all three means for detecting nefarious actors. So from a proactive approach, I would use my reference architecture and see what and where connections are made then evaluate the environment (Lammie, 2012).When evaluating the environment and the threats both adversarial and non-adversarial threats are evaluated by examining either capability, intent, and targeting, or range of effects, respectively. Next in the process is determining the likelihood of impact and the impact itself, which is then followed by the risk determination. I reduced the process found in NIST SP800.30r1 a great deal, so you need to understand at the end of the process you are able to determine the overall risk. I like the NIST 800.30r1 method of evaluating risk because it offers both quantitative and qualitative methods for evaluating risk as well as providing a repeatable method for performing risk assessments. The repeatable nature of the risk management process ensures a consistent evaluation of threats occurs even when new data is discovered and applied to the risk process.The ability to review and incorporate new data against known threats also enables analysts to discover threat shift, which is when a threat actor employs a new tool or different attack method designed to negate the current security measure. Discovering threat shift is vital to any risk management program because it verifies the existence of a threat actor and confirms the methodology used in the threat event. Therefore, my proactive approach would include the use of risk management methodologies found in the NIST SP 800.30r1 and 800.39.What an awesome week so far! Analysis is one thing I really enjoy and I have had a great deal of success instituting and building on the scales and tables found in NIST SP 800.30r1. Take care everyone and I hope your week is eventful!JC References:Gallagher, P. (September 2012) Information Security: Guide for Conducting Risk Assessments. Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistsp...Gallagher, P. (March 2011). Information Security: Managing Information Security Risk – Organization, Mission, and Information System View. Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistsp...Lammie, T. (2012). CompTIA Network+ Study Guide, Second Edition. Retrieved from https://apus.intelluslearning.com/lti/#/lesson/156...
7 pages
It440 Assignment
You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on Blackboard via the a ...
It440 Assignment
You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on Blackboard via the allocated folder. These files ...
UC Shareware Software a Set of Data Discussion
Do some research on Threat Response software. Find one particular software package to investigate.
What does the softwa ...
UC Shareware Software a Set of Data Discussion
Do some research on Threat Response software. Find one particular software package to investigate.
What does the software do?
What are it's major features?
What kind of training is required?
How much does the software cost?
3 pages
Threat Modelling
Threat modeling is a structured process that involved the identification of possible security vulnerabilities and threats, ...
Threat Modelling
Threat modeling is a structured process that involved the identification of possible security vulnerabilities and threats, evaluating their intensity, ...
Similar Content
No Plagiarism. I want it with in 2 days
Research at least two articles on the topic of managerial issues of a networked organization. Write a brief synthesis and ...
Academy Education Services Production Software Packages Discussion
Discuss where you, or a consumer, may obtain or purchase software packages, and what they might expect to pay for document...
Project Management Question
See attached details ...
Legal regulations
1. List the steps in maintaining chain of custody for digital evidence.2. Why is it important to follow the chain of custo...
University of the Cumberlands Business Intelligence Case Study
Case Studies - (Follow all steps below)carefully review and read both end of chapter application cases from chapters 1 and...
cindrella question first time
i need 3 page document and some diagrams if possible in the 4th page.explain how you could use MVC (Model/View/Controller)...
Chapter 8 Responses
I agree with you that there is a need for companies to function correctly and carry on their processes without any problem...
Reply F
Raw data is picked from the source and not subjected to any software or researcher's processing or manipulation. The data ...
Artificial Intelligence
1. A heuristic h(n) is admissible if for each node n, h(n) ≤ h*(n),where h*(n) is the true cost...
Related Tags
Book Guides
The Hobbit
by J. R. R. Tolkien
East of Eden
by John Steinback
And Then There Were None
by Agatha Christie
Robinson Crusoe
by Daniel Defoe
The Russian Hoax
by Gregg Jarrett
Breakfast at Tiffanys
by Truman Capote
100 Side Hustles
by Chris Guillebeau
Fear - Trump in the White House
by Bob Woodward
Don Quixote
by Miguel de Cervantes
Get 24/7
Homework help
Our tutors provide high quality explanations & answers.
Post question
Most Popular Content
Need help with "Personal Computers and Networks"
determine whether you prefer a laptop or desktop. Elaborate on the features that you would want your desktop or laptop to ...
Need help with "Personal Computers and Networks"
determine whether you prefer a laptop or desktop. Elaborate on the features that you would want your desktop or laptop to offer, and provide an explanation of why you would want such features.
Authentication, Authorization and Session Management Security Controls
SDEV 460 – Homework 3Authentication, Authorization and Session Management Security ControlsOverview:This homework will d ...
Authentication, Authorization and Session Management Security Controls
SDEV 460 – Homework 3Authentication, Authorization and Session Management Security ControlsOverview:This homework will demonstrate your knowledge of testing security controls aligned withAuthentication, Authorization and Session ManagementAssignment: Total 100 pointsUsing the readings from weeks 5 and 6 as a baseline, analyze, test and document the results for the tutoring web application found on the SDEV virtual machine. You must use a combination of automated (e.g., OWASP ZAP) and manual methods. Specific tests to be conducted include:1. Test Role Definitions (OTG-IDENT-001) Create a test matrix for the Roles you see in the application- including the role, permissions for what actions, objects and constraints.2. Test User Registration Process (OTG-IDENT-002) Describe why this test is important to conduct and what threat does it mitigate against. Be sure to the answer the six questions and two validation processes found in the OWASP testing guide for the user registration process and make at least three recommendations for improvements for this aspect of the application.3. Testing for Credentials Transported over an Encrypted Channel (OTG-AUTHN-001) Describe why this test is important to conduct and what threat does it mitigate against. Note since HTTPS is not implemented, this will fail. But what recommendations (at least three) would you make to rectify the situation? What do other sites do for Authentication?4. Testing for default credentials (OTG-AUTHN-002) Describe why this test is important to conduct and what threat does it mitigate against. Are you able to guess a username and default email address for the application or underlying components such as the database? Does the application store any credentials in the database or in a flat file unencrypted?5. Testing for Weak lock out mechanism (OTG-AUTHN-003) Describe why this test is important to conduct and what threat does it mitigate against. Will the system lock-out after X attempts for a period of time. If not, what issues are associated with this and how could it be remedied (at least three recommendations)?6. Testing for Weak password policy (OTG-AUTHN-007) Are passwords weak? If so, describe at least three recommendations for improvement? What is at least one recommended password and lockout policy in the industry (e.g., NIST) – listing what they recommend for a strong password policy.7. Testing Directory traversal/file include (OTG-AUTHZ-001) Describe why this test is important to conduct and what threat does it mitigate against. Are you able to traverse to another directory? If so, what can be done to fix this? Note: This can be difficult to manually verify without testing all possible cases – thus lending itself to automatic scanning.8. Testing for Bypassing Authorization Schema (OTG-AUTHZ-002) Is it possible to obtain Admin rights through the non-admin path? Verify and demonstrate.9. Testing for cookies attributes (OTG-SESS-002) Describe why this test is important to conduct and what threat does it mitigate against. Are cookies present? Are they expired? Do they have the HttpOnly attribute set? Are they easy to guess – why or why not?10. Testing for logout functionality (OTG-SESS-006) Describe why this test is important to conduct and what threat does it mitigate against. Can a user logout of their session properly. If not, what recommendations (at least three) do you have to improve session security?Other Guidance:You should document the results for the tests and your comments, and recommendations for improved security for each security control tested in a word or PDF document. Provide screen captures and descriptions for all tests conducted. Discuss any issues found and possible mitigations. Review the grading rubric below to verify completeness.Note: The SDEV Virtual Machine you downloaded and used for SDEV 300. The URL is here if you need to download it again:https://citeapps.umuc.edu/SDEV/The VM runs on the latest version of Oracle Virtual Box. Full instructions, as well as the necessary passwords, are included in the course materials within this course.Deliverables:You should submit your document by the due date. Your document should be well-organized, include all references used and contain minimal spelling and grammar errors. Screen captures should be clearly labeled indicating exactly what the screen capture represents.Grading Rubric: Attribute MeetsRole Definitions10 pointsConducts Test Role Definitions for OTG-IDENT-001 as applied to the sample tutor application- including all attributes. (5 points)Creates a test matrix for the roles seen in sample tutor application. (5 points)User Registration10 pointsDescribes importance of this test and threat it addresses. (2 points)Tests the user registration process (OTG-IDENT-002) as applied to the sample tutor application. (3 points)Answers the six questions and two validation processes found in the OWASP testing guide for the user registration process and make at least three recommendations for improvements for this aspect of the application. (5 points)Credentials Transported5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for Credentials Transported over an Encrypted Channel (OTG-AUTHN-001) as applied to the sample tutor application. (2 points)Provides 3 or more recommendations to mitigate against threat and discusseswhat other sites do for authentication. (2 points)Default Credentials5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for default credentials (OTG-AUTHN-002) as applied to the sample tutor application. (2 points)Discusses findings about guessing credentials and the storage of credentials on flat files or the database. (2 points)Weak lock out mechanism10 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for weak lock-out mechanism (OTG-AUTHN-003) as applied to the sample tutor application. (4 points)Discusses results from system lock-out after X attempts and associated issues. Provides at least three recommendations to remedy. (5 points)Weak password policy10 pointsTests for Weak password policy (OTG-ATHN-007) as applied to the sample tutor application. (4 points)Discusses if passwords are weak and provides at least 3 recommendations to remedy. (3 points)Researches and describes at least one recommendedpassword policy in the industry – listing what they recommend for a strong password policy.(3 points)Directory traversal/file include10 pointsDescribes importance of this test and threat it addresses. (1 point)Tests Directory traversal/file include (OTG-AUTHZ-001) as applied to the sample tutor application. (5 points)Discusses if a user is able to traverse to another directory and what can be done to fix the issue. (4 points)Bypassing Authorization Schema10 pointsTests for Bypassing Authorization Schema (OTG-AUTHZ-002) as applied to the sample tutor application. (5 points)Discusses and demonstrates if a user can obtain Admin rights through the non-admin path. (5 points)Cookies Attributes5 pointsDescribes importance of this test and threat it addresses. (1 point)Discusses if cookies are present, are they expired, easy to guess, and have the HttpOnly attribute set. (4 points)Logout Functionality5 pointsDescribes importance of this test and threat it addresses. (1 point)Tests for logout functionality (OTG-SESS006) as applied to the sample tutor application. (2 points)Discusses if a user can logout of their session properly and provides at least 3 recommendations to improve session security. (2 points)Documentation and Submission20 pointsSubmits Word or PDF document including results from all security control testing. (10 points)Screen captures are clearly labeled and visible indicating exactly what the screen capture represents. (5 points)Document is well-organized, including page numbers, includes all references used, and contains minimal spelling and grammatical errors. (5 points).
ISSC341 discussion response
Hello,I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold b ...
ISSC341 discussion response
Hello,I need two responses of at least 150 words each for the below students discussions for this week. Also in the bold below are the questions the students at answering.Questions:As you learned in this lesson, there are many threats in networking. How would you proactively plan against these threats?Student one:Hello Class, In today’s digital age, information ranging from public to private, can easily be accessible with a click of a mouse or a slip of the tongue. These possibilities are the reasons why it is imperative that a business is proactive in ensuring the security of their networks. The most common threats that we’re most aware of are malicious threats. Daily there are thousands of new viruses, Trojan attacks, worms and spyware being created to access a wide range of networks across the globe. These threats can cost not only companies dearly but individuals themselves. The appropriate way to combat these threats is to install antivirus software into the system and ensuring that the software is updated regularly. Just this measure can mitigate these threats substantially (Lammle, 2012). An additional measure that should be considered when purchasing antivirus software is to ensure that they can scan e-mails and all the files downloaded from the internet. This one measure, although which can be considered a nuisance for employees, can eliminate an avenue from which hackers can infiltrate a businesses’ network.Another measure that should also be placed is the utilization of a firewall. Firewalls are basically barriers established by network administrators to monitor the flow of traffic (Tyson, 2000). By monitoring incoming and outgoing network traffic, they can flag suspicious packets and remove them prior to its entry into the network. Firewalls can prevent attacks such as application backdoors and Denial of Service (DoS), which anti-virus software is not really equipped for. Although anti-virus software and firewalls are good tools for network administrators, they only stop the attack. System and network administrators would never know what types and how many attacks were attempted without using some other programs. This is where intrusion detection systems (ID) come into play. One final measureIDS monitors network traffic for suspicious activity and alerts the system or network administrator. IDS can also take action on anomalous or malicious traffic by blocking the user or source IP address from accessing the network (Bradley, 22019). An IDS can act as a secondary measure if suspicious or malicious traffic were to have bypassed the firewall. Or it can also detect traffic that may be emanating from inside the network. An IDS as well as anti-virus software and firewalls once finely tuned can be great tools for system and network administrators in combating network threats.NilWorks CitedBradley, T. (22019, June 1). Introduction to Intrusion Detection Systems (IDS). Retrieved from Lifewire.com: https://www.lifewire.com/introduction-to-intrusion...Lammle, T. (2012). CompTIA Network+ Study Guide, Second Edition (Exam N10-005). Indianapolis, IN: Wiley & Sons, Inc.Tyson, J. (2000, October 24). How Firewalls Work. Retrieved from HowStuffWorks.com: https://computer.howstuffworks.com/firewall.htmStudent two:Good afternoon everyone!First you need to know what is out there – the threat actors. Once you know the threats, you can take measures to negate their effectiveness, but you must have a means of performing risk management. My personal choice for risk management and establishing a framework is the National Institute of Standards and Technology (NIST), Special Publication (SP) 800-30r1 and 800-39. NIST SP 800-39 provides structured guidance on assessing, responding to, and monitoring information security risk to organizational operations (NIST SP 800.39). Whereas NIST SP 800.30r1 amplifies guidance found in 800.39 and provides additional guidance on performing each of the risk assessment process steps, which include preparing the assessment, its conduct, communicating results, and maintaining the assessment (NIST SP 800.30r1).Our text provides three ways to detect intruders, which are active and passive detection and proactive defense. Active detection involves looking for known attack methods and scans to detect unusual traffic. Passive detection evaluates log events taken from the network. A proactive defense looks for holes and plugs them as quick as possible. I feel it is safe to say no one way is the best way and when possible, a risk mitigation program should include elements of all three means for detecting nefarious actors. So from a proactive approach, I would use my reference architecture and see what and where connections are made then evaluate the environment (Lammie, 2012).When evaluating the environment and the threats both adversarial and non-adversarial threats are evaluated by examining either capability, intent, and targeting, or range of effects, respectively. Next in the process is determining the likelihood of impact and the impact itself, which is then followed by the risk determination. I reduced the process found in NIST SP800.30r1 a great deal, so you need to understand at the end of the process you are able to determine the overall risk. I like the NIST 800.30r1 method of evaluating risk because it offers both quantitative and qualitative methods for evaluating risk as well as providing a repeatable method for performing risk assessments. The repeatable nature of the risk management process ensures a consistent evaluation of threats occurs even when new data is discovered and applied to the risk process.The ability to review and incorporate new data against known threats also enables analysts to discover threat shift, which is when a threat actor employs a new tool or different attack method designed to negate the current security measure. Discovering threat shift is vital to any risk management program because it verifies the existence of a threat actor and confirms the methodology used in the threat event. Therefore, my proactive approach would include the use of risk management methodologies found in the NIST SP 800.30r1 and 800.39.What an awesome week so far! Analysis is one thing I really enjoy and I have had a great deal of success instituting and building on the scales and tables found in NIST SP 800.30r1. Take care everyone and I hope your week is eventful!JC References:Gallagher, P. (September 2012) Information Security: Guide for Conducting Risk Assessments. Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistsp...Gallagher, P. (March 2011). Information Security: Managing Information Security Risk – Organization, Mission, and Information System View. Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistsp...Lammie, T. (2012). CompTIA Network+ Study Guide, Second Edition. Retrieved from https://apus.intelluslearning.com/lti/#/lesson/156...
7 pages
It440 Assignment
You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on Blackboard via the a ...
It440 Assignment
You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on Blackboard via the allocated folder. These files ...
UC Shareware Software a Set of Data Discussion
Do some research on Threat Response software. Find one particular software package to investigate.
What does the softwa ...
UC Shareware Software a Set of Data Discussion
Do some research on Threat Response software. Find one particular software package to investigate.
What does the software do?
What are it's major features?
What kind of training is required?
How much does the software cost?
3 pages
Threat Modelling
Threat modeling is a structured process that involved the identification of possible security vulnerabilities and threats, ...
Threat Modelling
Threat modeling is a structured process that involved the identification of possible security vulnerabilities and threats, evaluating their intensity, ...
Earn money selling
your Study Documents