CourseLover

(12)

$10/per page/Negotiable

About CourseLover

Levels Tought:
Elementary,Middle School,High School,College,University,PHD

Expertise:
Algebra,Applied Sciences See all
Algebra,Applied Sciences,Architecture and Design,Art & Design,Biology,Business & Finance,Calculus,Chemistry,Engineering,Health & Medical,HR Management,Law,Marketing,Math,Physics,Psychology,Programming,Science Hide all
Teaching Since: May 2017
Last Sign in: 185 Weeks Ago, 1 Day Ago
Questions Answered: 27237
Tutorials Posted: 27372

Education

  • MCS,MBA(IT), Pursuing PHD
    Devry University
    Sep-2004 - Aug-2010

Experience

  • Assistant Financial Analyst
    NatSteel Holdings Pte Ltd
    Aug-2007 - Jul-2017

Category > Information Systems Posted 06 Jul 2017 My Price 10.00

Information and Security Systems, writing homework help

Question description

 

Answer any five questions attached in 2-3 paragraphs each

Pick five (5) of the following question boxes to address. Include the original question with your answer, so it’s clear which one you’re answering. Each question identifies a range of lengths for the answer. Be sure that your answer addresses the specific context of the question.

1.        You are a manager of an e-commerce site in the financial services industry. Users have to log into their account on your site to access your services. The holiday season is approaching and you are looking for ways to ensure the availability of your site. A vendor proposes a solution whereby they monitor your site as follows:

a- You provide them with credentials (user name and password).

b- Every ten minutes they run an automated script to log into your site with these credentials to make sure that the site is up and running and services are available.

Assuming the solution is within your budget, how might you respond and why?

o    Sign up and grant them the credentials with unlimited access so everything is monitored

o    Sign up but limit the access of the credentials to only login to a designated page

o    Don’t sign up due to security concerns

o    Don’t sign up due to too much traffic congestion from the monitoring.

You might choose to pick a couple of these potential approaches and lay out pros and cons for them (bullet points or table structures are OK; aim for the rough equivalent of a couple of paragraphs of content and thought).

2.        You are responsible for managing elections in the United States. What concerns do you have about the perception of the election process, in terms of its information security? Describe the risks to each part of the CIA triangle

3.        The Internet of Things (IoT) is a big topic of discussion among InfoSec professionals, with new risks created by connecting previously “dumb” devices to the Internet, not only for home use, but also for online security cameras, industrial sensors and controls, and other such things. Pick two examples of newly Internet-connected devices, and describe the potential risks that are created because of the Internet connection. Your answer can be in terms of personal risks (for consumer products) or business risks (because of workplace connections or other reasons). Feel free to use additional research resources.

4.        In addition to information security, there are several different types of security systems in any substantial organization, including things like physical security, personnel security, etc. Name at least two additional areas of security focus, and describe why they are important and how they might relate to information security in a banking organization.

5. Consider a company like Facebook, which serves millions (billions?) of customers, and claims to require that each account be associated with exactly one person, and that the person must correctly identify themselves. Describe at least two approaches that might be used to uniquely and positively identify individuals before they sign up for an account (so that I can’t claim to be someone else, for example), and the data access required to make that happen. These could be online or human-assisted validation approaches. Comment briefly on the tradeoffs between your two approaches.

6. Cloud computing, while not new, is gaining in visibility and popularity, both among consumers and businesses. How does using a cloud computing service affect an organization’s risk management? Name at least three aspects of cloud operations that make things easier for the InfoSec team, and three aspects that make things harder for the InfoSec team to be confident about their security management. Explain why.

7.Consider the legal and regulatory impacts on information security. There were stories that indicated that the US National Security Agency had requested encryption keys from U.S. companies are, so that they could at any time decrypt communications or other data held by those companies, and that Yahoo! had routinely scanned millions of e-mails on behalf of US intelligence agencies. Assuming those stories are true, what two or three approaches might individuals take to protect their data from this type of access? Comment on the tradeoffs between the approaches you identify. Based on Apple and Google’s claims that they have made themselves unable to respond to law enforcement requests, how does this affect your position?

8. Bring your own device, or BYOD, is a hot topic in the security industry. What are at least three areas of the information security practice that are affected by people bringing their own electronic devices into the workplace, and using them for work purposes? Identify the three areas, and comment briefly on how each is affected by BYOD.

9.The text describes a system development life cycle, where security is factored into a number of stages of that life cycle. Why would it be important for a small retailer to use at least a simple form of a standard life cycle model, as opposed to approaching decisions and development in a less-structured fashion? Why does a life cycle model become more important as organizations grow in size and complexity?

10 .Think about home security – how we protect the physical and other assets in our homes. What are at least four layers of “defense in depth” in physical home security, and how do these compare and relate to their counterpart principles in information security?

11. Consider the recent flurry of data leaks and breaches from large, formerly reputable companies (most recently, Yahoo!), which indicate that perhaps organizations continue to be more vulnerable than previously known. What (perhaps additional) risk control strategies might organizations utilize to mitigate the risk and damage of these events? How could disclosure, both of the breach itself, as well as details of how the breach happened, help to improve security for the Internet as a whole?

 

Answers

(12)
Status NEW Posted 06 Jul 2017 06:07 PM My Price 10.00

----------- He-----------llo----------- Si-----------r/M-----------ada-----------m -----------Tha-----------nk -----------You----------- fo-----------r u-----------sin-----------g o-----------ur -----------web-----------sit-----------e a-----------nd -----------acq-----------uis-----------iti-----------on -----------of -----------my -----------pos-----------ted----------- so-----------lut-----------ion-----------. P-----------lea-----------se -----------pin-----------g m-----------e o-----------n c-----------hat----------- I -----------am -----------onl-----------ine----------- or----------- in-----------box----------- me----------- a -----------mes-----------sag-----------e I----------- wi-----------ll

Not Rated(0)