Security Assessment and Testing

/in /by

Week 6 Discussion: Security Assessment and TestingDiscussion Topic

Your task: Develop an “intake” briefing for middle managers who will be assisting in the planning and execution of an internal audit of employee use of company owned laptops as part of the company’s “Work From Home” arrangements. The purpose of an “intake” briefing is to get everyone “on the same page” with respect to what will be done, who will do it, and what the roles & responsibilities of the managers will be during the audit (e.g. assist with employee contacts and “smooth ruffled feathers” amongst their workers).

Background: The purpose of the audit is to determine how the laptops are being used by the employees working from home (what corporate and non corporate systems, services, networks, and websites are being accessed) and to uncover, if possible, any misuse (e.g. usage that is outside of the company’s acceptable use policy). The audit should also look for evidence of laptops that are improperly configured or have vulnerable software installed.

Background: The company will follow the Information System Security Audit Process as defined by Harris & Maymi in the CISSP All-in-One Exam Guide, 8th edition. The steps are:

  1. Determine Goals
  2. Involve the right business unit leaders
  3. Determine the scope
  4. Choose the audit team
  5. Plan the audit
  6. Conduct the audit
  7. Document the results
  8. Communicate the results

Format: this week, your deliverable should be formatted as briefing paper (you will have a combination of paragraphs and bullet points). You should have an introduction, “analysis” section (explaining the ground rules and processes for how the audit will be conducted), and an appropriate summary section (including an appeal for cooperation and assistance). Include citations (in the text) and references (at the end) to support your work and allow your readers to fact check your analysis and conclusions.

In your critiques for your peers (2 different students), focus on providing suggestions for strengthening the talking points (added content, refocused content, etc.) Grammar, punctuation, and other writing mechanics will be addressed by your instructor and should not be part of your critique.

 

 

The Detailed Security Risk Analysis approach

/in /by

The Detailed Security Risk Analysis approach is believed to provide the most accurate evaluation, (Stallings & Brown 2018: 490) of an organization’s IT system’s security risks, even though it comes at the highest cost. This approach has evolved with the development of trusted computer systems, initially focused on protecting the confidentiality of the information and reflecting the military concern with information classification.

QUESTION 1

Provide a detailed exposition of the steps that must be followed in carrying out a Detailed Security Risk Analysis.

SECTION B

Answer ANY THREE (3) questions in this section.

QUESTION 2 

2.1 Articulate the difference between a security framework and a security blueprint (4 marks)

2.2 How does a security implementation methodology differ from a security framework? (4 marks)

2.3 There is no such thing as a one-size-fits-all approach to security, and each framework has its pros and cons. Critically analyze this statement. (12 marks)

QUESTION 3 

According to Stallings & Brown (2018: 466) the internet has evolved through roughly four generations of technological deployment culminating into the IoT.

3.1 Identify and outline the four generations of technological deployment through the age of the internet right into the IoT

in their specific order with relevant examples in each generation. (8 marks)

3.2 Identify and describe any four [4] key components of an IoT-enabled device: (12 marks)

QUESTION 4 (20 Marks)

4.1 Provide a detailed outline of the Vandalism or Sabotage threat category, how it might hurt an organization and finally suggest ways in which possibilities of such attacks may be mitigated. (6 marks)

4.2 A form of threat that has emerged in recent years is Information Extortion. Explain what Information Extortion is providing an example of an instance of Information Extortion as well as an example of a type or category of Information

Extortion. (6 marks)

4.3 You are the Information Security Consultant in your organization which is in the middle of an extortion attack. The attacker is demanding a ransom. A very urgent meeting has been called in which you are expected to advise senior management on the steps to take in order to limit the damage and stem it at the current level before the process of recovery from the attack and the associated damage be initiated. Provide details of the step-wise recommendations that you will likely give to management in order to manage and nullify the attack.

Alternate Threat Models

/in /by

8-1 Discussion: Alternate Threat ModelsDiscussion Topic Available on Jun 18, 2022 11:59 PM. Submission is restricted before availability starts.

In previous modules, you studied different types of cyber attacks, and you have looked at threat modeling using the Howard Threat Model, which is a small process that exists under the topic of cybersecurity. Tools like the Lockheed Martin Cyber Kill Chain can also be used to help extend threat modeling into incident handling. Discuss the use of tools like the Cyber Kill Chain to handle incident response for emerging technologies.

 

 

Warning to Future Generations

/in /by

Warning to Future Generations The buildings of some camps have been left as reminders to future generations of the potential evil humans can spread the limits to whichmen and women can be pushed. Task: You have been selected by the Canadian History Holocaust Museum to create captions that connect the image with a Warning to Future Generations.

What makes a powerful "Warning’? Brainstorm some criteria for what would a warning powerful for you. A caption should: Be Informative Use strong words to show the urgency and importance Be no more than two sentences Be well connected to the image and context of the image Clearly state a warning Select TWO of the following images to create captions for:

Image and Brief Description Caption – Warning to Future Generations 5 May 1945 – Prisoners

America and Terrorism in the 21st Century

/in /by

America and Terrorism in the 21st Century Consider a few terrorist activities since the 1980s until today. address three (3) of the following questions and craft a response, as a whole, for your selections:

  • Explain if you think that global terrorism can be stopped.
  • If the United States withdrew its troops from the Middle East tomorrow, would the terrorist threat end. Why or why not?
  • Assess if the use of military force is the only way to prevent terrorism. Are there other possible alternatives? Which strategy is best and why?

Creating a Canadian political party

/in /by

Creating a Canadian political party. Each political party creates a political platform which informs the public what the party plans to do should they be elected. Build a political platform based on the sections listed below – you may include other ideas and omit some of the ones listed. The list is a suggested framework. You should note what the government is currently doing on the following policies, and show how you intend to improve upon the status quo. Citations included

Machiavellian Political Theory

/in /by

What is Machiavellian Political Theory? is there any example in the Philippine setting?What are the divine rights of kings? Is there any example in the philippine setting? What is social contract theory? Give an example (if any) in the Philippines

Aristotle’s Social and Political Philosophy in summary? Give an example in a philippine setting. Adam Smith’s Moral Sentiments give an example in a philippine setting.

 

Dynastic families in LGUs on society

/in /by

What are the effects of the presence of dynastic families in LGUs on society? Explain it in extensive detail, and do so thoroughly What are the effects of the presence of dynastic families in LGUs on the economy? Explain it in extensive detail, and do so thoroughly.

What are the effects of the presence of dynastic families in LGUs on destroyed culture? Explain it in extensive detail, and do so thoroughly.

What are the effects of the presence of dynastic families in LGUs on political influence and practices? Explain it in extensive detail, and do so thoroughly.

How does it add up to the prevailing social issues? Explain it in extensive detail, and do so thoroughly.

Now that the Marcos family are back at the politics with Bongbong Marcos as the presumptive president

What are the implications or disadvantages of having Marcos family as one of the political dynasty in the philippines. Explain the fear and horror of the people.

Medium-sized sub-Saharan African country

/in /by

You are the leader of a rebel group in medium-sized sub-Saharan African country. You would like to raise a large insurgent army to challenge the government. To do so, you will need resources to attract recruits and fund military operations. The region of the country you occupy has a large service economy {i.e. shops), manufacturing (textiles), agriculture (grains and root vegetables), mining (precious metals) and tourism. Question: What sector (5) of the economy would you seek to tax to fund your insurgent activity

Rebel group fighting against the Government

/in /by

Leader a rebel group that has been fighting against the Government for nearly 40 years.  While you have managed to achieve enough of a balance of power against the government that there is little risk of your outright defeat, it is equally unlikely that you will be able to defeat the government as originally planned

.  Furthermore, many of your fighters are tired of fighting.  The government has signalled a willingness to negotiate, including making concessions on key political issues.  It is likely that you and your fellow rebels will be given fully amnesty, the opportunity to form a political party and participate in the political process, and the government will implement some political and constitutional reforms to level the playfield.  Using Blattman’s theory of commitment problems, explain why would reject the deal.