New Semester
Started
Get
50% OFF
Study Help!
--h --m --s
Claim Now
Question Answers
Textbooks
Find textbooks, questions and answers
Oops, something went wrong!
Change your search query and then try again
S
Books
FREE
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Tutors
Online Tutors
Find a Tutor
Hire a Tutor
Become a Tutor
AI Tutor
AI Study Planner
NEW
Sell Books
Search
Search
Sign In
Register
study help
computer science
principles of information security
Principles Of Information Security 7th Edition Michael E. Whitman, Herbert J. Mattord - Solutions
I. Explain that the Bell–LaPadula (BLP) model ensures the confidentiality of the modeled system by using MACs, data classification, and security clearances.II. Compare and contrast between the two access modes that are part of the BLP model: simple security and the * (star) property.• Simple
I. Introduce students to the Common Criteria for Information Technology Security Evaluation, often called the Common Criteria or just CC.II. Mention that it is an international standard for computer security certification. It is classified as ISO/IEC 15408.III. Discuss the following CC
I. Discuss the Information Technology System Evaluation Criteria (ITSEC), which is an international set of criteria for evaluating computer systems.II. Emphasize that Targets of Evaluation (ToE) are used to compare detailed security function specifications, which net an assessment of systems
I. Describe the Trusted Computer System Evaluation Criteria (TCSEC). Point out that it is an older Department of Defense (DoD) standard that defines the criteria for assessing the access controls in a computer system. This is also known as the "Orange Book" and is the cornerstone of a larger series
A network filter that allows administrators to restrict access to external content from within a network is known as which of the following?a. Content filterb. Dynamic filterc. Static filterd. State ful filter
True or False: All traffic exiting from the trusted network should be filtered.
Explain that accountability or auditability is a system that directly attributes the actions on a system with an authenticated entity.
What type of firewall examines every incoming packet header and can selectively filter packets based on header information, such as destination address, source address, packet type, and other key information?a. Packet filteringb. Proxy serverc. Media access control (MAC) layerd. Application
Recognize the concept of authorization as the matching of an authenticated entity to a list of information assets and corresponding access levels, which can happen in one of three ways.• Authorization for each authenticated usero This is where the system performs an authentication process to
The piece of the system that manages access controls within TCB is an object known as which of the following?a. Covert channelb. Storage channelc. Reference monitord. Standard
I. Review the definition of authentication. Explain to learners that this is the process of validating an unauthenticated entity’s purported identity.II. Assemble and outline the three commonly used authentication factors:• Something you know• Something you have• Something you are or you
The biometric technology criteria that describes the number of legitimate users who are denied access because of a failure in the biometric device is known as which of the following?a. False reject rateb. False accept ratec. Crossover error rated. Accountability rate
I. Define identification as a mechanism whereby unverified entities—called supplicants—who seek access to a resource propose a label by which they are known to the system.II. Emphasize the fact that the identifier label applied to the supplicant must be mapped to one and only one entity within
True or False: The authentication factor something a supplicant has relies upon individual characteristics, such as fingerprints, palm prints, hand topography, hand geometry, or retina and iris scans.
Outline the four fundamental functions of access control systems:• Identification• Authentication• Authorization• Accountability
Which term is used to describe the process of validating a supplicant’s purported identity?a. Accountabilityb. Authenticationc. Authorizationd. Biometrics
I. Describe how technical controls are essential in enforcing policy for many IT functions that do not involve direct human control.II. Explain the concept of technical control solutions, which when properly implemented, can improve an organization’s ability to balance the often conflicting
The method by which systems determine whether and how to admit a user into a trusted area of the organization is known as which of the following?a. Attributeb. Accountabilityc. Access controld. Auditability
I. Compare and contrast the difference between temporary employees and contract employees and their differences and similarities with respect to information security policies.II. Explain contracts for consultants should specify all requirements for information or facility access before the
I. Distinguish the difference that temporary employees are hired by the organization to serve in a temporary position or to supplement the existing workforce when compared to permanent employees.II. Review the concept of how these employees may be paid employees of a “temp agency” or a similar
I. Summarize knowledge that individuals who are not subject to rigorous screening, contractual obligations, and eventual secured termination often have access to sensitive organizational information.II. Explain how relationships with individuals in this category should be carefully managed to
Emphasize the law states organizations are required to protect employee information that is sensitive or personal as you learned in the sixth module. This information includes employee addresses, phone numbers, Social Security numbers, medical conditions, and even names and addresses of family
I. Describe the term separation of duties and why it is important in reducing the risk an organization takes on when limiting the chance an employee will violate information security and break the confidentiality, integrity, or availability of information.II. Compare and contrast separation of
I. Detail that friendly departures include resignation, retirement, promotion, or relocation. In this case, the employee may have tendered notice well in advance of the actual departure date.II. Emphasize this type of departure is more challenging because it makes it more difficult for security to
I. Summarize that an organization should integrate the security awareness education into a new hire’s job orientation and make it a part of every employee’s on-the-job security training.II. Discuss how keeping security at the forefront of employees’ minds minimizes employee mistakes and is an
Describe the purpose of the CompTIA Security+ certification test as it is geared towards a professional’s entry-level security knowledge and their minimum two years of on-the-job networking experience.
True or False: Popular cryptosystems use a hybrid combination of symmetric and asymmetric algorithms.
True or False: PKI systems are based on public-key cryptosystems and include digital certificates and certificate authorities.
The process of hiding information within other files, such as digital pictures or other images, is known as which of the following?a. Digital signaturesb. Steganographyc. Registration authorityd. Digital certificates
Which of the following is a hybrid cryptosystem that has become the open-source de facto standard for encryption and authentication of e-mail and file storage applications?a. PGPb. S-HTTPc. SSLd. S/MIME
Discuss wireless local area networks, which are thought by many in the IT industry to be inherently insecure. Without some form of protection, these signals can be intercepted by anyone with a wireless packet sniffer.
Explain that to qualify for the HCISPP you must focus on security management topics and healthcare; this certification requires the candidate to demonstrate knowledge in six specialty domains on its 125-question multiple-choice exam:• Healthcare industry• Regulatory environment• Privacy and
Establish that security analysts are often known as security technicians, security architects, and/or security engineers.Examine the core duties of security analysts. Based on the need, they are technically qualified employees who configure firewalls, deploy IDPSs, implement security software,
Express this certification is targeted at managers and employees with knowledge and experience in risk management.Outline the four domains that the exam covers in this annual exam:IT risk identification (27 percent)IT risk assessment (28 percent)Risk response and mitigation (23 percent)Risk and
Contrast the Certified in the Governance of Enterprise IT (CGEIT) certification with others examined in this section as it is mostly geared towards upper-level executives (CISOs and CIOs), directors, and consultants who have knowledge or experience in IT governance.Outline the four domains that the
Explain to students that this is one of the newest certifications offered.Stress that the Certified Data Privacy Solutions Engineer (CDPSE) is an exam that focuses on protection of customer’s personal information.Outline the four domains that the exam covers in this annual exam:Privacy governance
Focus on the critical fact that regardless of the position an organization should always have information security as a documented part of an employee’s job description.Explain that from an information security perspective the hiring of employees is a responsibility laden with potential security
Demonstrate how an opening within the information security department presents a unique opportunity for the security manager to educate HR on the certifications, experience, and qualifications of a good candidate.Recommend to students departments outside of information security, like HR, should
To assess the effect that information security changes will have on the organization’s personnel management practices, the organization should conduct which of the following studies before the implementation phase?a. Security auditb. Project feasibilityc. Behavioral feasibilityd. Employee feedback
Emphasize that often in large organizations, the information technology (IT) department houses the information security (IS) department and designates a chief information security officer (CISO) or chief security officer (CSO) to operate it.Advocate to learners that according to the 2019 (ISC)
Which of the following positions is typically the top information security employee in the organization?a. CISOb. CEHc. Security Managerd. CSO
Which of the information security roles is usually tasked with configuring firewalls, deploying IDSs, implementing security software, diagnosing and troubleshooting problems, and coordinating with systems and network administrators to ensure that security technology is operating to protect the
Discuss the criteria on which selecting information security personnel is based, including the principles of supply and demand. This is likely a combination of experience, certifications, and knowledge.Recall that most information security (IS) professionals who are wanting to enter the market will
Which of the following information security roles is accountable for the day-to-day operation of the information security program?a. Security Analystb. CISOc. CSOd. Security Manager
True or False: In most organizations, the security analyst position is one that is a senior-level position that requires numerous years of experience and certifications.
Outline and classify the two common points of entry that information security professionals come from. These are often ex-law enforcement and military personnel and technical professionals.Gain awareness that college graduates and upper-division students are selecting and tailoring degree programs
Which of the following is a certification offered by the International Information Systems Security Certification Consortium (ISC)2?a. Security+b. GIACc. CISSPd. CGEIT
Which of the following certifications requires the applicant to complete a written practical assignment to complete the certification process?a. Security+b. GIACc. CISSPd. CGEIT
Which of the following ISACA certifications, while not specifically a security certification, contains many information security systems’ auditing components and is only offered a few times per year?a. CISAb. CISMc. CGEITd. CRISC
Compare and contrast the differences between a CISO and CSO. Depending on the organization, the CISO’s position may be combined with physical security responsibilities or may even report to a security manager who is responsible for both logical (information) security and physical security.Stress
Once a candidate has accepted the job offer, the employment ________ becomes an important security instrument.a. Non-disclosure agreementb. Contractc. Security acknowledgementd. Offer
Apply knowledge presented in the text that security managers are accountable for the day-to-day operation of the information security program. They accomplish the objectives that are identified by the CISO and resolve issues that are identified by technicians.Recall that candidates for this
True or False: The least privilege principle ensures no unnecessary access to data exists by regulating members, so they can perform only the minimum data manipulation needed.
Identify that many organizations seek industry-recognized certifications when reviewing the credentials of applicants.Relate those existing certifications are relatively new and not fully understood by hiring organizations.Discuss how the certifying bodies are working to educate employers and
Emphasize that the International Information Systems Security Certification Consortium (ISC)2 is considered the foremost organization offering information security certifications today.
Present that the CISSIP certification is considered the ‘gold standard’ and the most prestigious certification for security managers and CISO’s.Recognize that professionals must possess at least five years of direct, full-time experience as a security professional working in at least two of
Contrast that, like the CISSP, the SSCP certification applies more to the security manager than the security technician because the SSCP focuses on practices, roles, and responsibilities as defined by experts from major information security industries.Outline the seven domains SSCP covers in their
Detail that The Certified Secure Software Lifecycle Professional (CSSLP) is another (ISC)2 certification focused on the development of secure applications.Encourage students to understand that to get this certification a professional must have at least four years of recent experience in one or more
Recognize that this certification is geared towards professionals who with the NIST Risk Management Framework, the Certified Authorization Professional is a certification that focuses on the deployment of the RMF, mainly in the government and the Department of Defense, but also in other public or
Explain that to qualify for the HCISPP you must focus on security management topics and healthcare; this certification requires the candidate to demonstrate knowledge in six specialty domains on its 125-question multiple-choice exam:Healthcare industryRegulatory environmentPrivacy and security in
Stress that the Certified Cloud Security Professional (CCSP) certification exam is sponsored by the Cloud Security Alliance and focuses on professionals who are responsible for specifying, acquiring, securing, and managing cloud-based services for their organization.Review the six domains that the
Justify the merit of this certification as it is an innovative approach to the experience requirement that may prohibit others from being able to take other exams outlined in this section of the module.Recognize that this provides an option that learners can complete the exams, subscribe to the
Explain to learners how the Information Systems Audit and Control Association (ISACA) offers several reputable certifications. This includes the CISM, CISA, CGEIT, and CDPSE certifications.
Establish that the CISM credential is focused on information security managers and others who may have similar management responsibilities.Outline the four domains that the exam covers in this annual exam:Information security governance (24 percent)Information risk management (30
Identify that EC Council is a new competitor in certifications for security management. They offer a Certified CISO (CCISO) certification which tests security domain knowledge as well as knowledge of executive business management.Establish the six domains that have certifications available that
Define the reality that certifications cost money and the better certifications can be quite expensive to attain. Depending on the certification, one can cost more than$750.00 alone, and certifications that require multiple exams are in the thousands of dollars.Explain how while these courses
Establish an understanding that as a future information security professional learners can benefit from keeping the following suggestions in mind as you enter the information security job market:Always remember business before technology.When evaluating a problem, look at the source of the problem
Discuss how to incorporate information security perspectives into the hiring process and how it begins with reviewing and updating all job descriptions.Explain the importance of preventing people from applying for positions based solely on access to sensitive information by having the organization
I. Examine the purpose of a background check and why it is important to investigate the candidate’s past because criminal behavior could indicate the potential for future misconduct.II. Review the restrictions and regulations that govern what the organization can investigate and how much of the
I. Explain how once a candidate has accepted the job offer, the employment contract becomes an important security instrument and must be protected much in the same way as other data sets in an organization.II. Classify policies discussed in the text that require an employee to agree in writing to
State that governance describes the entire process of governing, or controlling, the processes used by a group to accomplish some objective.Define the term governance and why the board of directors are the ones that must be involved to provide strategic direction. Note the five key tasks they are
True or False: An example of a disaster classification plan is a scale that has Minor, Moderate, Severe, and Critical categories.
Summarize the practice of incident classification and why it is important for an IR plan to have this included to determine the severity of threats that may occur.Recall that incidents are the responsibility of the CSIRT except for an organization having a security operations center (SOC).Review
Outline indicators that may warrant an incident to be investigated but may be common within an organization depending on one’s interpretation:Presence of unfamiliar filesPresence or execution of unknown programs or processesUnusual consumption of computing resourcesUnusual system crashesGive
Compare and contrast probable indicators to possible indicators and explain how they are different from one another.Review the list of incident candidates as outlined in the text that are considered probable indicators of actual incidents:Activities at unexpected timesPresence of new
Stress that definite indicators are incident candidates of something that is happening or has happened. Better put, they are clear signals.Establish an understanding that the IR plan must be activated immediately in a situation like this, and the CSIRT must act.Review the list of incident
Focus students’ attention that regardless of whether an incident indicator was possible, probable, or definite, action still must be taken because consequences can still result that could be detrimental for an organization.Review the five most likely outcomes that an incident can cause. Whether
Recall that once an incident has been confirmed and classified properly, the IR plan moves into the detection phase.Summarize the action steps for reacting to incidents. They include:Notifying key personnelDocumenting the incident(s)Strategizing an incident containment plan to minimize impact to
Emphasize the use of an alert roster as the first line of defense and step that is taken once a CSIRT determines that an incident is in progress.Examine the two ways an alert roster is activated:Sequentially: This option requires that a designated contact person initiate contact with each person on
Conclude that the most critical component of an IR plan is to stop the incident and contain the scope and/or impact to the organization. With time being of the essence, detailed analyses here are not the best use of resources as it may prolong the attack and its result.Propose the following
Emphasize that most organizations cannot sustain a permanent digital forensics team. Even so, there should be people in the information security group trained to understand and manage the forensics process.Recall that this expertise can be obtained by sending staff members to a regional or national
Label that an affidavit is sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place.Distinguish that when an approving authority signs the affidavit or creates a synopsis form based on
Broadcast that all investigations applying the use of digital forensics apply the same basic methodology below:Identify relevant EM.Acquire (seize) the evidence without alteration or damage.Take steps to assure that the evidence at every step is verifiably authentic and is unchanged from the time
Compare and contrast how in information security, most operations focus on policies—those documents that provide managerial guidance for ongoing implementation and operations. In digital forensics, however, the focus is on procedures instead.Establish an understanding that strong procedures for
Examine the two pieces of criteria that classify that a disaster has occurred: the organization is unable to contain or control the impact of an incident, or the level of damage or destruction from an incident is so severe that the organization cannot quickly recover from it.Emphasize it rests on
Examine the two pieces of criteria that classify that a disaster has occurred: the organization is unable to contain or control the impact of an incident, or the level of damage or destruction from an incident is so severe that the organization cannot quickly recover from it.Emphasize it rests on
Summarize that upon the creation of the DR team, the manager that is placed in charge of the group will begin the creation of the DR policy. Note that this document may have already been created by the CP team, or the DR policy will need to be created from scratch.Outline the key elements that are
Explain that, depending on the organization, most often the disaster recovery and business continuity plans are merged together into one single function known as the business resumption plan.Emphasize that the planning that takes place must support the reestablishment of business at two locations
Propose to students that a critical component of the NIST-based methodologies presented in this module is continuous process improvement (CPI). Each time the organization rehearses its plans, it should learn from the process, improve the plans, and then rehearse again. Each time an incident or
Describe to students that as a future information security professional, they must understand the scope of an organization’s legal and ethical responsibilities.Disseminate that the laws and ethics are not the same thing, as laws carry the authority and ethics do not.Describe ethics, which are
What is a type of law that represents all laws that apply to a citizen (or subject) of a jurisdiction?a. Criminal lawb. Private lawc. Civil lawd. Public law
Emphasize that even if there is no breach of criminal law, there can still be liability.Define the term liability. Explain that this is the legal obligation of an entity that extends beyond criminal or contract law; it includes the legal obligation to make restitution or to compensate for wrongs
What is a type of law that addresses violations harmful to society and that is enforced by prosecution by the state?a. Criminal lawb. Private lawc. Public lawd. Civil law
Classify the difference between a policy and law and how they are similar and different.Outline the five criteria for a policy to be enforceable:Dissemination (distribution): The organization must be able to demonstrate that the relevant policy has been made readily available for review by the
Which law regulates the role of the healthcare industry in protecting the privacy of individuals?a. GLBb. FOIAc. HIPAAd. CFAA
Define civil law, which represents a wide variety of laws that govern a nation or state and deal with the relationships and conflicts between organizational entities and people.Explain how criminal law addresses violations harmful to society and is actively enforced by the state.Distinguish the
The generally recognized term for the government protection afforded to intellectual property (written and electronic) is called which of the following?a. Computer security lawb. Copyright lawc. Aggregate informationd. Data security standards
Conclude that the United States has been a leader in the development and implementation of information security legislation that prevents the misuse and exploitation of information and information technology.
True or False: The cornerstone of many current federal computer-related criminal laws is the Computer Fraud and Abuse Act of 1986.
Recognize that the cornerstone of many computer-related federal laws as mentioned in the text is the Computer Fraud and Abuse Act of 1986 (CFA Act or CFAA).Recall that the CFAA was amended in 1996 and rebranded as the National Information Infrastructure Protection Act of 1996. Stress that
Showing 400 - 500
of 745
1
2
3
4
5
6
7
8
Step by Step Answers
Get 50% OFF
Claim Now
