Week 1 Assignment

Week 1 Assignment

[Author Name]

[Institutional Affiliation(s)]

Week 1 Assignment

Quantitative risk assessment consists of five steps process that includes assigning a monetary value to an asset, input the value of an asset for each value after that producing SLE value that is single loss expectancy-value, determining the ARO (annual rate of occurrence) and ALE (annual loss expectancy). The methods used in the quantitative risk assessments are ALE, Courtney’s and Fisher method and ISRAm model. The basic correlation that is applied for the assessment of IT risk assessment is as follows: R=P x W where P=F x V. here r stands for risk factor, p for probability of number of incidents that cause loss, W= value of the assets lost, F= frequency of threats while V is susceptibility of the system. In the ALE method, the annual loss expectancy can be measured by the formula ALE= SLE*ARO (Irfandhi, 2016).

Qualitative risk assessment consists of the following phases. The first is selecting a system that is to be evaluated then identifying potential threats on the system, identifying the system's susceptibility, analyzing the applied methods, determining the impact of the applied method on the system and determining risk level with the help of matrix. The matrix consists of the probabilities of the incidence that occurred and the strength of the incident (Laudon & Laudon, 2015).

The vulnerability is defined as the system's weak points or weakness that makes it unsafe and prone to get security problems. The threat is defined as an incident or thing that could potentially damage the system or an asset. It can be due to natural disasters such as floods or intentional threats that include malicious software. The threat agent is an entity responsible for carrying an attack that could damage an asset. Risk can be described as the loss or damaged done when an asset’s vulnerability is exploited by the threat. Exposure and control are the two terms that are connected in a sense of control provide security and technical protection to the system that is exposed to any threat or risk (Munteanu, 2006). The three types of security control that focus on risk management. The security policy is an example of management control. The second type is operational control. These are the controls that are both implemented and executed by people for example steps such as not opening spam emails to protect the system from phishing attacks. The third control is technical control that is executed using hardware and software. For instance, firewalls are used that do not allow any external attacks or malicious data to pass through the wall.

The four ways to manage the risk are as follows:

Risk mitigation

It is important to first avoid the risk by safeguarding the system and work on to improve the vulnerabilities of the system to avoid future attacks and threats. Also if the system is damaged then there is a need to find an effective way such as countermeasures to reduce the risk.

Risk acceptance

It is important to accept the risk and start analyzing the cost-effective safeguards that are the countermeasure to stop the threat.  

Risk assignment

The assigning of risk or transferring of risk referred to the placement of the cost of losing a risk that represents another entity. Generally, risks are conferred to insurance companies however during risk assignment some of the risks are still left (Rot, 2008).

Risk rejection

Risk rejection can be described as to deny that the potential risk has occurred by considering the risk as invalid. This could be disastrous for any organization as mostly IT assets are vulnerable and to protect the asset it is necessary to acknowledge them.

References

Irfandhi, K. (2016). Risk Management in Information Technology Project: An Empirical Study. ComTech: Computer, Mathematics and Engineering Applications, 7(3), 191-199.

Laudon, K. C., & Laudon, J. P. (2015). Management Information Systems: Managing the Digital Firm Plus MyMISLab with Pearson eText--Access Card Package. Prentice Hall Press.

Munteanu, A. (2006, June). Information security risk assessment: The qualitative versus quantitative dilemma. In Managing Information in the Digital Economy: Issues & Solutions-Proceedings of the 6th International Business Information Management Association (IBIMA) Conference (pp. 227-232).

Rot, A. (2008). IT risk assessment: Quantitative and qualitative approach. Resource, 283, 284.

Week 1 Discussion - Keeping Current In The Field

Week 1 Discussion-Keeping Current in the Field

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

Travel Request

The travel request is about the upcoming “RSA conference 2020” taking place in San Francisco from 24 -28 January and is it is intended to get permission of participation from Padgett-Beale CISO ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"Yo1KsXr9","properties":{"formattedCitation":"({\\i{}USA 2020\\uc0\\u8212{}Cybersecurity Conference}, 2018)","plainCitation":"(USA 2020—Cybersecurity Conference, 2018)","noteIndex":0},"citationItems":[{"id":370,"uris":["http://zotero.org/users/local/5OlhLovK/items/SWJSYVUE"],"uri":["http://zotero.org/users/local/5OlhLovK/items/SWJSYVUE"],"itemData":{"id":370,"type":"webpage","abstract":"Join us at RSA Conference 2020 USA in San Francisco for the premier cybersecurity conference from February 24 - 28. Learn from industry leaders, discover innovative solutions and network with infosec professionals.","container-title":"RSA Conference","language":"en-US","title":"USA 2020 - Cybersecurity Conference","URL":"http://www.rsaconference.com/usa","accessed":{"date-parts":[["2020",1,14]]},"issued":{"date-parts":[["2018",10,5]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (USA 2020—Cybersecurity Conference, 2018). The theme of the conference is discussions and sharing of ideas between a dedicated community of peers and top leaders of cybersecurity to prevent potential challenges to the data and ensure secure handling and communication of sensitive and important information. The conference extends up to 4 days and will give the participants exposure to new trends and practices in cybersecurity through in-depth training, tutorials, thought-provoking keynotes, and expert-led sessions.

In order to keep pace with the requirements of advanced IT management and Information Security, it is necessary to keep program managers and IT staff up to date accordingly. As Padgett-Beale is linked with the internet and IT in a number of ways, it is highly needed for concerning employees to stay aware of the new dimensions of information security.

Our firm deals with 3 main areas of business which are directly linked with IT. The first area is marketing and the use of social media and the internet for advertisement and promotion of the products. The second area is related to operations of the call center and support center of the firm for dealing with clients, and third use is about the daily operations and facilities. According to statistics, in recent years, cyber stacks have increased a great deal against hotel chains and theft of passwords, IP addresses, information about security installments, and procedures implemented an employee's credentials have been reported (Winder, 2019). So to avoid these potential risks, it is very important to have the updated infrastructure, aware human resource, and robust security policy and plan.

In case of applying before 24 January or participating with the group of more than 5, there is a special discount on ticket with amount of $ 1,845 per head. Registration. Meals are included in the program, and the hotel is 70$ per night per head and the cumulative cost, including tickets and hotel rent for one person, is approximately 2000$, which is quite reasonable ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"2CDwwy74","properties":{"formattedCitation":"({\\i{}Per Diem Rates Look-Up}, n.d.)","plainCitation":"(Per Diem Rates Look-Up, n.d.)","noteIndex":0},"citationItems":[{"id":368,"uris":["http://zotero.org/users/local/5OlhLovK/items/5RAP9IDY"],"uri":["http://zotero.org/users/local/5OlhLovK/items/5RAP9IDY"],"itemData":{"id":368,"type":"webpage","abstract":"Rates are set by fiscal year, effective October 1 each year. Find current rates in the continental United States (\"CONUS Rates\") by searching below with city and state (or ZIP code), or by clicking on","language":"en-us","title":"Per Diem Rates Look-Up","URL":"/travel/plan-book/per-diem-rates/per-diem-rates-lookup","accessed":{"date-parts":[["2020",1,14]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Per Diem Rates Look-Up, n.d.). The cost is reasonable enough, comparing it to the cost of one cyberattack of 13 million dollars on average, and damage to the reputation of the company is also massive ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"FjACmcbb","properties":{"formattedCitation":"({\\i{}Justify Your Attendance}, 2019)","plainCitation":"(Justify Your Attendance, 2019)","noteIndex":0},"citationItems":[{"id":371,"uris":["http://zotero.org/users/local/5OlhLovK/items/EU9V47RL"],"uri":["http://zotero.org/users/local/5OlhLovK/items/EU9V47RL"],"itemData":{"id":371,"type":"webpage","abstract":"Business Justification Letter template that outlines the benefits of attending RSAC 2020, the premier infosec conference—not just for you as a cybersecurity professional but for your entire organization as well.","container-title":"RSA Conference","language":"en-US","title":"Justify Your Attendance","URL":"http://www.rsaconference.com/usa/justify-your-attendance","accessed":{"date-parts":[["2020",1,14]]},"issued":{"date-parts":[["2019",8,30]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Justify Your Attendance, 2019). I am hopeful that the request is considered by the CISO and the upper management of the firm and will take immediate notice for the benefit of the company in the long run.

References

ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY Justify Your Attendance. (2019, August 30). RSA Conference. http://www.rsaconference.com/usa/justify-your-attendance

Per Diem Rates Look-Up. (n.d.). Retrieved January 14, 2020, from /travel/plan-book/per-diem-rates/per-diem-rates-lookup

Winder, D. (2019, May 31). Security systems of major hotel chains exposed by a huge data breach. Forbes. Retrieved from https://www.forbes.com/sites/daveywinder/2019/05/31/security-systems-of-major-hotel-chains-exposed-by-huge-data-breach/#d022f7f52ec2

USA 2020—Cybersecurity Conference. (2018, October 5). RSA Conference. http://www.rsaconference.com/usa

Week 2 Assignment

Week 2 Assignment

[Name of the Writer]

[Name of the Institution]

Week 2 Assignment

The data classified in the context of commercial organizations are: confidential, proprietary, sensitive but maybe public as well. Every company has the data that is very sensitive that contains all the information regarding company assets and polices. If this data is leaked then it causes serious damage to the company. On the other hand, confidential data is less restrictive than sensitive data, however if leaked, the company can face serious consequences. Private data include cell numbers, addresses, etc. If this data is disclosed, it cannot cause a threat to the company although this may cause distress to the employees. The data that is released on a limited basis is called as proprietary data. For instance, Samsung brand cell phone specifications are considered proprietary until the release of the phone in the market. Public data is available for the people such as the company’s details regarding the list of services it provides.

The military data is classified as confidential, secret and top secret. Confidential data include the information which, if disclosed can cause severe threat to the national security. For instance, the information of a number of officials deployed in any area or the design of the weapon is considered confidential. The secret data contains the information which if disclosed can cause more severe damage to the national security such as information regarding future military plans. The top-secret data is the data which if disclosed can cause exceptionally severe damage to the entire national security such information regarding war plan and intelligence agency plans etc. (Rushby, 1984).

The responsibility of a team in different roles are as follows:

Data Owners

In any company, it is the role of senior management to protect the specific data of the company while also setting a data security plan. Only after their approval, the data can be accessed. They also deal with any violations and threats to the data.

Data Custodian

The maintenance and protection of data is the responsibility of the data custodian. Mostly, the members of the IT department are the data custodian. Their duties include to add or remove data access, backup, validation and restoring the data while also recording the daily activity.

System Owner

The owner of the system can be responsible for one or more systems that may contain the data of different owners. The key responsibility of the system owner is to integrate security into applications while also make decisions regarding system purchasing. They have to ensure that the system is accessed properly and report vulnerabilities of the system.

Administrator

The key responsibility of a security administrator is to manage new systems while implementing security software, issuing passwords and testing the system’s security as well. Generally, the network administrator is responsible for ensuring the configuration of system and servers hardware while also installing the latest updates and managing the system’s vulnerability.

Analysts

Analysts develop policies and guidelines. Their role in an organization is to define different elements of security programs and follow through each step to ensure the proper working (Wright, 2008).

Users

Users have limited access so that they can perform their functions. However, being a user it is necessary to comply with the policies and guidelines of the organization.

TCB of a computer system consists of hardware, software, and firmware. All of these are critical to the system’s security thus ensuring organization security. TCB’s primary security mechanisms are a security policy, authentication, identification, and auditing. All the security controls, system location, and software are built-in in the operating system of TCB. It also monitors functions like input and output operation of the system while protecting memory, process activation, and execution of domain switching (Peltier, 2016). TCB hardware includes physical works station such as dell computers and CPU. TCB software includes the system’s operating system while TCB firmware includes the updates regarding the identified system’s vulnerability or increase security.

References

Rushby, J. (1984, September). A trusted computing base for embedded systems. In Proceedings 7th DoD/NBS Computer Security Conference (pp. 294-311). Citeseer.

Wright, C. S. (2008). The IT regulatory and standards compliance handbook: How to survive information systems audit and assessments. Elsevier.

Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.

Week 2 Discussion - Technology Briefing

Technology Briefing

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

Introduction

Cyber terrorism is a growing concern and large-scale businesses always have a threat of cyber-attack due to ever-increasing network of cyber criminals. Several big companies have been targeted and a huge data theft has been reported in recent times. Now a days businesses comply with financial targets by using advance strategies and frameworks for money handling and for managing finances on multi national level. This include the use of financial services and international banking in order to meet the business requirements. These services are prime target of cyber criminals it is the need of time to adopt modern technological solutions in order to prevent any big financial or substantial loss. Block chain is one of the best solutions in this regard to ensure data security and managing data into blocks. This helps in managing data in chronological manner and using different mechanisms ensure data security.

Analysis

Block Chain is used in several risk treatment strategies in order to prevent risk and possible loss to the financial transaction. In Block Chain, data blocks are followed by many other data blocks each of which carry information of financial assets and transactions in such a way that the official record of the transaction is made u of the longest chain (Cong, 2019). Block chain transactions are basis of cryptocurrency and is very useful in online financial transactions and payment.

Analyzing anomalies and their solutions in debit card transaction and security of cardholder’s personal information, PCI-DSS is very found very helpful from security point of view. PCI-DSS is the acronym of Payment Card Industry Data Security Standard and it ensure compliance in six areas. The first area of compliance is network security and the second is security and safety of user’s personal information. Third area of compliance is associated with the compatibility of vendor’s application with the industry norms and the ability interpret and reject any possible threat to the system.

For safe and secure transfer of financial assets and services, it is important with PCI (Payment Card Industry) to make sure that information of a cardholder is maintained secret and inaccessible for any person other than the owner/holder and all the other media types must also be protected. In case of remote working, if a client is working or engaged with the main network from some other place, RCR will collect his information using Microsoft Azure Key Vault to maintain control and storage (Williams, 2019).

Summary

Companies and big firms are expanding their IT infrastructure and incorporating the use of Blockchain technologies/solutions to manage and maintain information in such a way that security is not compromised CITATION JUS19 \l 1033 (PRITCHARD, 2019). It is very important to created didtributed ledgers to deal problems and issues in financial institutions. Not it will bring revolution in security but also will make financial transactions easy, comprehensible and with low transfer fee.

References

Underwood, S. (2016). Blockchain beyond bitcoin.

Cong, L. W., & He, Z. (2019). Blockchain disruption and smart contracts. The Review of Financial Studies, 32(5), 1754-1797.

Williams, B. R. (2019). U.S. Patent No. 10,423,965. Washington, DC: U.S. Patent and Trademark Office.

PRITCHARD, J. (2019, 12 2). How Blockchain Is Changing Banking and Financial Services. Retrieved from the Balance: https://www.thebalance.com/how-blockchain-is-changing-banking-and-financial-services-4174354

Week 3 Assignment

Week 3 Assignment

[Name of the Writer]

[Name of the Institution]

Week 3 Assignment

Symmetric key cryptography algorithms use the same keys for both encryption and decryption. Some of the advantages of symmetric key cryptography are that it is faster, the encrypted data can be sent on the link that can intercept the data because the decryption key is not sent with the data so the data remains safe. It uses password authentication and the system that has the decryption key can open the message. The disadvantages are that to decode a message, a key must be sent to the receiver before the transmission of the actual message. However, no electronic medium of communication is safe so a third party might intercept. Also, it does not have digital signatures that cannot be rejected. It can be used for several payment applications such as credit card transactions (Tripathi & Agrawal, 2014).

 The asymmetric cryptography uses two keys that are a public and private key. The public key is distributed openly. In this type of cryptography, the encryption of messages can be done by any person using the public key of the receiver however the message can only be decrypted by the private key. The advantage is that there is no need for a key exchange like in symmetric cryptography. It also has digital signatures and is very secure. The disadvantage of the asymmetric key is speed.

The study of information systems that are ciphertext, ciphers, and cipher systems is called cryptanalysis. Several types of cryptanalysis attacks, as well as techniques, are known however it depends upon the information of the ciphertext provided to the analyst (Simmons, 1993). Some of the techniques are as follow:

Ciphertext only attacks: Hacker can only access a few encrypted messages but does not know about the plain text and the encryption algorithm being used.

Known plain text attack: Attacker has some information regarding plain text and only needs a key to decrypt a message. Once a key is discovered all the messages can be decrypted.

Chosen plain text attack: Either the encryption algorithm or the device that was used for the encryption is known by the attacker.

Side-channel attack: This attack focuses on the power consumed by the system that performed encryption. As during the process, electromagnetic radiations are emitted that can be used by the hacker.

Man-in-the-middle attack: Attackers try to intercept the communication between two parties that are about to share keys. The attacker impersonates one of the party and performs the key exchange process with the other party.

Brute force attack: These attacks refers to the attacks in which the attacker try all possible combinations of key until the right one is identified. It is very costly and time-consuming.

 CPTED stands for crime prevention through environmental design. It is a design to build an environment safe that will improve the quality of life and reduce fear and threat of any crime occurrence. The three concepts that are used in CPTED are natural access control that involves the reduction in the opportunities for crime by reducing the access to crime targets. The other is natural surveillance that promotes the visibility of people so that intruders can be easily observed and identified. The third one is natural territorial reinforcement is to create a sphere of influence that discourages criminal intentions. CPTED design is based on anticipating the thought process of an offender by creating an environment that discourages the follow-through. CPTED has increased not only the sense of security among the employees as well as the wellbeing of the employees. After the implementation of CPTED, the environment surrounding the organization will discourage any criminal behavior while encouraging honest employees. Thus the basic purpose of CPTED is to prevent certain crimes in a controlled environment (Cozens & Hillier, 2005).

References

Cozens, P. M., Saville, G., & Hillier, D. (2005). Crime prevention through environmental design (CPTED): a review and modern bibliography. Property management, 23(5), 328-356.

Simmons, G. J. (1993, December). Cryptanalysis and protocol failures. In Proceedings of the 1st ACM conference on Computer and communications security (pp. 213-214). ACM.

Tripathi, R., & Agrawal, S. (2014). Comparative study of symmetric and asymmetric cryptography techniques. International Journal of Advance Foundation and Research in Computer (IJAFRC), 1(6), 68-76.

Week 3 Discussion - Remediation - Ineffective Or Missing Security

Gap Analysis using NIST Cybersecurity framework

[Name of the Writer]

[Name of the Institution]

In simple terms, gap analysis of any networking infrastructure aims to find the flaws in the gaps in security in the organization. NIST provides a very well defined framework with guidelines to identify and tackle such security flaws. So before getting into the gist of things, lets begin by understanding what use can we, as information security specialists make of the problems that arise due to flaws in the infrastructure. Most information security specialists use such problems as their working guidelines, so that they can patch up the network from that part and thus can make their systems as secure as possible. Conducting a gap analysis consists of the following six steps ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"r48zwssy","properties":{"formattedCitation":"\\super 1\\nosupersub{}","plainCitation":"1","noteIndex":0},"citationItems":[{"id":264,"uris":["http://zotero.org/users/local/DTmO0ro3/items/ISLZWHSB"],"uri":["http://zotero.org/users/local/DTmO0ro3/items/ISLZWHSB"],"itemData":{"id":264,"type":"webpage","abstract":"What is the NIST Cybersecurity Framework (NIST CSF) From the NIST.gov/cyberframework website The Cybersecurity Framework is a \".","language":"en","title":"Conducting a Cybersecurity Framework Gap Self-Assessment","URL":"https://www.linkedin.com/pulse/conducting-cybersecurity-framework-gap-kevin-moker","accessed":{"date-parts":[["2020",1,28]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} 1.

Classify matter in focus.

Collect relevant data.

Tie evidence to NIST CSF subcategories.

Identify preliminary gaps in system.

Conduct risk analysis after identification gaps.

Create action plan.

None of the above mentioned steps can be under-estimated or missed as at the end of this procedure, our network is supposed to be secure. The first step of our procedure involves the identification of the subject matter. First of all, your organization should have the necessary knowledge as well as the workforce to do a gap analysis by themselves but if your organization lacks the necessary skills, you should probably look for an external party s moving on without the necessary skills can be really damaging to the resources and assets of the company ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"DuNQ17Sj","properties":{"formattedCitation":"\\super 2\\nosupersub{}","plainCitation":"2","noteIndex":0},"citationItems":[{"id":270,"uris":["http://zotero.org/users/local/DTmO0ro3/items/MY3I3JKR"],"uri":["http://zotero.org/users/local/DTmO0ro3/items/MY3I3JKR"],"itemData":{"id":270,"type":"webpage","abstract":"Overview\n\nThe Introduction to the Components of the Framework page presents readers with an overvi","container-title":"NIST","genre":"text","language":"en","title":"An Introduction to the Components of the Framework","URL":"https://www.nist.gov/cyberframework/online-learning/components-framework","author":[{"family":"nicole.keller@nist.gov","given":""}],"accessed":{"date-parts":[["2020",1,28]]},"issued":{"date-parts":[["2018",2,6]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} 2. In the data collection phase, you should be willing to get your hands dirty as without getting the necessary and relevant data, the final steps would always be flawed. A number of techniques can be used for this purpose including interviews and documentation review.

After collecting the necessary data, we should look to see how the data falls into the subcategories of NIST cyber security framework ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"1e9XK9MK","properties":{"formattedCitation":"\\super 3\\nosupersub{}","plainCitation":"3","noteIndex":0},"citationItems":[{"id":268,"uris":["http://zotero.org/users/local/DTmO0ro3/items/YDGPGCG6"],"uri":["http://zotero.org/users/local/DTmO0ro3/items/YDGPGCG6"],"itemData":{"id":268,"type":"webpage","abstract":"Background\n\nRecognizing the natio","container-title":"NIST","genre":"text","language":"en","title":"New to Framework","URL":"https://www.nist.gov/cyberframework/new-framework","author":[{"family":"nicole.keller@nist.gov","given":""}],"accessed":{"date-parts":[["2020",1,28]]},"issued":{"date-parts":[["2018",2,5]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} 3. For this purpose, one can draw a table and see how the data collected falls in the categories. In total NIST cyber security framework has 108 subcategories.

The next step is probably the most important step in the whole process and includes the identification of gaps in the network. This step can result in the springboarding of policies and make the process of information security implementation more streamlined. The next step involves the creation of relevant policies and the determination of weak points of the system ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"Ti8zqgY0","properties":{"formattedCitation":"\\super 4\\nosupersub{}","plainCitation":"4","noteIndex":0},"citationItems":[{"id":266,"uris":["http://zotero.org/users/local/DTmO0ro3/items/7TW27DLP"],"uri":["http://zotero.org/users/local/DTmO0ro3/items/7TW27DLP"],"itemData":{"id":266,"type":"post-weblog","abstract":"Our gap analysis assessment will give you a clear picture of your current security position. Our goal is to increase your score and improve your overall security posture.","container-title":"Kyber Security","language":"en-US","title":"NIST CSF Gap Analysis Assessment","URL":"https://kybersecure.com/nist-csf-gap-analysis/","accessed":{"date-parts":[["2020",1,28]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} 4. This process, on many occasions can be very subjective and is usually based on the feedback from the respective client. Afterwards, the POA&M can be used to make the process of precise utilization of assets easier for the executive leadership.

Works cited:

ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY Conducting a Cybersecurity Framework Gap Self-Assessment. https://www.linkedin.com/pulse/conducting-cybersecurity-framework-gap-kevin-moker. Accessed January 28, 2020.

nicole.keller@nist.gov. An Introduction to the Components of the Framework. NIST. https://www.nist.gov/cyberframework/online-learning/components-framework. Published February 6, 2018. Accessed January 28, 2020.

nicole.keller@nist.gov. New to Framework. NIST. https://www.nist.gov/cyberframework/new-framework. Published February 5, 2018. Accessed January 28, 2020.

. NIST CSF Gap Analysis Assessment. Kyber Security. https://kybersecure.com/nist-csf-gap-analysis/. Accessed January 28, 2020.

Week 3 Essay Questions

Week 3 Essay Questions

Student’s Name:

Institutional Affiliation:

Week 3 Essay Questions

Question 1

The advantages of the symmetric cryptosystem include being faster, it uses password identification for proving the identity of the receiver, and it has the secret key for decrypting a message (Fujisaki & Okamoto, 2014). The disadvantage of symmetric cryptosystem is that it has a problem of critical transportation and it cannot provide the digital signatures that cannot be retracted. One use of the asymmetric cryptosystem is that it is used in payment applications like card transactions.

The advantage of the asymmetric cryptosystem is that there is no needed for the exchanging keys hence eliminating the problem of key distribution, it has increased security and can give the digital signatures which can be retracted. The disadvantage of the asymmetric cryptosystems is a bit slower compared to another public key encryption method. An asymmetric cryptosystem is used for encrypting messages to provide confidentiality.

Question 2

Cryptanalysis involves the learning of analyzing the IS (information systems) to learn the features of the systems. It is utilized to breach the cryptographic structures of security and attain admission to the encrypted messages subjects (Biham & Shamir, 2014).

The commonly used cryptanalytic techniques in attacks are:

The chosen plaintext attack- the analysts, has access to the device or knows the encryption algorithm utilized during encryption (Biham & Shamir, 2014). The analyst can encrypt the selected plaintext with the algorithm targeted to attain the information concerning the key.

The differential cryptanalysis attack- it is the type of the selected plaintext attack on the block ciphers which analyses plaintext pairs instead of the single plaintexts. Hence the analyst can establish how the directed algorithm is working when it meets various types of information.

Question 3

CPTED is the agenda for manipulation of the stable environment to establish safer neighborhoods. It is an aesthetic alternative to the classic target of hardening approaches. The strategies compromise of the natural surveillance that increases the risk perceived of the attempting wrong actions through improvement of the visibility of the probable offenders to the public (Cozens et al., 2015). The natural access control strategy limits the chances of crime happening by taking steps to differentiate between private space and public space. Through selective placement of exits, entrances, landscape, lightning, and fence to limit the control flow and access, the natural access control happens.

References

Biham, E., & Shamir, A. (2014). Differential cryptanalysis of DES-like cryptosystems. Journal of CRYPTOLOGY, 4(1), 3-72.

Cozens, P. M., Saville, G., & Hillier, D. (2015). Crime prevention through environmental design (CPTED): a review and modern bibliography. Property management, 23(5), 328-356.

Fujisaki, E., & Okamoto, T. (2014. August). Secure integration of asymmetric and symmetric encryption schemes. In Annual International Cryptology Conference (pp. 537-554). Springer, Berlin, Heidelberg.

Week 4 Assignment

Week 4 Assignment

[Author Name]

[Institutional Affiliation(s)]

Week 4 Assignment

Response 1

ARP is communication-based. Its purpose is to assign the IP address of any system to its MAC address. It operates between data link layer and Network layer of OSI model by providing physical address to frames that are to be sent. To initiate a communication first client will send a request (a broadcast message) to get the destination’s physical address. After that, if the server will respond with a unicast ARP message containing MAC address to device 1. The Mac address will be placed in the cache and will be used to address frames.

DHCP servers automatically assign a unique IP address to the host, from the range of different IP address as well as other network configurations. This protocol is used on UDP/IP networks.  First, a client will broadcast a message to the server. In case client and server do not use the same subnet, then the DHCP relay agent can be used. If a client remains at the same network then server will grant request. After receiving the leased IP address from the server, it also reserves an IP address especially, for the client by sending a DHCP offer message. The client will respond to the server’s DHCP offer message by sending the DHCP request message. A sever will acknowledge the message and allocate an IP address to the client (Lim & Goedman, 1999).

ICMP provides diagnostic feedback or information regarding any errors. It is neither a transport layer protocol nor used by any end-user. However, it is used by network administrators to troubleshoot internet connections.

SNMP is responsible for collecting and organizing information regarding managed devices that are on the IP network. It is also responsible for modifying information that will, in turn, change the behavior of the device. Devices such as modems, routers, and switches use the SNMP protocol.

DNS is also known as the phonebook of the system. Every device has a unique IP address that is used to locate the device. DNS servers eliminate the need to memorize the IP address as it automatically converts the hostname to the IP address that can be used by the computer to find the requested material (Ariyapperuma & Mitchell, 2007).

Response 2

 Bastion host: A specialized computer that is designed specifically to withstand any attacks. In the firewall architecture, bastion host is the only node that is exposed outside and is prone to attacks. It filters incoming traffic while also preventing malicious data from entering the network.

Dual-homed firewall: It refers to the Ethernet device having more than one network phase or one of the firewall architecture used for implementing security to prevent any attack. The routing function must be disabled to implement a dual-homed host. It is the front line defense of the network from potential threats and attacks (Cheswick, & Rubin, 2003).

Screened host: It is typically more flexible than the dual-homed gateway. It combines a packet-filtering router with an application gateway that is located on the protected subset side of the router.

Screened subnet: The use of one or more than one screening routers as a firewall to define three subnets that are external router used for separating the external network from the perimeter network. The internal router that is used to separate the internal network from the perimeter network. It is essential for secure usage of the World Wide Web, electronic payment, etc.   

Response 3

 The four main tunneling protocols used in the VPN (Simpson, 1995) are as follows:

PPTP: Point to point tunneling protocol was developed by Microsoft, and is one of the oldest protocols that are still in use. It uses TCP connection creating, maintaining and terminations the tunnel. It operates at layer 2 of the OSI model and can be created by using two steps.

L2TP: Layer two tunneling protocol is used with the internet protocol security to create a secure tunneling protocol as compared to PPTP. It provides double encapsulation due to which it is relatively slow. It uses fixed ports due to which are difficult to bypass the firewall.

IPsec: internet protocol security is used to secure communication across the IP network by authenticating the communication session. It provides authentication by encrypting each data packet during the session.

SSH: the secure shell is a network protocol that is used for operating network services on the insecure network. It ensures the security of the data tunnel encryption process. The SSH client data is transferred from local ports through the encrypted tunnel.

References

Ariyapperuma, S., & Mitchell, C. J. (2007, April). Security vulnerabilities in DNS and DNSSEC. In The Second International Conference on Availability, Reliability and Security (ARES'07) (pp. 335-342). IEEE.

Cheswick, W. R., Bellovin, S. M., & Rubin, A. D. (2003). Firewalls and Internet security: repelling the wily hacker. Addison-Wesley Longman Publishing Co., Inc..

Simpson, W. (1995). IP in IP tunneling.

Week 4 Discussion - Cultural Differences As Barriers To Success

Week 4 Discussion

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

For a successful merger in business, cultural differences are very important to consider as culture plays an important part in business. An important term ‘corporate culture’ is used to determine this aspect between participants of a merger or an acquisition CITATION Ali10 \l 1033 (Wrigh, 2010). PBI-FS is the new subsidiary as a result of acquisition of Island banking services by Padgett-Beale. A survey has been carried out between managers of Padgett-Beale and members or job applicants of Islanders and the results have identified 2 factors as barriers in success of the acquisition in term of corporate culture. These factors are communications context and power distance.

Communication context is very important component in the acquisition (FBI-FS) as it determines how effectively communication between two parties can make it successful. The communication context may be based on culture or the ways of communication, both parties use in business. Communication is observed as one of the reasons for an acquisition failure and also a backbone of M&A success.

The power Distance is actually the relationship between subordinates and the entity which is in power. In business case especially in case of PBI-FS, Padgett-Beale is the entity with more controls and authority while Island Banking employees or applicants are subordinates. Power distance index is a tool used in cultural study of the two business parties of the acquisition and is used to measure the level of acceptance of power which is established among the least and the highest power in business relationship. This factor directly influences the expectation of the employees and their mangers and on their mutual relationship CITATION DAG15 \l 1033 (RECKLIES, 2015).

Communications context of Padgett Beale Managers & Employees is low and that of PBI-FS Job Applicants (Islanders) is high according to the survey. High context of the communication in business suggest that participants have a close connection for a longer period while in case of low context, connections exist for a shorter period of timeCITATION Com05 \l 1033 (Communicating Across Cultures, n.d). Power distance according to the survey suggests that Padgett Beale Managers & Employees have medium while PBI-FS Job Applicants (Islanders) have high power distance. High power distance is characterized by a hierarchical framework where every individual has a place and positing in an organization where a higher position or person should be respected.

Due to cultural differences or lack of understanding or compatibility with the corporate culture of organizations in a merger or acquisition, conflict may arise. To resolve such conflicts, the management can apply enforcements if necessary because sometimes lenient approaches don’t work and there is no option left to resolve long-standing conflicts. Other practices that can be used to resolve conflicts based on the situation are compromising, making collaborations to minimize the friction, taking smooth and accommodative steps to build and restore trust and withdrawing in case of confusions and misconceptions beyond a certain limit CITATION Connd \l 1033 (Conflict Management Techniques, n.d).

References

BIBLIOGRAPHY Communicating Across Cultures. (n.d). Retrieved from Culture at Work: http://www.culture-at-work.com/highlow.html

Conflict Management Techniques. (n.d). Retrieved from HRPersonality: https://www.hrpersonality.com/resources/conflict-management-techniques

RECKLIES, D. (2015, 7 30). Corporate culture – Do not underestimate its impact on merger success. Retrieved from THEMANAGER: https://www.themanager.org/2015/07/corporate-culture-merger-success/

Wrigh, A. D. (2010, 6 30). Successful Mergers Integrate Cultures. SHRM.

Week 4 Essay Questions

Week 4 Essay Questions

Your Name (First M. Last)

School or Institution Name (University at Place or Town, State)

Week 4 Essay Questions

Network communication protocols:

These are the standard conventional protocols to enable connection, communication and data sharing between two computing endpoints.

ARP: Address Resolution Protocol deals with resolving addresses of internet layer. It maps network address and physical address.

DHCP: Dynamic host configuration protocol is the managing assigns an internet protocol addresses to different devices on a network, in this way it enables the communication through IP.

ICMP: Internet control message protocol is a feedback protocol that is used to diagnose or report logical error.

SNMP: Simple Network management protocol is application level protocol that manages and monitors the devices on network and their functionality.

DNS: Domain name system is a protocol that helps resolving the names of the sites on internet using their underlying IP address. It adds efficiency provides security in the processes ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"WmuCCqLk","properties":{"formattedCitation":"(Kozierok, 2005)","plainCitation":"(Kozierok, 2005)","noteIndex":0},"citationItems":[{"id":1396,"uris":["http://zotero.org/users/local/KZl8ZL3A/items/WWSYDP7A"],"uri":["http://zotero.org/users/local/KZl8ZL3A/items/WWSYDP7A"],"itemData":{"id":1396,"type":"book","title":"The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference","publisher":"No Starch Press","number-of-pages":"1618","source":"Google Books","abstract":"From Charles M. Kozierok, the creator of the highly regarded www.pcguide.com, comes The TCP/IP Guide. This completely up-to-date, encyclopedic reference on the TCP/IP protocol suite will appeal to newcomers and the seasoned professional alike. Kozierok details the core protocols that make TCP/IP internetworks function and the most important classic TCP/IP applications, integrating IPv6 coverage throughout. Over 350 illustrations and hundreds of tables help to explain the finer points of this complex topic. The book’s personal, user-friendly writing style lets readers of all levels understand the dozens of protocols and technologies that run the Internet, with full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet, and much more.The TCP/IP Guide is a must-have addition to the libraries of internetworking students, educators, networking professionals, and those working toward certification.","ISBN":"978-1-59327-047-6","note":"Google-Books-ID: Pm4RgYV2w4YC","shortTitle":"The TCP/IP Guide","language":"en","author":[{"family":"Kozierok","given":"Charles M."}],"issued":{"date-parts":[["2005"]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Kozierok, 2005).

Firewall configurations and its types

Bastion host: It is a specialized computer that is deliberately exposed on the public network, as gateway it resides between inside network or outside network. It is usually part of a larger security system that has different layers of protection.

DMZ: Demilitarized zone is logical subnet that separates the logical area network from the other untrusted networks. Servers are located in the DMZ to provide additional security to the LAN. Usually it is deployed between the two firewalls.

Dual-homed firewall: It is the firewall that uses two network interfaces, in which connection is made with the internal network and the other is made with the internet. It ensures that no direct IP traffic comes between the internal network and internet.

Screened host: This firewall is the flexible version of firewall that is achieved at cost of its security. It is used when security is required by the network along with the flexibility.

Screened subnet: It is a firewall that has three components for security. It is used by the companies that need upper extra security ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"thwTmlRY","properties":{"formattedCitation":"(\\uc0\\u8220{}Screened Host Firewall,\\uc0\\u8221{} n.d.)","plainCitation":"(“Screened Host Firewall,” n.d.)","noteIndex":0},"citationItems":[{"id":1398,"uris":["http://zotero.org/users/local/KZl8ZL3A/items/4AB6FXVH"],"uri":["http://zotero.org/users/local/KZl8ZL3A/items/4AB6FXVH"],"itemData":{"id":1398,"type":"webpage","title":"Screened Host Firewall","URL":"http://www.vtcif.telstra.com.au/pub/docs/security/800-10/node57.html","accessed":{"date-parts":[["2019",3,9]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (“Screened Host Firewall,” n.d.).

Tunneling protocols

IPIP: IP in IP tunneling protocol encapsulates one IP header within outer IP header, for which outer header is added with source IP before the entry of destination point, in such a way that inner packet stays unmodified.

SSTP: Security Socket tunneling protocol provides mechanism to transport traffic of PPP through TLS/SSL channel to provide transport level security.

IPsec: This internet protocol security authenticates and encrypts packets of data that are send over IP network.

L2TP: It is a layer two tunneling protocol that supports VPNs by being part of delivery of services by ISPs.

References

ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY Kozierok, C. M. (2005). The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference. No Starch Press.

Screened Host Firewall. (n.d.). Retrieved March 9, 2019, from http://www.vtcif.telstra.com.au/pub/docs/security/800-10/node57.html

Week 5 Assignment

Week 4 Assignment

[Author Name]

[Institutional Affiliation(s)]

Week 4 Assignment

Response 1

ARP is communication-based. Its purpose is to assign the IP address of any system to its MAC address. It operates between data link layer and Network layer of OSI model by providing physical address to frames that are to be sent. To initiate a communication first client will send a request (a broadcast message) to get the destination’s physical address. After that, if the server will respond with a unicast ARP message containing MAC address to device 1. The Mac address will be placed in the cache and will be used to address frames.

DHCP servers automatically assign a unique IP address to the host, from the range of different IP address as well as other network configurations. This protocol is used on UDP/IP networks.  First, a client will broadcast a message to the server. In case client and server do not use the same subnet, then the DHCP relay agent can be used. If a client remains at the same network then server will grant request. After receiving the leased IP address from the server, it also reserves an IP address especially, for the client by sending a DHCP offer message. The client will respond to the server’s DHCP offer message by sending the DHCP request message. A sever will acknowledge the message and allocate an IP address to the client (Lim & Goedman, 1999).

ICMP provides diagnostic feedback or information regarding any errors. It is neither a transport layer protocol nor used by any end-user. However, it is used by network administrators to troubleshoot internet connections.

SNMP is responsible for collecting and organizing information regarding managed devices that are on the IP network. It is also responsible for modifying information that will, in turn, change the behavior of the device. Devices such as modems, routers, and switches use the SNMP protocol.

DNS is also known as the phonebook of the system. Every device has a unique IP address that is used to locate the device. DNS servers eliminate the need to memorize the IP address as it automatically converts the hostname to the IP address that can be used by the computer to find the requested material (Ariyapperuma & Mitchell, 2007).

Response 2

 Bastion host: A specialized computer that is designed specifically to withstand any attacks. In the firewall architecture, bastion host is the only node that is exposed outside and is prone to attacks. It filters incoming traffic while also preventing malicious data from entering the network.

Dual-homed firewall: It refers to the Ethernet device having more than one network phase or one of the firewall architecture used for implementing security to prevent any attack. The routing function must be disabled to implement a dual-homed host. It is the front line defense of the network from potential threats and attacks (Cheswick, & Rubin, 2003).

Screened host: It is typically more flexible than the dual-homed gateway. It combines a packet-filtering router with an application gateway that is located on the protected subset side of the router.

Screened subnet: The use of one or more than one screening routers as a firewall to define three subnets that are external router used for separating the external network from the perimeter network. The internal router that is used to separate the internal network from the perimeter network. It is essential for secure usage of the World Wide Web, electronic payment, etc.   

Response 3

 The four main tunneling protocols used in the VPN (Simpson, 1995) are as follows:

PPTP: Point to point tunneling protocol was developed by Microsoft, and is one of the oldest protocols that are still in use. It uses TCP connection creating, maintaining and terminations the tunnel. It operates at layer 2 of the OSI model and can be created by using two steps.

L2TP: Layer two tunneling protocol is used with the internet protocol security to create a secure tunneling protocol as compared to PPTP. It provides double encapsulation due to which it is relatively slow. It uses fixed ports due to which are difficult to bypass the firewall.

IPsec: internet protocol security is used to secure communication across the IP network by authenticating the communication session. It provides authentication by encrypting each data packet during the session.

SSH: the secure shell is a network protocol that is used for operating network services on the insecure network. It ensures the security of the data tunnel encryption process. The SSH client data is transferred from local ports through the encrypted tunnel.

References

Ariyapperuma, S., & Mitchell, C. J. (2007, April). Security vulnerabilities in DNS and DNSSEC. In The Second International Conference on Availability, Reliability and Security (ARES'07) (pp. 335-342). IEEE.

Cheswick, W. R., Bellovin, S. M., & Rubin, A. D. (2003). Firewalls and Internet security: repelling the wily hacker. Addison-Wesley Longman Publishing Co., Inc..

Simpson, W. (1995). IP in IP tunneling.

Week 5 Discussion - Assessing Maturity For Cybersecurity Program Management

Assessing Maturity for Cybersecurity Program Management

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

Introduction

Padgett-Beale is executing its operations on national and international level for many years having resorts and hotels in different countries across the globe. The company has started its financial services in the form of business acquisition of previous Island Banking Service. Due to increase of cybercrimes and data beach incidents, cybersecurity of the company’s online and financial services is very important. Financial services and International banking have been the primary targets of cyber criminals and implementation of regulatory frameworks and standards are very important for prevention and deterrence. In this discussion, we will discuss the laws and regulations which must be followed in the management program for financial services firm of Padgett-Beale and also will analyze the level maturity of PBI-FS, the financial services firm of company along with best practices in this regard.

Analysis

Cybersecurity of an organization is based on effective management and adoption of reliable set of standards and frameworks in order to ensure safety and reliability of information and financial transactions within the organization. There are several approaches an organization can adopt in order to achieve the desired outcomes. One of the approaches is the adaption of NIST cybersecurity framework for the development of cybersecurity management program which is the collaboration of private sector organizations and US government. According to reports and estimates about 50 percent of the cybersecurity organizations are using NIST standards and frameworks in their operations and information security practices CITATION Dre17 \l 1033 (Matto, 2017).

For financial services there are several guidelines and regulations regarding protection of customers information from cyberattacks. Department of financial services have issued regulation of 23 NYCRR 500 for the companies to comply with. It requires banks to have a thorough plan of cybersecurity and also enforces the declaration of cyber incidents in 72 hours. One of the best practices for these services and retailers is adherence with PCI-DSS which is the acronym of Payment Card Industry Security Standard. This standard provides information as how to transmit and store the payment information in order to minimize the risk of fraud and data breach CITATION Bea17 \l 1033 (Patel, 2017).

Maturity model of the cybersecurity of an organization helps to define a path forward and assess its performance along the path. Several models are used in the organizations in this regard which give a comprehensive approach to cover many aspects of information security. For the maturity model assessment of PBI-FS’s cybersecurity management program, two models are suggested, NIST CSF and C2M2. C2M2 cybersecurity capability model and was introduced by the United States Department of Energy for utility and power companies but it can be utilized by any company to measure capabilities of their cybersecurity maturity CITATION Jas18 \l 1033 (Christopher, 2018). The model identifies the weakness and strength of cybersecurity of an organization in following domains.

Risk management

Situational awareness.

Change and configuration, asset management.

Operation continuity

Vulnerability and threat management

Communications and Information sharing

Summary

PBI-FS’s cybersecurity management program is suggested to be based on certain laws and regulations and practices must be adopted in compliance with standards and frameworks. For the most part, NIST cybersecurity framework is suggested which provides a variety of standards and frameworks for different purposes. For financial services, PCI-DSS and 23 NYCRR 500 regulation is suggested for smooth and reliable operations. In order to carry out effective assessment of company’s cybersecurity maturity, C2M2 and NIST-CSF are suggested and it is expected that implementation of these standards and framework will increase confidentiality, integrity and accessibility of PBI-FS’s services.

References

BIBLIOGRAPHY Christopher, J. (2018, 11 1). The Cybersecurity Maturity Model: A Means To Measure And Improve Your Cybersecurity Program. Retrieved from Forbes: https://www.forbes.com/sites/forbestechcouncil/2018/11/01/the-cybersecurity-maturity-model-a-means-to-measure-and-improve-your-cybersecurity-program/#65a67745680b

Last Name, F. M. (Year). Article Title. Journal Title, Pages From - To.

Last Name, F. M. (Year). Book Title. City Name: Publisher Name.

Matto, D. D. (2017, 12 5). Executive Insights: Changing Cybersecurity Regulations that Global Financial Services Firms Need to Know About. Retrieved from FORTINET: https://www.fortinet.com/blog/business-and-technology/changing-cybersecurity-regulations-that-global-financial-services-firms-need-to-know-about5a21e0c8bde24.html

Patel, B. (2017, 9 29). Cyber Security Regulations : Financial Services. Retrieved from Finextra: https://www.finextra.com/blogposting/14569/cyber-security-regulations--financial-services

Week 5 Essay Questions

Week 5 Questions Essay

Student’s Name

Institution

Date

Q1: Compare the different Access Control Models and give an example of one that you have used in a work situation or if that is not possible, one that you’ve read about in a scholarly article.

Access Control and access models are essential elements in security application of data. The access control gives an individual permission to use or entry into a system by looking at the idenfication and then provide authorization. It allows individuals to access files, folders and other data from a system or computer by looking into their login credential CITATION Dar14 \l 1033 (Gibson, 2014). However, access control models provide role based access conrol, mandotory access control, discretionary access control and rule based access control. It provide access to the system based on the privilage and level of an individual. It means that the level of access is limited to keep confidentiality of the data.

Q2: Describe the three factors that can be used in authentication and give at least two examples for each.

There are severak factors, which are used for authentications to ensure that unauthorized entry into the system is prevented. The users’ Name, Idenfication, passwords, which are regarded as knowledge factors are used for authentication CITATION Rou18 \l 1033 (Rouse & Haughn, 2018). However, other factors are possession and inheritance factors. The possession factors are employee’s ID, Smartphones with OTTP and key fobs. These are things, which a person must carry with at a particular time. The inheritance factors are bilogical traits such as latina, finger print scan and voice recognization.

Q3Describe the RADIUS, TACACS, and DIAMETER forms of centralized access control administration. What are the advantages and disadvantages of decentralized administration.

Diameter centralized access control provide uniform and consistent method of control. Radius is client/server control access. It mostly used remotely to control the entry and access of inroamtion without client knowing. TACACS provide permission to access control from one central location. It is a TCP connection developed to use UDP protocol connectionless. The advantage of centralized access is that it gives control and check the entry or access to the system using protocols.

References

BIBLIOGRAPHY Gibson, D. (2014). Understanding factors in Data Security . Information Management and Data Security , 2-15.

Rouse, M., & Haughn, M. (2018). Three-factor authentication. International Journal of COmputer and Information Security , 2-15.

Week 6 Assignment

Week 4 Assignment

[Author Name]

[Institutional Affiliation(s)]

Week 4 Assignment

Response 1

ARP is communication-based. Its purpose is to assign the IP address of any system to its MAC address. It operates between data link layer and Network layer of OSI model by providing physical address to frames that are to be sent. To initiate a communication first client will send a request (a broadcast message) to get the destination’s physical address. After that, if the server will respond with a unicast ARP message containing MAC address to device 1. The Mac address will be placed in the cache and will be used to address frames.

DHCP servers automatically assign a unique IP address to the host, from the range of different IP address as well as other network configurations. This protocol is used on UDP/IP networks.  First, a client will broadcast a message to the server. In case client and server do not use the same subnet, then the DHCP relay agent can be used. If a client remains at the same network then server will grant request. After receiving the leased IP address from the server, it also reserves an IP address especially, for the client by sending a DHCP offer message. The client will respond to the server’s DHCP offer message by sending the DHCP request message. A sever will acknowledge the message and allocate an IP address to the client (Lim & Goedman, 1999).

ICMP provides diagnostic feedback or information regarding any errors. It is neither a transport layer protocol nor used by any end-user. However, it is used by network administrators to troubleshoot internet connections.

SNMP is responsible for collecting and organizing information regarding managed devices that are on the IP network. It is also responsible for modifying information that will, in turn, change the behavior of the device. Devices such as modems, routers, and switches use the SNMP protocol.

DNS is also known as the phonebook of the system. Every device has a unique IP address that is used to locate the device. DNS servers eliminate the need to memorize the IP address as it automatically converts the hostname to the IP address that can be used by the computer to find the requested material (Ariyapperuma & Mitchell, 2007).

Response 2

 Bastion host: A specialized computer that is designed specifically to withstand any attacks. In the firewall architecture, bastion host is the only node that is exposed outside and is prone to attacks. It filters incoming traffic while also preventing malicious data from entering the network.

Dual-homed firewall: It refers to the Ethernet device having more than one network phase or one of the firewall architecture used for implementing security to prevent any attack. The routing function must be disabled to implement a dual-homed host. It is the front line defense of the network from potential threats and attacks (Cheswick, & Rubin, 2003).

Screened host: It is typically more flexible than the dual-homed gateway. It combines a packet-filtering router with an application gateway that is located on the protected subset side of the router.

Screened subnet: The use of one or more than one screening routers as a firewall to define three subnets that are external router used for separating the external network from the perimeter network. The internal router that is used to separate the internal network from the perimeter network. It is essential for secure usage of the World Wide Web, electronic payment, etc.   

Response 3

 The four main tunneling protocols used in the VPN (Simpson, 1995) are as follows:

PPTP: Point to point tunneling protocol was developed by Microsoft, and is one of the oldest protocols that are still in use. It uses TCP connection creating, maintaining and terminations the tunnel. It operates at layer 2 of the OSI model and can be created by using two steps.

L2TP: Layer two tunneling protocol is used with the internet protocol security to create a secure tunneling protocol as compared to PPTP. It provides double encapsulation due to which it is relatively slow. It uses fixed ports due to which are difficult to bypass the firewall.

IPsec: internet protocol security is used to secure communication across the IP network by authenticating the communication session. It provides authentication by encrypting each data packet during the session.

SSH: the secure shell is a network protocol that is used for operating network services on the insecure network. It ensures the security of the data tunnel encryption process. The SSH client data is transferred from local ports through the encrypted tunnel.

References

Ariyapperuma, S., & Mitchell, C. J. (2007, April). Security vulnerabilities in DNS and DNSSEC. In The Second International Conference on Availability, Reliability and Security (ARES'07) (pp. 335-342). IEEE.

Cheswick, W. R., Bellovin, S. M., & Rubin, A. D. (2003). Firewalls and Internet security: repelling the wily hacker. Addison-Wesley Longman Publishing Co., Inc..

Simpson, W. (1995). IP in IP tunneling.

Week 6 Discussion - Privacy, Security, And Organizational Use Of Social Media

Privacy, Security and Organizational use of Social Media

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

Introduction

Social media is not only reserved for domestic and informal communication but also plays an important role in the corporate sector and organizations as well. Companies and organizations are using social platforms not only for advertisement purposes but also for internal coordination. Several media platforms that are commonly used nowadays are social networking sites, video sharing, photo sharing and microblogging ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"wqZnY6Tk","properties":{"formattedCitation":"({\\i{}The 6 Most Effective Types of Social Media Advertising in 2020}, n.d.)","plainCitation":"(The 6 Most Effective Types of Social Media Advertising in 2020, n.d.)","noteIndex":0},"citationItems":[{"id":456,"uris":["http://zotero.org/users/local/5OlhLovK/items/URMDGDPZ"],"uri":["http://zotero.org/users/local/5OlhLovK/items/URMDGDPZ"],"itemData":{"id":456,"type":"webpage","title":"The 6 Most Effective Types of Social Media Advertising in 2020","URL":"https://www.bigcommerce.com/blog/social-media-advertising/#the-6-best-social-networks-for-ecommerce-advertising","accessed":{"date-parts":[["2020",2,17]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (The 6 Most Effective Types of Social Media Advertising in 2020, n.d.). Like other IT and financial assets of the organization, social media platforms are also prone to cyber-attacks and can be used for exploitation of the target. It is therefore highly recommended that the organization must ensure the presence of an effective plan of action or policy for social media platforms too. In this discussion, some of the effective approaches that can be used for the protection of social media privacy are discussed and solutions are provided as opinions for the upper management especially CISO of the Padgett-Beale.

Analysis

In PBI-FS, we use social media platforms for publicity, promotion and also for communication within the organization. Out of different social media platforms, PBI-FS uses social networking sites for the purpose which include Facebook, LinkedIn, and Google etc. Privacy concerns associated with the use of these platforms are various. First of all, these sites are a prime source that may help the offender in social engineering. In social engineering, an attacker may use these platforms for gathering information to use it for fraudulent or malicious activities. Social media online platforms are the prime victim of fishing attacks, In fishing attack, a malicious soured hides its identity and insert malicious content in your device which then makes the system vulnerable, denial of service or may add a backdoor in the device to steal the important information ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"6YtIPbrq","properties":{"formattedCitation":"({\\i{}How to Recognize and Avoid Phishing Scams | FTC Consumer Information}, n.d.)","plainCitation":"(How to Recognize and Avoid Phishing Scams | FTC Consumer Information, n.d.)","noteIndex":0},"citationItems":[{"id":458,"uris":["http://zotero.org/users/local/5OlhLovK/items/WN36BLQI"],"uri":["http://zotero.org/users/local/5OlhLovK/items/WN36BLQI"],"itemData":{"id":458,"type":"webpage","title":"How to Recognize and Avoid Phishing Scams | FTC Consumer Information","URL":"https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams","accessed":{"date-parts":[["2020",2,17]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (How to Recognize and Avoid Phishing Scams | FTC Consumer Information, n.d.). One important threat to consider is a web application attack which is also carried out through social media platforms mostly.

In my opinion, the use of social networking sites should not be allowed to every individual of the origination rather only the department of sales and marketing should be allowed to have access to these platforms for marketing and other organizational uses. The reason is, these sites are the leading victims of cyber-attacks.

The department using these platforms should make sure social media compliance with the relevant standards and policies in order to ensure the privacy of the social media of the company. The CISO of the company must ensure that NIST FIPS Publication 199 is strictly followed in order to categorize all the information which is going to be posted on social media (Via, 2009). This publication determines the fulfilment of the famous CIA triad of security. It should be NA for confidentiality, and no greater than the low impact on Availability and Integrity. Use AUP technology in order to determine the behavior and working or new media technologies from a security point of view (F.I.P.S, 2004). The management must make sure to always update federal level policies in accordance with the available guidance.

Conclusion

Engaging with social media technologies in the organization is a difficult decision due to their high vulnerability to cyber-attacks. Owing to the potential of social media to attract customers and hence capital, it has become inevitable for the companies to incorporate its use in business. The decisions regarding social media should not be made by the IT department alone rather they must also include the opinions and suggestions from other departments and actors including CISO, risk manager CIO, mission owner and privacy officer as well.

References

ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY How to Recognize and Avoid Phishing Scams | FTC Consumer Information. (n.d.). Retrieved February 17, 2020, from https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

The 6 Most Effective Types of Social Media Advertising in 2020. (n.d.). Retrieved February 17, 2020, from https://www.bigcommerce.com/blog/social-media-advertising/#the-6-best-social-networks-for-ecommerce-advertising

Via, E. (2009, August). Guidelines for Secure Use of Social Media by Federal Departments and Agencies. In Chief Information Officers Council (US). Chief Information Officers Council (US).

Pub, F. I. P. S. (2004). Standards for security categorization of federal information and information systems. NIST FIPS, 199.

Week 6 Essay Questions

Week 6 Questions and Answers

Student’s Name

Institution

Date

Q1. Describe three perimeter intrusion detection systems and give an example of one that you have seen deployed either at work or another location that you are familiar with.

Infrared sensor

It is designed to detect certain characteristics to ensure that either the building or home is secure. It detects heat, radiation, and motion therefore, it can detect any intruder from a distance. It is an electronic sensor, which detects radiation from an object and therefore, it makes it impossible for any individual or an object to make an entry into a secure area.

Pressure Sensor

It is a gadget device, which is used to measure the pressure of liquids or gases. Several organizations use this device for the detection of any movement in order to prevent unauthorized entry. The device is buried underground so that it can detect any change and trigger alert.

Electric fence

The electric fence is mostly used to keep people and animals away from a secure or prohibited area. It is mostly used with infrared and pressure sensor on different or the same site. The sensor system is implemented between two fences, which include the thermal cameras at different lengths.

Q2: Describe the differences between the hot, warm, and cold site methods of facility recovery. What is a rolling hot site? What is a reciprocal agreement?

A cold site in an IT point of view is the situation where the system has been set, but there is not a proper backup system set. Hot is the duplicate the parent or the original site used for the backup. It is the original copy of the original production site CITATION Ken16 \l 1033 (Kennedy, 2016). This includes network system, personnel, and the power grids used for instant backup of data. There is usually little or no downtime when taking the host site to the backup.

Q3: What are the four characteristics that help ensure that evidence is legally admissible in court? Describe hearsay evidence and its admissibility

The four features, which are used to assist in gathering evidence to be admitted in court are Hearsay, authenticate, and relevant or privilege CITATION Sul17 \l 1033 (Sullivan & Betan, 2017). The hearsay is described as a statement more than what it is declared when giving testimony during the hearing given to prove the truth. It can be used before the court of law because it passes the “foolproof Hearsay Test.”

References

BIBLIOGRAPHY Kennedy, C. (2016). Difference between a cold, warm and hot disaster recovery site. http://resource.onlinetech.com/what-is-the-difference-between-a-cold-warm-and-hot-disaster-recovery-site/, 2-31.

Sullivan, E., & Betan, H. (2017). IT Disaster Management and Backup. International Journal of Information and technology, 2-15.

Week 7 Discussion - Leadership Update - Cyber Crime

Leader Update-Cyber Crime

[Author Name(s), First M. Last, Omit Titles and Degrees]

[Institutional Affiliation(s)]

Author Note

[Include any grant/funding information and a complete correspondence address.]

Organizations and businesses these days are facing challenges and threats which were not even known some decades ago. Cyber criminals use modern technology as a tool very effectively for their criminal and malicious intents. A cybercrime is referred to as a crime related to information technology where the aim of the offender or attacker is to get access to a computer system or device or to deny access to a legal user. In recent years, a number of cases are reported where cyber criminals accessed sensitive data of the organizations and imposed huge damages in terms of finance, reputation, and important information ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"PoqHVvey","properties":{"formattedCitation":"({\\i{}Cybercrime}, n.d.)","plainCitation":"(Cybercrime, n.d.)","noteIndex":0},"citationItems":[{"id":490,"uris":["http://zotero.org/users/local/5OlhLovK/items/3J4HNS2D"],"uri":["http://zotero.org/users/local/5OlhLovK/items/3J4HNS2D"],"itemData":{"id":490,"type":"webpage","abstract":"Cyberattacks know no borders and evolve at a fast pace while the Internet also facilitates a range of more traditional crimes.","language":"en","title":"Cybercrime","URL":"https://www.interpol.int/Crimes/Cybercrime","accessed":{"date-parts":[["2020",2,24]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Cybercrime, n.d.). In this background paper, some important cases of cyberattacks are going to be identified with the analysis in order to determine what lessons PBI-FS can learn and how can we improve the security to prevent such attacks.

The financial sector has experienced several cyber-crimes in previous years. One of the examples in the data breach of Capital One. The attack happened when a hacker gained access to one of the credit card applications. The breach was detected on July 19 and according to the report, about 80,000 bank account numbers and 140,000 social security numbers were exposed ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"jicr8aeM","properties":{"formattedCitation":"(Thomas, n.d.)","plainCitation":"(Thomas, n.d.)","noteIndex":0},"citationItems":[{"id":492,"uris":["http://zotero.org/users/local/5OlhLovK/items/777IQGNK"],"uri":["http://zotero.org/users/local/5OlhLovK/items/777IQGNK"],"itemData":{"id":492,"type":"webpage","abstract":"Financial services firms have been hit hard by cyber attacks in 2019. Learn how they’ve been affected by hackers, poor cyber hygiene &third-party risk.","container-title":"BitSight","language":"en-us","title":"Financial Data Breaches 2019: Capital One, First American, Desjardins, More","title-short":"Financial Data Breaches 2019","URL":"https://www.bitsight.com/blog/financial-data-breaches-2019-capital-one-first-american-desjardins-more","author":[{"family":"Thomas","given":"Brian"}],"accessed":{"date-parts":[["2020",2,24]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Thomas, n.d.). In short, one significant gap in the security of the IT-related aspect caused massive damage. Historically, web applications and web sites are considered a weak spot and have been exposed a lot of times.

Another breach identified is Westpac which was a cyber attack on PayID. PayID is an authentication service and a third-party account of the payments platform. The attack resulted in the exposure of banking details of almost 98,000 customers ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"LbrFFI4v","properties":{"formattedCitation":"({\\i{}Westpac security breach: Almost 100,000 customers exposed, cyber security news update}, n.d.)","plainCitation":"(Westpac security breach: Almost 100,000 customers exposed, cyber security news update, n.d.)","noteIndex":0},"citationItems":[{"id":494,"uris":["http://zotero.org/users/local/5OlhLovK/items/EAWQ6P5W"],"uri":["http://zotero.org/users/local/5OlhLovK/items/EAWQ6P5W"],"itemData":{"id":494,"type":"webpage","title":"Westpac security breach: Almost 100,000 customers exposed, cyber security news update","URL":"https://finance.nine.com.au/business-news/westpac-data-breach-100000-australian-customers-at-risk/84c91581-90b6-464e-9137-a2d973492614","accessed":{"date-parts":[["2020",2,24]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Westpac security breach: Almost 100,000 customers exposed, cybersecurity news update, n.d.). Although the application was supported by government organization it does not mean that it is secure and cannot be exposed to the cyber attack.

These attacks suggest that it is essential to have a compatible, state of the art and secure plan for cybersecurity especially its infrastructure of the financial services of PBI-FS. It is the prime time to continuously monitor and assess the performance of the third parties which are in possession of sensitive information irrespective of whether they are privately held and operated organizations or government departments.

For an effective cybersecurity program of Padgett-Beale, it is very necessary to have an automated detection anomalous behavior and a least privilege model ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"Jy9zQEUg","properties":{"formattedCitation":"({\\i{}What is Anomaly Detection?}, n.d.)","plainCitation":"(What is Anomaly Detection?, n.d.)","noteIndex":0},"citationItems":[{"id":496,"uris":["http://zotero.org/users/local/5OlhLovK/items/X736TPFG"],"uri":["http://zotero.org/users/local/5OlhLovK/items/X736TPFG"],"itemData":{"id":496,"type":"webpage","title":"What is Anomaly Detection?","URL":"https://www.anodot.com/blog/what-is-anomaly-detection/","accessed":{"date-parts":[["2020",2,24]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (What is Anomaly Detection?, n.d.). Because in many cases the insider attacks are very difficult to detect and prevent as compared to outside attacks. In order to protect the financial services of the organization, a combination of tech solutions and robust policies is necessary to help the organization in protecting the sensitive data and financial services of the company.

References

ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY Cybercrime. (n.d.). Retrieved February 24, 2020, from https://www.interpol.int/Crimes/Cybercrime

Thomas, B. (n.d.). Financial Data Breaches 2019: Capital One, First American, Desjardins, More. BitSight. Retrieved February 24, 2020, from https://www.bitsight.com/blog/financial-data-breaches-2019-capital-one-first-american-desjardins-more

Westpac security breach: Almost 100,000 customers exposed, cyber security news update. (n.d.). Retrieved February 24, 2020, from https://finance.nine.com.au/business-news/westpac-data-breach-100000-australian-customers-at-risk/84c91581-90b6-464e-9137-a2d973492614

What is Anomaly Detection? (n.d.). Retrieved February 24, 2020, from https://www.anodot.com/blog/what-is-anomaly-detection/

Week 7 Essay Question

Database Security Management

[Name of the Writer]

[Name of the Institution]

Database Security Management

Part 1

In this day and age, it is very important to ensure that the security aspect is being taken care off during the course of the development of the software. In order to make sure that it happens, one of the first thing that has to be done is to make sure that the general guidelines must be set with regards to the way how the software development protocols are going to be working out. The other thing that is very important is to make sure that the security control starts, and aspects are needed to be looked after in every stage such as design state, development stage and specially testing stage.

Part 2

In order to make sure that there is security enhancement in the database protocol, the most important thing that has to be taken care off is to make sure that there has to be focus in terms of the way security of the design is going to be taken care off. At the same effort, must be made to ensure that the view-based access control and Polyinstantiation is done to enhance the database security protocols. With the increase in the data demand due to the data mining and data warehousing concepts where large data is stored, the importance of database security has been enhanced.

Part 3

Acid method is the set of properties of the database connection to guarantee greater validity.

Atomicity is the invisible and irreducible series of operations that occur when appropriate decision making has to be made.

Consistency in the database systems means when the change can only affect the database in certain ways only without bringing wholesale changes.

Isolation is the ability of the user to extract information from the database.

Durability is the ACID property that goes to show the ability of the database with regards to how it can sustain the information.

References

Anciaux, N., Bouganim, L., & Pucheral, P. (2017). Future trends in secure chip data managemen. IEEE Data Engineering Bulletin, 30(3), 49-57.

Hoffer, J. A., & Alexander, M. B. (2018). The diffusion of database machines. ACM SIGMIS Database: the DATABASE for Advances in Information Systems, 23(2), 13-19.