User Account

All Pages

Briefly explain the cyber-risk function

Assignment Help Computer Network Security
Reference no: EM132548993

Part A: Brief Essay Questions 1-4

Question 1. a. Why is phishing, and social engineering generally, difficult to address or prevent with technological controls?

b. An internet site starts distributing a program that gets a popular word processor to send a copy of whatever files it produces to be emailed to a specific email address. Is this a vulnerability, an exploit, or a security incident?

c. Briefly explain the Cyber-Risk function below:
Risk = F { Threats , Vulnerability, Asset Value}

d. What is a hash function, and what can it be used for?

Question 2. a. A Banking systems analysts is reported to siphoning a customer's account. Briefly discuss if this is a vulnerability, an exploit or a security incident?
b. Based on the Asset Value, briefly discuss the statement: "Computer security should be periodically reassessed". You may be guided by the urgency and criticality of the information assets.
c. Briefly discuss the extent to which insiders or "frenemies" may pose security challenges to the organization.
d. What is a cryptographic key, and what is it used for?

Question 3. a. What is an open port? Why is it important to limit the number of open ports a system has to only those that are absolutely essential?
b. Discuss some pertinent Internet and Network attacks, and provide measures to mitigate those attacks.
c. As a security functionary, you've been called upon to advice the local Small Business Owners association on zero-day vulnerabilities, pirated software and patch management. Clearly discuss the key points that you would raise, enumerate and dilate upon with them.

Question 4. a. What are computer viruses and worms, and how do they attack computers?

b. For each of the following assets, examine and assign a low, moderate or high impact level for the loss of confidentiality, integrity and availability respectively. Justify your answers.
i. An organization managing public information on its web server.
ii. A law enforcement organization managing extremely sensitive investigative information.
iii. A financial organization managing routine administrative information (not privacy-related information).
c. Consider the first step of the common attack methodology; which is to gather publicly available information on possible targets. Briefly discuss how an attacker or a social engineer could utilize tailgating, Phishing, SMiShing and Vishing in executing this step.

Part B: Essay Questions

Question 5. a. Covid-19 has re-introduced the need for telecommuting amongst public sector employees in Ghana. Examine why it is important to consistently enforce security policy and "not go easy on these telecommuting network users"?

b. A renowned cyber-security consultant, Charles Cresson Wood has said that Information Security is basically people and management issues, rather than a technology issue. In summary, Cyber-security is a "business concern, and not a technical problem". The above statement underscores the business value of security; carefully evaluate the statement with its implications.

Question 6. a. A new organization is yet to be fully launched into operation, you have been asked to access their systems and resources and compile a detailed and comprehensive IT Risk Assessment Report for them. Discuss how you would accomplish this task and present a report that can guide them in making strategic decisions on mitigating against the potential risks. Please name your company and discuss what they do?

b. Briefly discuss the four (4) key protection mechanisms of deterrence, prevention, detection and response.

Question 7. a. Kontonkyi Rural Bank (KRB) is a mid-range bank with over 30 branches connected to a centralized computing system. A couple of the branches are connected via leased lines and others use Multiprotocol Label Switching (MPLS). Each branch has a variety of client computers and ATMs connected to a server. The server stores the branch's daily transaction data and transmits it several times during the day to the centralized system. Tellers at each branch use a four-digit numeric password, and each Teller's computer is transaction-coded to accept only its authorized transactions. As the System Administrator perform a risk assessment.

b. Three (3) major concerns of system developers and users are disaster (as a disruption of normal business functions), security and human errors. Of these three, which do you think is most difficult to deal with? Why?

Reference no: EM132548993

Questions Cloud

Prepare a schedule of expected cash disbursements : Prepare a schedule of expected cash disbursements for merchandise purchases for December. Show how a December cash budget for Ashton Company
Calculate total payments received during a time period : Calculate total payments received during a time period, and reconcile this with total sales. Keep periodic balance sheets of amounts and numbers of transactions
Calculate the sales price per unit and the variable expenses : Calculate the sales price per unit and the variable expenses per unit. Compute the company's break-even point in units and dollars.
Estimate variable overhead efficiency variance : Compute variable overhead spending variance and a variable overhead efficiency variance. Universal Parcel provides parcel delivery services to many merchants.
Briefly explain the cyber-risk function : What is an open port and Why is it important to limit the number of open ports a system has to only those that are absolutely essential
Find what is cash budget for the period april through june : Find What is the cash budget for the period April through June, by month and in total? What is proforma balance sheet as of June 30.
COS60008 Introduction to Data Science Assignment : COS60008 Introduction to Data Science Assignment Help and Solution, Swinburne University of Technology - Assessment Writing Service
Healthcare delivery and information management : Opportunities regarding your focus area within healthcare technology being used to improve healthcare delivery and information management.
Draw a graph that shows corresponding objective function : Using the symbol P to represent total profit, you are given the following objective function for a linear programming model with decision variables x1 and x2:

Reviews

Write a Review

Computer Network Security Questions & Answers

  What factors have been most important in continued viability

What factors have been most important in the continued viability of the IDS market? What methods would you employ to accomplish this task?

  Conduct an audit on network security tools

Information Security Audit (COMP 0392) - The auditor should have a sufficient knowledge about the company and its critical business activities before starting an audit review. Critically analyze the part of an Information Security auditor towards ..

  Public key encryption

If you have access to public keys n and e, it is possible to reverse the public keys from them. One method is to factor the value of n to discover p and q,

  Design a network infrastructure for two campuses

Design a network infrastructure for two campuses located in Atlanta and Cincinnati based upon the specifications

  The discussion board is part of the core of online

the discussion board is part of the core of online learning. classroom discussion in an online environment requires

  Pick an ethical issue rooted in cybertechnology

Create an annotated outline which lays-out your topic, thesis, and analytical process, including premises. This must be clear and complete

  Describe common security attack

Describe 1 common security attack that is used on cryptography. In your discussion post, also describe methods that can be used to prevent or help protect.

  Report of the current state of the security landscape

Response to how the proposal conditions or recommendations have been addressed - Investigative report of the current state of the security landscape

  What is the benefit for an it company

What is bug bounty - What is the benefit for an IT company to join in bug bounty program and Why people participate in bug bounties?

  Which type of terrorists are considered to be most dangerous

Which type of terrorists are considered to be most dangerous

  Network in a gsm system

Consider two mobiles belonging to the same home network in a GSM system. Explain step by step the process in GSM roaming, when one mobile wakes up in a foreign network and makes a call to the other.

  How will ids and passwords be properly maintained?

How will IDs and passwords be properly maintained?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd