Describe three threats to access control

Assignment Help Basic Computer Science

Reference no: EM132701187

DISCUSSION 1.

1. Describe the controls contained within the three Access Control categories that can be integrated within a defense-in-depth model and give an example of one that you have read about or have knowledge of from your own experience.

2. Describe three threats to Access Control from what were covered within the reading and give an example of each.

3. Describe three of the intrusion detection system types used in access control monitoring covered within the reading. What is a honeypot and what are the legal concerns with using them?

4. What are the challenges that an Identity and Access Management system helps overcome? What benefits does it provide?

5. Describe the process of Identification, Authentication, Authorization, and Accountability. What is a race condition?

6. Discuss the single sign-on technologies Kerberos, security domains, directory services and thin clients. What does federation provide?

DISCUSSION 2.

1. Describe the steps in the information system security audit process.

2. Describe the differences between Black box, White box, and Gray box forms of vulnerability and penetration testing.

3. What are the five steps a team goes through when conducting a penetration test? What are the three degrees of knowledge that a penetration team can have about the target?

4. Discuss any three of the commonly exploited vulnerabilities targeted in penetration tests and the appropriate countermeasures to mitigate them.

5. Discuss the various test types that Operations and Security Departments should carry out to monitor the environment's vulnerability to attack.

6. Define the following KPI terms: factor, measurement, baseline, metric, and indicator. What is the difference between a KPI and KRI?

7. What are the key elements that should be included in a good technical audit report? What should be included to provide senior management a brief overview of the report highlights?

Reference no: EM132701187

Questions Cloud

Case study analysis about toyota motor corporation : Case study analysis about Toyota Motor Corporation Give what is asked for by following these steps:

Is ann wood a high-involvement manager : Is Ann Wood a high-involvement manager? If so, provide evidence. If not, how well do you think she'll perform in her new job as head of marketing?

Importance of information technology in organisations : Botswana Workers fear job losses as South Africa tightens job critical skills list housands of professional Batswana workers and expatriates working in South Af

How ocean fits into three of the categories : How Ocean fits into three of these categories. Through examples in the film, research from Jung's statements, and from secondary sources

Describe three threats to access control : Describe three threats to Access Control from what were covered within the reading and give an example of each.

Considered the first line of defense in asset protection : Access controls are security features that are usually considered the first line of defense in asset protection.

Discuss the phenomena of trapped gases : Briefly discuss the phenomena of trapped gases. Discuss the importance of why we have oxygen delivery systems for both the crew and passengers.

Discusses broad context of risk and investigative forensics : Discusses broad context of risk and investigative forensics. Part of risk management is to understand when things go wrong,

Discuss the nature of Unbilled Receivables : Discuss nature of Unbilled Receivables, whether these sound like they could be long-term or current assets and who their customer likely is for these contracts

User Account

All Pages