User Account

All Pages

UFCFHJ-15-M Information Security Assignment

Assignment Help Computer Engineering
Reference no: EM132607352

UFCFHJ-15-M Information Security - University of the West of England

SECTION A

1. At your job interview for a senior information security position, a panel member asks you about your understanding of information security goals.

a) Stating any assumptions, briefly explain how two of the five pillars of Information Assurance: i.e. availability, integrity, authentication, confidentiality and non-repudiation, contribute to ensuring trust and integrity in information systems.

b) In information security terminology, outline what is meant by an adversary, risk, threat and vulnerability. Provide one example of each.

c) One of the interview panel members uses the terms computer security and information security interchangeably. Summarise how you would distinguish between each term. Give one example situation or scenario to illustrate each term.

2. The University was recently featured in the news headlines for all the wrong reasons. It had become the unhappy victim of a ransomware attack.

a) Illustrate a typical exploit kit from the attacker's perspective.

b) From the viewpoint of a criminal perpetrator, develop an attack strategy to inject or insert and activate the ransomware into the University.

c) Summarise prevention and recovery approaches the University could adopt to defend itself against and mitigate damage from a ransomware attack.

3. The INFOSEC organisation cites the top five cyber vulnerabilities with the highest potential for catastrophic damage as being: injection vulnerabilities, buffer overflows, sensitive data exposure, broken authentication and session management and security misconfiguration.

a) Outline the characteristics of three of INFOSEC's cited cyber vulnerabilities, providing one example of each.

b) Assume that an organisation's defensive information security strategies are based upon Sun Tzu's The Art of War, i.e. they involve deception, frustration, resistance and recognition and recovery.

Explain one of The Art of War based defensive information security strategies. Illustrate your answer with a defensive example based upon one of the top five INFOSEC cited cyber vulnerabilities.

4. Your non-technical boss is clearly confused by information security terminology and identity management concepts. He reluctantly asks for an explanation in straightforward, non-technical terms.

a) When developing technical information security measures, identification and authentication are considered important concepts. Summarise both concepts and state why they matter to an organisation.

b) Considering authorisation, explain what is meant by the principle of least privilege. Provide one example of the principle being applied to support your answer.

c) Your boss accepts your further explanation that access control involves four basic tasks: allowing access, denying access, limiting access and revoking access. But, he doesn't understand the difference between the different types of access control.

Show what both logical access control and physical access control are, by giving one example of each type of access control.

Reference no: EM132607352

Questions Cloud

What is the present value of the payments : Suppose you are going to receive $13,500 per year for five years, with the first payment to be received today. The appropriate interest rate is 7.5%.
Find the interest rate : An investment grows from $10,240 to $10,700.80in one year. a) Find the interest rate.
European call options with a strike price : The current price of a stock is $145, and three-month European call options with a strike price of $149 currently sell for $6.40.
Compute the coefficient of variation : Shack Homebuilders Limited is evaluating a new promotional campaign that could increase home sales. Compute the coefficient of variation
UFCFHJ-15-M Information Security Assignment : UFCFHJ-15-M Information Security Assignment Help and Solution, University of the West of England - Assessment Writing Service
Developing a strategy to manage interest rate : You are developing a strategy to manage interest rate risk of your portfolio using
What is the profitability index for project : a) What is the IRR for each project? b) What is the NPV for each project?
How changes in the rate of interest by central bank : Discuss how changes in the rate of interest (i.e. discount rate) by the Central Bank of a country can affect stock returns.
Why the knowledge of audit risk is so important for auditors : Why the knowledge of audit risk is so important for auditors? Give specific statement as to whether each component is subject to the control of the auditor

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd