What is the difference between a threat agent and a threat

Assignment Help Computer Network Security

Reference no: EM132295593

Assignment -

Read the attached chapter - "Introduction to Information Security" and answer the questions.

LEARNING OBJECTIVES: Upon completion of this material, you should be able to:

Define information security.
Recount the history of computer security, and explain how it evolved into information security.
Define key terms and critical concepts of information security.
Enumerate the phases of the security systems development life cycle.
Describe the information security roles of professionals within an organization.

Review Questions -

1. What is the difference between a threat agent and a threat?

2. What is the difference between vulnerability and exposure?

3. How is infrastructure protection (assuring the security of utility services) related to information security?

4. What type of security was dominant in the early years of computing?

5. What are the three components of the C.I.A. triangle? What are they used for?

6. If the C.I.A. triangle is incomplete, why is it so commonly used in security?

7. Describe the critical characteristics of information. How are they used in the study of computer security?

8. Identify the six components of an information system. Which are most directly affected by the study of computer security? Which are most commonly associated with its study?

9. What system is the father of almost all modern multiuser systems?

10. Which paper is the foundation of all subsequent studies of computer security?

11. Why is the top-down approach to information security superior to the bottom-up approach?

12. Why is a methodology important in the implementation of information security? How does a methodology improve the process?

13. Which members of an organization are involved in the security system development life cycle? Who leads the process?

14. How can the practice of information security be described as both an art and a science? How does security as a social science influence its practice?

15. Who is ultimately responsible for the security of information in the organization?

16. What is the relationship between the MULTICS project and the early development of computer security?

17. How has computer security evolved into modern information security?

18. What was important about Rand Report R-609?

19. Who decides how and when data in an organization will be used or controlled? Who is responsible for seeing that these wishes are carried out?

20. Who should lead a security team? Should the approach to security be more managerial or technical?

Exercises -

1. Look up "the paper that started the study of computer security." Prepare a summary of the key points. What in this paper specifically addresses security in areas previously unexamined?

2. Assume that a security model is needed for the protection of information in your class. Using the CNSS model, examine each of the cells and write a brief statement on how you would address the three components occupying that cell.

3. Consider the information stored on your personal computer. For each of the terms listed, find an example and document it: threat, threat agent, vulnerability, exposure, risk, attack, and exploit.

4. Using the Web, identify the chief information officer, chief information security officer, and systems administrator for your school. Which of these individuals represents the data owner? Data custodian?

5. Using the Web, find out more about Kevin Mitnick. What did he do? Who caught him? Write a short summary of his activities and explain why he is infamous.

Case Exercises -

The next day at SLS found everyone in technical support busy restoring computer systems to their former state and installing new virus and worm control software. Amy found herself learning how to install desktop computer operating systems and applications as SLS made a heroic effort to recover from the attack of the previous day.

Questions:

1. Do you think this event was caused by an insider or outsider? Why do you think this?

2. Other than installing virus and worm control software, what can SLS do to prepare for the next incident?

3. Do you think this attack was the result of a virus or a worm? Why do you think this?

Attachment:- Chapter.rar

Reference no: EM132295593

Questions Cloud

Demonstrate an understanding of ethical concepts : BMGT 496 : Develop and evaluate alternatives, recommend solutions to ensure appropriate business practices and accountability occur.

Project team align with organizational structure and goals : How does the project team align with the organizational structure and goals?

How the article relates to the selected chapter key term : Write a brief discussion, in your own words of how the article relates to the selected chapter Key Term.

How psychological research can guide the practice : Review this week's DVD program, "Application of Psychological Research - Court Settings."Think about how psychological research can guide the practice.

What is the difference between a threat agent and a threat : What is the difference between a threat agent and a threat? What are the three components of the C.I.A. triangle? What are they used for

Analyze the issue and the underlying factors : Examine company strategies and its effectiveness if currently in place to tackle the issue.

Why you chose regent as the place to pursue your degree : Considering your personal, spiritual and professional background, please explain why you chose Regent as the place to pursue your degree?

Compare the ethical dilemmas : Write an essay that compares and contrasts the ethical dilemmas that an emergency medicine physician may face versus the ethical dilemmas.

Discussion of recommended treatment approaches : You will provide a peer review of another student's paper. Your peer review should be approximately 300 words long and include the following.

User Account

All Pages