COS-1010_WA9

docx

School

Thomas Edison State College *

*We aren’t endorsed by this school

Course

1010

Subject

Computer Science

Date

Dec 6, 2023

Type

docx

Pages

9

Uploaded by MinisterLarkPerson814

Report
1 Running Head: WRITTEN ASSIGNMENT 9 COS-1010 Introduction to Computers Written Assignment 9 Thomas Edison State University
2 WRITTEN ASSIGNMENT 9 1. Briefly discuss the three components of the information security triad. The Information Security Triad has three main parts, confidentiality, integrity, and availability. Confidentiality focuses on restricting access to only those who are authorized, known as "Need to Know". This protects sensitive data from unauthorized users. Integrity ensures that data being accessed is unaltered and represents what it’s supposed to represent. Availability allows information to be accessed and modified by authorized individuals within a timeframe. The timeframe can vary depending on the information. 2. What are the three different ways by which you can identify someone? Elaborate on each of them using examples. There are three ways in which someone can be identified, something they know, something they have, or something they are. Something they know is a piece of information only the user should know. An example of this would be a password or PIN. A user logging into their email must enter a unique password. Something they have refers to a physical item. A key card or cell phone. A debit or credit card is an example of a physical item that is unique to them. Something they are involves refers to physical, biometric characteristics. Fingerprints, retinal scans, and facial recognition are all forms of something they are. Unlocking an iPhone through facial recognition is a great example of this.
3 WRITTEN ASSIGNMENT 9 3. How does role-based access control improve upon using access control lists for granting access to information resources? Role-Based Access Control (RBAC) improves Access Control Lists (ACLs) by making the managing of ACLs easier. With ACLs, access is given to specific users individually. This makes it difficult to manage when there are a large number of users. Each access is managed separately, which can make managing access complex and difficult. RBAC allows users to be assigned to roles. These roles can then be given specific access rights rather than individual users. This allows access for users and roles can be managed separately. This simplifies the process and enhances security. RBAC is a more flexible and efficient way to manage access to information. 4. Discuss some of the password policies that could be used for good password security. Maintaining good password security involves a few key policies. For the first policy, passwords should be complex in order to reduce the risk of someone guessing the password. Using at least eight characters, including an uppercase letter, a special character, and a digit helps ensure that the password is complex enough so that someone cannot simply guess it. For the second policy, Passwords should be changed regularly. Changing a password every sixty to ninety days, and not reusing old passwords helps maintain password security. In the workplace, ensuring the employees are educated on password security is essential for safeguarding company data. This is the third policy in maintaining good password security. Not only should employees be trained and educated on the first two policies, they should also be
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 WRITTEN ASSIGNMENT 9 trained to look out for tactics like pretexting, and phishing. Pretexting is when someone portrays themselves to be an authorized user seeking help in order to gain access to secure information. Phishing is when someone sends realistic emails that prompt users to click a link, login using their credentials, or supply personal or confidential information in order to gain access to secure information. 5. Describe some of the encryption methods that can be used for protecting data during transmission. Encryption is an important safeguard when sending sensitive data over the Internet or on external media devices like a jump drive or external hard drive. Symmetric key encryption is one of the more common encryption methods. This is where both the sender and receiver share an encryption key. The sender encodes plain text using this key, which creates ciphertext, which the recipient is able to decode with the same key. While this is an effective method, securely sharing and managing the encryption key can become a challenge. Public key encryption is an alternative method. This method uses two keys, a public key and a private key. To send an encrypted message, the sender obtains the recipient's public key, encodes the message, and sends it. The recipient is able to decrypt the message using their private key. The public key is shareable and allows for secure communication. This method increases security by eliminating the need for a shared key. 6. Discuss some of the components of a good backup plan.
5 WRITTEN ASSIGNMENT 9 A good backup plan for information security has a few key components to ensure data protection. First, organizations must know where their data is stored. Is it on corporate servers, stored on individual computers, stored in the cloud, or maybe on third-party servers. Maintaining an inventory of what and where secure information is stored helps determine the most effective backup plan. Regular backups are essential in maintaining secure information. How often a backup is done is based on the importance of the data, as well as the ability to replace the data. Data that is considered critical to the company may require a daily backup. Data that is not as critical may only require a backup once a week. Large organizations will typically use data redundancy to ensure continuous backup of data. Offsite storage of backup data is another way to reduce risks. Storing all backup data in the same location as the original data increases the likelihood of disaster. If the place in which the data is stored is destroyed or damaged, from such things like a fire or a flood, the data and backup data could be lost. The last method in ensuring a good backup plan is testing the data restoration process. Regular testing ensures the backup data is capturing what it should in order to use the data if necessary. If all goes well during the test, the company should feel good about where they stand with their backups. 7. What is a firewall in terms of network security? Discuss with examples of it. A firewall has a very important role when it comes to network security. A Firewall is
6 WRITTEN ASSIGNMENT 9 essentially a barrier between a private internal network and external networks. It can be in the form of hardware, software, or a combination of both. A hardware firewall is typically a device that filters network packets based on predetermined rules. A hardware firewall can prevent packets from unauthorized from entering the local network. A software firewall functions within an operating system. It intercepts incoming packets at the individual computer level. Firewalls are crucial for protecting an organizations servers and computers. They analyze and block packets that don't meet strict standards. They can also be configured to control packet flows that are outgoing. This could prevent users from accessing social media platforms while on company computers. An example of network security using a firewall is the demilitarized zone (DMZ). The DMZ utilizes multiple firewalls to create partially secured sections of the network. The DMZ is typically used when data needs a little more access while still maintaining a high level of security. Firewalls are essentially gatekeepers, they regulate the traffic entering and leaving a network to ensure unauthorized access and potential security threats are stopped before they can do harm. 8. What is a virtual private network and in what situations would it be needed? A Virtual Private Network (VPN) creates a secure pathway for users who are working outside of their corporate network to access internal resources. When employees work remotely, they need the ability to connect to the organizations internal network from a different location. For this, a VPN is essential. A VPN allows for access to the company’s internal network from outside, bypassing the firewall, while still maintaining security. When employees work from
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
7 WRITTEN ASSIGNMENT 9 home or, a VPN creates a secure path to access company resources, while blocking others from entering. 9. What measures can be taken to ensure the physical security of the hardware and network components of an information system? Discuss at least three of them. Ensuring the physical security of hardware and network components is very important in protecting information systems. The first measure that can be taken is, ensuring doors are locked to restrict access to computers and servers. This prevents unauthorized individuals from simply walking in and removing critical hardware. The second measure that can be taken is, intrusion detection, or security systems. This elevates security by monitoring critical components with security cameras or other devices. With the help of these systems, unauthorized access to locations where critical components are stored can be detected quickly. The third measure that can be taken is, securing equipment. Devices that contain sensitive information should be secured to prevent theft or tampering. This is essential when it comes to preventing data breaches. 10. Briefly discuss at least three steps an individual can take to protect their computer systems. There are several steps an individual can take to protect their computer systems. First,
8 WRITTEN ASSIGNMENT 9 maintaining strong and unique passwords for accounts enhances security by making a password harder to guess. Along with having strong and unique passwords, an individual should change their password at least every 90 days. Another way an individual could protect their computer system is, regularly updating software and operating systems. This is essential, it ensures the latest security patches are in place and reduces the vulnerability of the system. An individual must also use caution when opening email attachments. They should avoid suspicious links and be on the lookout for phishing schemes.
9 WRITTEN ASSIGNMENT 9 Works Cited Bourgeois, D., Smith, J., Wang, S., & Mortati, J. (2019). Information Systems for Business and Beyond. La Mirada: Open Textbooks.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Homework 3C.pdf
206 Lab G - Struct and Dynamic memory.pdf
HW3 (2).pdf
Homework2_Solution.pdf
LAB 4_instruction.pdf
HW1.pdf
CS3305-A09-Graphs.pdf
HW7csc 137-25AryaAswini.docx
HW1_Solutions.pdf
HW3-comp122-fall2023.ipynb - Colaboratory.pdf
HW2- Fall 2023 (1).ipynb - Colaboratory.pdf
IST 687 HW5.knit.pdf
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS