CYB_300_Milestone_Three_Worksheet_SG
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
300
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
4
Uploaded by ChiefSummer9109
CYB 300 Milestone Three Worksheet
I.
Security Analysis Table
1
Security Analysis Table
Fundamental Security Design Principles
Describe how the FSDPs relate to PKI (2–3
sentences)
Describe how the FSDPs relate to the CIA triad (2–3 sentences)
Isolation
File System Data Protection (FSDP) and Public Key Infrastructure (PKI) are related components in the context of information
security. FSDPs, typically associated with operating systems, help protect sensitive data by controlling access and permissions within the file system. PKI, on
the other hand, provides a framework for secure communication through the use of
public and private key pairs. The integration of FSDPs with PKI can enhance
data protection by ensuring that cryptographic keys used in PKI are securely managed and that file system access aligns with established encryption and security policies.
File System Data Protection (FSDP) is integral to maintaining the principles of the CIA triad: confidentiality, integrity, and availability. FSDPs contribute to confidentiality by controlling access to sensitive data, ensuring that only authorized users can access protected files. They also play a role in preserving integrity by managing permissions and access controls to prevent unauthorized modifications. Additionally, FSDPs contribute to availability by safeguarding against unauthorized access that could lead to data loss or disruption of services. Overall, the integration of FSDPs is crucial for upholding the principles of the CIA triad in the context of data security.
Modularity
File System Data Protection (FSDP) and Public Key Infrastructure (PKI) are related through their combined efforts to enhance information security. FSDPs, often associated with operating systems, manage access and permissions within the file system, contributing to data protection. When integrated with PKI, FSDPs can ensure secure key management, aligning cryptographic File System Data Protection (FSDPs) plays a crucial role in upholding the principles of the CIA triad: confidentiality, integrity, and availability. FSDPs contribute to confidentiality by regulating access to files
and directories, ensuring that only authorized users can access sensitive data. They also contribute to integrity by managing permissions to prevent unauthorized modifications, and to 2
II.
Scenario-Based Short Response Questions
A.
Temporary Contractor
: The use of CAs as part of PKI provides a mechanism for key management and secure communications. If you were asked to provide access to information systems to a temporary contractor, what areas of a PKI and CIA triad would you be concerned with? Which of the FSDPs most applies here?
When providing access to information systems for a temporary contractor using a Certificate Authority (CA) as part of a Public Key Infrastructure (PKI), the following considerations should be taken into account concerning the CIA triad:
1)
Confidentiality (C)
: Ensure that the contractor has access only to the information necessary for their tasks, minimizing
exposure to sensitive data.
2)
Integrity (I)
: Implement controls to prevent unauthorized modifications to the system or data, ensuring the integrity of information.
3)
Availability (A)
: Provide access in a way that does not compromise the availability of resources, and establish measures to prevent disruptions.
Specifically related to File System Data Protection (FSDPs), the principle of Least Privilege is highly applicable in this scenario. By employing FSDPs to restrict the temporary contractor's access and permissions within the file system to the minimum necessary for their tasks, you align with the principle of least privilege, promoting both the security of the system and the confidentiality of sensitive information.
B.
Cryptography
: As part of PKI, a cryptographic system is established. Explain how cryptography is used and what forms
of implementation can be accomplished.
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
In a Public Key Infrastructure (PKI), cryptography is utilized to secure communications and manage key-related processes. The primary forms of cryptographic implementation in PKI include:
1)
Digital Signatures
: Cryptographic algorithms are used to create digital signatures, providing a means of verifying the authenticity and integrity of digital messages or documents. This ensures that a message has not been tampered with and was indeed created by the purported sender.
2)
Public and Private Key Pairs
: PKI relies on asymmetric cryptography, where each entity is assigned a pair of cryptographic keys - a public key and a private key. The public key is shared openly, while the private key is kept confidential. This enables secure communication and digital signatures.
3)
Certificate Authorities (CAs)
: CAs play a central role in PKI by issuing digital certificates that bind public keys to individuals or entities. The CA's digital signature on the certificate validates the association between the public key and the entity, establishing trust in the PKI.
4)
Key Exchange Protocols
: Cryptographic protocols, such as Diffie-Hellman or RSA, facilitate secure key exchange between parties to establish a shared secret key for encrypted communication. This ensures that even if intercepted, the exchanged key remains confidential.
5)
SSL/TLS Protocols
: In web-based communication, PKI is often implemented through the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols. These protocols use a combination of symmetric and asymmetric cryptography to secure data transmission over the Internet.
Cryptography in PKI serves to provide a secure framework for authentication, confidentiality, and integrity in digital communications, establishing a foundation for trusted and encrypted interactions between parties.
4