unit 2 homework

docx

School

Columbia Southern University *

*We aren’t endorsed by this school

Course

SEC 4302

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

5

Uploaded by briandjones127

Report
Running head: UNIT II HOMEWORK 1 Unit II Homework Assignment Brian Jones Columbia Southern University
UNIT II HOMEWORK 2 Unit II Homework Assignment Lab 2.1a Three sites listed on the Department of Defense list of registered websites that feature policies, guidelines, and documents pertaining to information assurance are listed below. 1. Defense Counterintelligence and Security Agency. The PDF retrieved from https://www.dcsa.mil/Portals/91/Documents/CTP/NAO/CNSSI_7003_PDS_September_2 015.pdf outlines the standards and guides for the design and installation of Protected Distribution Systems (PDS) for information with a specific focus on risk management. 2. Defense Standardization Program. This site features a PDF that outlines the governance of IT standards and has a section that goes in-depth about working with external organizations to develop and implement IT standards. Retrieved from https://www.dsp.dla.mil/Portals/26/Documents/Publications/Journal/070101-DSPJ.pdf 3. National Reconnaissance Office. The NRO site has a large catalog of documents specifically pertaining to policies and directives on the topic of information assurance. One such document can be found here; https://www.nro.gov/Portals/65/documents/foia/declass/ForAll/033017/F-2016- 00116a.pdf Lab 2.1b While all the services listed on the Defense Information Systems Agency (DISA) would greatly add to the effectiveness of secure government operations, three areas stood out the most.
UNIT II HOMEWORK 3 1. Computing services offered by DISA provide standardized operational processes and centralized management. The computing services also encompass cloud computing and storage support as well as mainframe and server hosting. 2. Analytics and testing cover a wide array of computational analysis of data to offer support to computer security or administrators. Additionally, the testing aspect of this service offers multiple assessments regarding cybersecurity, compliance, and network capabilities. 3. Finally, the cybersecurity services are designed to protect all aspects and components of a network, from individual workstations to global content delivery. This service also offers configuration guidance and incident management services to minimize risk (DISA, n.d.). Lab 2.2 Two of the more common frameworks used by the Department of Defense (DoD) pertaining to the auditing and security of information systems are the Federal Information Security Management Act (FISMA) and the framework created by the National Institute of Standards and Technology (NIST) known as NIST 800-171. Both frameworks allow for ease of audits by assigning varying levels of responsibility when it comes to security of information. Therefor, during an audit, it would be easy to see exactly when and where a breakdown occurred. FISMA ensures coordination of security between all connected communities from civilian to national security. Ongoing monitoring of minimum controls to protect data also carries a high emphasis with FISMA. FISMA also realizes the fact that the best solution for information security may be found in the commercial marketplace and makes provisions by way of hardening
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
UNIT II HOMEWORK 4 rules and checklists to ensure that commercial applications meet minimum requirements (Weiss & Solomon, 2016). Similar to FISMA, the NIST 800-171 offers a framework that deals with the risk management aspect of informational security. It does this by outlining the strict compliance guidelines required for, not only the DoD, but also for any contractor or agency who connects to a network that may have potentially sensitive information. The 800-171 also features provisions regarding best practices toward making any system as resilient as possible to defend against attacks (Breaking Defense, 2020).
UNIT II HOMEWORK 5 References Breaking Defense (2020, February 24). CMMC 1.0 vs. NIST 800-171 -- Eight essential differences. Retrieved from https://go-gale- com.libraryresources.columbiasouthern.edu/ps/i.do?p=ITOF&u=oran95108&id=GALE| A615002252&v=2.1&it=r&sid=ebsco DISA (n.d.). Services and capabilities. Retrieved from https://storefront.disa.mil/kinetic/disa/service-catalog#/category/services-and-capabilities Weiss, M. M., & Solomon, M. G. (2016). Auditing IT infrastructures for compliance (2nd ed.). Burlington, MA: Jones & Bartlett Learning

Related Documents

unit 4 assignment.docx
Unit 5 powerpoint.pptx
unit 4 homework.docx
unit 7 homework.docx
unit 8 essay.docx
unit 6 homework.docx
unit 5 homework.docx
unit 3 homework.docx
Untitled 2.pdf
ACC 531 Final Exam-8.docx
Unit3casestudy.docx
unit8finalproject.docx