Infrastructure security

established in 1972 by the Computer Security Act of 1987 by redesignating the National Bureau of Standards. In 1998 President Bill Clinton issued Presidential Decision Directive 63 which established the United States critical infrastructure program as applicable to computer and information systems. Subsequently, in 2002 the Federal Information Security Management Act (FISMA) replaced the Computer Security Act of 1987 which intended to enhance information security policies in federal offices. In…

5. Physical Security Devices a) Employee Identification Badges / Smart Cards: The company should provide employees with picture identification badges with a smart chip and magnetic strip. The company will provide unique public-key infrastructure (PKI) certificates on the employee’s smart chip, which will allow user access to the company network. Radio Frequency Identification (RFID) capable cards should not be used. While they are more convenient for access control than swipe cards, an…

An administrator came to realize that their credentials had been used to run a query that they would not normally run, this would be a violation of separation of duties; which means that “any task in which vulnerabilities exist, steps within the tasks are assigned to different positions with different management”. Meaning that the attacker would have only been able to use this vulnerability through this employee because of their role in the copy, and other employee would have not had the ability…

Public key infrastructure is the combination of software, encryption technologies and services that enables enterprises to maintain the security of their business transactions on over the internet. It integrates digital certificates, public key cryptography and certification authorities into a complete enterprise-wide network security architecture. It is also defined as a set of roles, policies and procedures needed to create, revoke digital certificates and manage public-key encryption. It is…

Instructor Due Date Part 1 2 3 4 Total Maximum Points 25 points 25 points 25 points 25 points 100 points Your Score Textbook Reading Assignment Read Chapter(s) 14 , 19 , 20 , 21 in your Information Security textbook. Part 1 Glossary Terms - Risk Analysis Define, in detail, each of these glossary terms from the realm of computer architecture and operating systems and computer topics, in general. If applicable, use examples to support your definitions. Consult your…

All of this could have been prevented if these companies focused more on their security rather than their profits. The group responsible for this calls themselves the “Lizard Squad”, a team of hackers that allegedly takes down companies to force them to work on their security. According to them, the attack was very easy and only took little time and money. If Microsoft and Sony increased their budget for their security program, it would have taken a lot more time and money in order to fulfill…

Shane Harris in his book @War: The Rise of the Internet-Military Complex (2015) explains that the government is partnering with large technology companies in order to carry out espionage and digital attacks that have real world consequences. Harris supports his claims by describing the operations and programs the US engaged in alongside private technology companies based on public knowledge and on interviews conducted with top US officials. The author’s purpose is to inform the audience about…

Information security system current and healthcare and the privacy in the healthcare is an issue that is growing every. The security information of the healthcare with the adoption of the patients records which is digital, they would need a provider consolidation, and the high need for information between the patients and the providers and all the payers. The point of the need for better information security and privacy in the healthcare. In the healthcare information security systems are…

Week two of our material provided us with several different elements of the homeland security assessment process. What I gathered most from the material was based on the “Baldrige Assessment Criteria and the eight step process for a successful assessment” (Fisher, 2004). However, the consensus is that the key elements in the homeland security assessment process are “a threat assessment, a vulnerability assessment and a criticality assessment” (Decker, 2001). In my opinion, these three key…

4. Information Security Metrics Security metrics are important to measure and evaluate the effectiveness of the security measures, and are required to provide a quantitative and unbiased basis for security operations since they aid in decision making and maintenance of security operations within an organization (Moeti & Kalema, 2014). These metrics help determine if the security components meet their objectives and also avoid doing what they weren’t intended to do. Thus, security and risk…