FOR ORDER THIS AND ANY OTHER COURSE,ASSIGNMENTS,QUIZES,EXAM,TEST BANKS OR SOLUTION MANUAL
CONTACT US AT WHISPERHILLS@GMAIL.COM
Question
Question 1. 1. (TCO A) You are responsible for developing a security evaluation
process that can be used to assess various operating systems both during and
after development. List the five most desirable qualities your evaluation process
should have and explain why they are important. (Be sure
to address qualities of the evaluation process, not specific metrics for
assessment of operating systems.) (Points
: 40)
Question 2. 2. (TCO B) Acme Films produces advertisements for cable television
stations. They have two locations in a large metropolitan area. Building
1 contains the administrative, sales, marketing, human resources, development,
and graphics departments. Building 2 contains the sound stages, production and post
production facilities, equipment, and mobile unit storage. The two
buildings, five miles apart, are connected by a VPN using a T1 connection. Each
location is protected by hardware firewalls and each location has a DMZ. Building
1's DMZ includes Web, FTP, DNS, and e-mail servers. Building
2's DMZ includes an FTP server from which clients can access work product. Network-based
IDS systems are placed in the DMZs. There are
75 Windows XP workstations in each location. Workstation
security is centrally managed and includes anti-virus, anti-spyware, and patch
management. File, application, database, and print servers at each location
are protected by anti-virus, anti-spyware, and patch management. Internet
access is provided to users via a proxy server and NAT.
User authentication is controlled by Windows 2008 Active Directory
and users must authenticate by using a smart card and entering a PIN. Discretionary
access control methods are in use.
List and assess three security threats faced by the information
technology systems and list and describe 1 security control needed that would
be appropriate to address each threat. (Points :
40)
Question 3. 3. (TCO C) Why is a firewall usually a good place to terminate a
Virtual Private Network (VPN) connection from a remote user? Why not terminate
the VPN connection at the actual servers being accessed? Under what
circumstances would VPN termination at the server be a good idea? (Points : 40)
Question 4. 4. (TCO D) A computer programmer has been arraigned for a computer
crime. She is
suspected of having accessed system files on a public Web server. The
programmer's attorney argues that his client was only trying to determine if
the website was secure and that no harm was done to the Web server or its
system files. The programmer's attorney also argues that it is possible that the
log files that show that his client accessed system files were tampered with. The
attorney claims that the Web server was made accessible to the public anyway so
that there was no violation of the law and that the arraignment against her
client should be thrown out. You're the judge. What is your analysis of these arguments? (Points : 40)
Question 5. 5. (TCO E) After reading about attacks on servers similar to the ones
used in one of your company's departments, the CIO has asked you to come up
with a report as to what, if any, steps should be taken with your servers. List and
describe the steps you would need to take in order to complete a detailed
report. (Points :
40)
Question 6. 6. (TCO F) Are ethics a matter of absolute right and wrong or are
they changeable? Can an ethical person consider something to be wrong and then,
later, consider that same thing to be right while still being ethical? Explain
your reasoning. (Points : 40)
Question 8. 8. (TCO H) Some IT department policies are designed to prevent
behaviors by IT staff. While some depend upon the employee voluntarily complying with the
policy (for example: do not reveal technical information to outside parties),
others are enforced technically (for example, authentication required for
system access). What is an example of a policy that technically enforces ethical
behavior by IT staff? Provide policy wording for your example. (Points :
40)
No comments:
Post a Comment