PRIYA LR&CFS ASSIGNMENT-3

.docx

School

Southeast Missouri State University *

*We aren’t endorsed by this school

Course

650

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

Uploaded by GeneralExploration6683

NAME: PUSHPA PRIYA MIKKILI SEMO.ID: S02048083 CY-650 Legal, Risk, and Compliance for Security Assignment-3 1. What does CISSP stand for? Use the Internet to identify the ethical rules CISSP holders have agreed to follow. The Certified Information Systems Security Professional, or CISSP, is an abbreviation. The following guidelines are the ethical standards that CISSP holders have committed to upholding.  Preserve society, the general welfare, the infrastructure, and the essential public confidence.  Behave honorably, truthfully, fairly, sensibly, and lawfully.  Serve the principles with diligence and competence.  Protect and grow the industry. 2. For what kind of information security jobs does the NSA recruit? Use the Internet to visit its Web page and find out. Knowledge of secure networks, including biometrics, wireless security, intrusion detection, and high-speed networking security; research on secure systems; research on secure networks; and cryptology research are all necessary for information assurance. Experts in network security, vulnerability analysis, public key infrastructure (PKI), security testing and red teaming, firewall and router security, security software design and development (object-oriented programming: C++/Java), firewall and router security, security hardware design and development, customer support, defense information operations (DIO), Special Processing Laboratory (SPL, now part of IAD), and Microelectronics Research Laboratory (MRL, now part of IAD) are employed by the Information Assurance Directorate. The following competencies are necessary for networking: packet-based, Internet/intranets, protocol creation, advanced research, and optical network management. 3. Using the resources available in your library, find out what laws your state has passed to prosecute computer crime. A Synopsis of Missouri's Cybercrime Laws: Since computers are used in almost every aspect of our everyday lives, the term "computer crime" can refer to a wide range of activities. This is a broad category of crimes that frequently involves additional felonies like theft and fraud, but they are all crimes that require

using a computer or computer network to commit the crime(s). A few different computer- related crimes are listed in Missouri statutes: Tampering with Computer Data: Using a computer or network to violate someone's privacy; altering, destroying, or stealing computer data or programs; disclosing or stealing a password or identity; or receiving data that has been known to have been gained illegally are all examples of these actions. Tampering with Computer Equipment: Increasing the penalty for fraud and theft-related crimes; to alter, destroy, or remove computer equipment. Hacking into Computer Users: gaining unauthorized access to a computer system or network, or assisting others in gaining unauthorized access, or blocking access to computer systems or networks (as in "denial-of-service" assaults). 4. Using the ethical scenarios presented in the chapter, finish each of the incomplete statements, and bring your answers to class to compare them with those of your peers. 1. I thought it was a sign of poor character for the scientist to not recognize the computer programmer. The work that the computer programmer assisted the scientist with shouldn't have been entirely credited to him. 2. The programmer made a bad choice when she chose not to draw attention to the design defect. With her abilities and input, she could have performed better. 3. The student did well in his search for the gap because it allowed him to inform the administrator of it. Identity theft may have affected many people if someone with malicious intent had discovered it before it was rectified. The student acted in a very unethical manner by accessing other people's records for two weeks. Given the size of the school, the system administrator's tardiness in fixing the issue was concerning because high-skilled personnel are required to safeguard sensitive data. 4. It was unethical of the customer to decide to continue using the word processing tool. 5. The programmer's alteration of the accounting system was problematic because, while it is required of her to act morally when dealing with such information, she was not expected to perform so in this instance. 6. The programmer's use of the business computer over the weekend was not an issue because he had documentation to support his claim that he could have been held accountable if something had gone wrong. 5. Iris called the company security hotline. The hotline was an anonymous way to report any suspicious activity or abuse of company policy, although Iris chose to identify herself. The next morning, she was called to a meeting with an investigator from corporate security, which led to more meetings with others in corporate security, and then finally a meeting with

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version