EMM 400 TOPIC 3 DQ 2

SALESFORCE Richard Bresnan is working on his Space tour program. His team is working on Salesforce to make reports for listing the potential threats that he may face. After completing the report his handed over to Bresnan but he is unable to select it from the Report type list. What is causing this problem?

Hacktivists often use DDoS attacks against organizations that they perceive as being opposed to them. This includes not only government but also journalists, publications, and human rights groups. Google's parent Alphabet has stepped up to help with thwarting DDoS against these groups. Since 2016 Project Shield has thwarted DDoS attacks against hundreds of websites in over 80 countries. These attacks were directed at websites in order to silence important information. Project Shield was offered for free to journalists, small publications, human rights groups, and others. But Google is doing that from its own initiative at a relatively high cost. Should there instead be a tax on computer hardware and/or software that goes towards a fund that is then used for organizations like this to have permanent DDOS mitigation?

Explain the many interpretations of the term "terrorism."

PurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…

PurposeThis course project is intended to assess your ability to identify, design, and organize information technology (IT) security policies.Learning Objectives and OutcomesSuccessful completion of this project will ensure that you can develop draft IT security policies for an organization and apply learning constructs from the course. By the end of this project, you will be able to do the following:Evaluate compliance laws relevant to the U.S. Department of Defense.Assess policy frameworks appropriate for an organization in a given scenario.Evaluate security controls and standards for the seven domains of a typical IT infrastructure.Develop DoD-compliant policies for an organization’s IT infrastructure.Required Source Information and ToolsWeb References: Links to Web references in this document and related materials are subject to change without prior notice. These links were last verified on January 4, 2022. The following tools and resources will be needed to complete this…

What steps should you take to create a threat model?

Developing a threat model is a complicated process.

Question:: Case Exercises Amy walked into her office cubicle and sat down. The entire episode with the blond man had taken well over two hours of her day. Plus, the police officers had told her the district attorney would also be calling to make an appointment to speak to her, which meant she would have to spend even more time dealing with this incident. She hoped her manager would understand. Questions: 1. Based on this case study, what security awareness and training documents and posters had an impact in this event? 2. Do you think that Amy should have done anything differently? What would you have done in the situation in which she found herself?

Discussion Forum - Unit 7 Activity 1 TASK A: Discuss the following questions, identifying possible reasons and motives for the users at both sides of the spectrum: Discuss why users try to break into other user's computers and information systems Discuss why users create viruses. Discuss who owns electronic mail systems, and why they do TASK B: Answer the question posed in the Panama Papers Vignette - Was it wrong to hack and leak the Panama Papers? What technology issues led to the security breach in the Panama Papers case. What is the possible business impact of this security breach for the law firm and its customers? What should the law firm do in the future to avoid similar incidents? TASK C: What is the difference between a business continuity plan and a disaster recovery plan?

Task: Research Network Security Attacks Each student will search using Internet resources including Cisco NetAcad for the following information about the network security attacks as given in the table below. You should add figures to support your explanation. Answer each of the following questions for the type of security attack provided in the table below: 1. What is that type of attack? 2. Discuss different types of that attack, if any. 3. How each type of that attack effects the network and users? 4. Give at least five security recommendations to control and prevent that attack. (Malware (Virus, Worm, Trojans))

TO: All Staff FROM: Jake Ryan, Director, Product Development DATE: October 23, 2018 SUBJECT: Launch of Product XYZ Due to extensive customer feedback, and the results of current testing, I wanted to inform you that Product XYZ will be delayed from its original launch date of November 15th, until Q1 2019. We are confident that time for additional testing will serve to make XYZ more effective in fighting security breaches that customers are facing. For those customers that you believe will now consider a competitor's product, the marketing department is developing a promotional offering, which sales reps can share with their customers to help reduce those who will now go to our competitors. As disappointing as this news may be, we are confident in our employees, and know the additional time will serve this company well by creating a more successful product.

Identifying New Computer Viruses and Worms Objective: Examine some current computer virus threats. Description: As a security professional, you must keep abreast of the manynew viruses and worms that might attack networks and computers. If one computer is compromised, all computers in your network could be compromised. Many firewalls don't detect malware attached to an executable program or amacro virus (covered later in this section), so securityprofessionals needto train users on the dangers of installing software, including games and screensavers, on a computer. Remember, a firewall doesn't examine packets internal to the network, so malware can spread internally in an organization regardless of how effective the firewall is. A good place to learn about new threats is the Internet. 1. Start your Webbrowser, and go to www.us-cert.gov. 2. Onthe homepage, type Conficker Wormin the SearchUS-CERTtext box, and then click the GObutton. WhatOSsareaffected bythis worm? 3.…

Cybersecurity tools are available to organizations requiring integration of their problem management, configuration management, and incident management processes.    The CEO and CIO need you and your team to create an IRP and change management plan. These plans will help the organization choose the appropriate cybersecurity tool.    Incident Response Plan  Incident response is a disciplined methodology for managing the aftermath of a security breach, cyberattack, or some other security incident. An incident response plan (IRP) provides an organization with procedures that effectively limit the impact on the data, system, and business and reduces recovery time and overall cost.    Research an organization from the health care, finance, or education sector.   Outline a 1- to 2-page IRP in Microsoft Word for the organization you chose. In your plan, ensure you:  Discuss roles and responsibilities.  Discuss the critical activities for each of the phases in the incident response process.…

Threat Vectors- What to Worry About in Security ?

Cybersecurity Risk Assessments: Probability vs. Possibility. When performing a risk analysis, we want to focus on what is probable versus what is possible. The goal is to make well-informed decisions based on probable outcomes of future events. Is it possible that a grizzly bear will walk through your office door and maul you? Sure! Almost anything is possible. But is it probable? No. As the Head of IT (or IT Security) what are the three most critical risks for your whole organization to mitigate (in tech or security)? Please discuss risk, controls (present or missing), and risk monitoring and effectiveness testing.

Explain the many meanings of the term "terrorism."

As an IT Security Analyst or Cyber security Engineer use the STAR method to answer the below behavioral questions:                 Situation: Task: Action: Result: 1. Tell me about a time when you realized you needed a deeper level of subject matter expertise to do your job well. What did you do about it? What was the outcome? Is there anything you would have done differently? 2. Describe a time when you took on work outside of your comfort area. How did you identify what you needed to learn to be successful? How did you go about building expertise to meet your goal? Did you meet your goal? 3. Tell me about a time when you didn’t know what to do next or how to solve a challenging problem. How do you learn what you don't know? What were the options you considered? How did you decide the best path forward? What was the outcome?