Key factors are:
(1) Policy: which deals with info security policies in place,
(2) Education: which deals with education of users on security related issues,
(3) Technology: which covers the technology used to implement security measures
(4) Confidentiality: confidentiality of info/data
(5) Integrity: addresses measures in place to ensure data integrity
(6) Availability: to ensure authorized users access to information in usable format
(7) Storage: issues dealing with data storage
(8) Processing: issues that cover the processing and handling of data
(9) Transmission: covers issues related to factors that influence transmission of data
These nine influencing factors can be modeled as a 3-dimensional cube as
…show more content…
When we consider the relationship among the three
dimensions represented by the axes shown.we have a 3 x 3 x 3
cube with 27 cells, where each cell represents an area of intersection among
the three dimensions that must be addressed.
In Exercise 1 you determine how you would address the different factors that impact
the security and protection of data/information pertaining to this class (such as student
information, student homework submissions, student discussion posts etc.) by
determined that the three primary risks the company faces in protecting the data are as follows:
The publicly available and mostly used dataset for intrusion detection is KDCUP99 Data set. This data
Please update the initials and date column for each section you have completed. Date= completion date.
Computing frequent itemset 1: Given the database transaction id and all itemsets generate the database transaction id,itemsets format.Apply hash function to identifyy the frequent item sets ,support value and bucket count .
Other security elements are in reference to data recovery, database administration, handling a breach in security and administrative security policies such as access procedure, employee transfer and excessive user access. As I assume the role of the chief security officer, database designer, database administrator, and chief applications designer this project is very important to the armed services and the Virgin Islands National Guard as we strive to provide global security.
1.3 Explain the purpose of legal and organisational requirements for the security and confidentiality of information
1. What are some of the emerging IT security technologies that should be considered in solving the Problem related to the case?
2. How we handle the information and what security procedures are in line to protect against the misuse of information.
Identifying threats and risks as well as understanding each helps improve a user’s chances of keeping information secure. After identifying the risks, there are four ways to deal with them; avoidance, acceptance, mitigation, and transfer. Another way to minimize
Security and Reliability are huge issues when we go through the readings, throughout the module we’ve seen countless examples of how reliability can go wrong, and how we aren’t so secure in cyberspace either. In a world where there are reports of hackers exploiting security systems and stealing personal data at even the most sensitive and important computer systems, it’s said that with the “proliferation of hacker tools” the computer systems we have today are less secure than the one’s we had ten years ago. (Garfinkel, 2012) My organization will be holding sensitive private user data such as credit card numbers and personal identifiable information like first and last names, email addresses, dates of birth, and so on. My organization will have to ensure that this data is secure from hackers and is on encrypted servers. We must also ensure the transmission of data when putting in financial information to purchase items is encrypted, to ensure that the data cannot be intercepted via local networks or cookies. Security of the user’s data is paramount, any breach of trust can lead to a loss of trust between the user and the organization, resulting in financial loss. Another issue the organization will have to deal with is ensuring employees do not have improper access to personal data, that disgruntled employees cannot leak or access information once they’ve been fired, and that employees are competent in security measures to ensure human error isn’t a reason for a data breach.
12. Why is a methodology important in the implementation of information security? How does a methodology improve the process?
20. What are the three categories of information security controls? How is each used to reduce risk for the organization?
This case study is a practical application of all of the knowledge you have acquired from your courses in the networking curriculum over the past two years. It will allow you to demonstrate both your knowledge and experience in networking both academically and hands-on. It will also allow you to draw on what you have learned as you worked your way through the online Microsoft IT Academy Security course. It is intended to be used as first a mid-term examination and then will also be continued as your end of class project and final exam. It presents a thorough review of concepts and applications presented in courses you have taken while at JSRCC. To complete this case study, read the scenario below and
Information security professional’s job is to deploy the right safeguards, evaluating risks against critical assets and to mitigate those threats and vulnerabilities. Management can ensure their company’s assets, such as data, remain intact by finding the latest technology and implementing the right policies. Risk management focuses on analyzing risk and mitigating actions to reduce that risk. Successful implementation of security safeguards depends on the knowledge and experience of information security staff. This paper addresses the methods and fundamentals on how to systematically conduct risk assessments on the security risks of information systems.
The objective of this assignment is to develop security policy for information resources of the ABCD University with major emphasis on compliance with the current laws and regulations, integrity and confidentiality of information, and reduced risks to potential threats.