Categories
Telecommunications Engineering homework help

Describe what is meant by the term “Cascade Failures”

Week 3 Discussion – Cybersecurity Policy Design Issues
For your initial post, discuss the topics below.  Respond to posts by other students
Describe cybersecurity roles and responsibilities to protect security for the corporate business mission (for example, the Insider threat, Access Controls, Biometric Authentication) and explain why business also may have a cybersecurity responsibility to protect national security through business resilience and Continuity of Operations Planning
Describe what is meant by the term “Cascade Failures” as it may apply to cyberattacks against critical infrastructures.  Do you agree or disagree that businesses should protect national security by expanding their cybersecurity budget to prevent or reduce the effects of possible Cascade Failures that may affect their business and other downstream businesses that may depend on them?  Justify your answer.

Categories
Telecommunications Engineering homework help

Explain what you would recommend for an IT professional to have for their laptop’s memory, storage, and processor.

Consider jobs that require a solid understanding of basic computing, computer storage, and processing speeds as part of an information technology degree. Put yourself in the position of the hiring manager and think about what you would expect as competent responses from an applicant:
Briefly explain the four main parts of a computer system information.

Provide an example of each.

Managing data efficiently requires having sufficient processing speed, paired with the appropriate amount of memory and storage space. Briefly explain what you would recommend for an IT professional to have for their laptop’s memory, storage, and processor.
Your first post should be on or before Saturday and a minimum of 100 words. Include a link to any site you used to help you respond to the question. Make sure you respond substantively to at least two classmates.

Categories
Telecommunications Engineering homework help

Define the term “Zero-Day Exploit”.

Journalists and others sometimes mix phrases for cybersecurity concepts.  The public can pick up these misnomers,  resulting in confusion.  Confusion during meetings between technology practitioners and management wastes time that could otherwise be useful to make progress toward solving a problem (perhaps some of you have sat through a frustrating first half of a meeting where this disconnect was gradually discovered by those present).  Some basic vocabulary definitions must be reinforced for cybersecurity practitioners to reduce the confusion that can creep into conversations and meetings.  Please write about these concepts listed below and support your definitions and discussions with reference sources that do not confuse the definitions.
For your initial post, discuss the two topics below.  Respond to posts from other students.
Define and differentiate Vulnerability, Risk, and Threat
Define the term “Zero-Day Exploit”.  Discuss some recent examples where one or two ZDEs were used to bypass cybersecurity controls to open a hole in vulnerable Critical Infrastructures, SCADA systems, or Industrial Control Systems (ICS) so malicious code could enter to cause disruptive effects.  Describe how ZDEs can possibly be used by nation states, criminals, and political extremists.
Background Resources
Wk 1 – Zero Day Exploit.pdf
Zero Day Exploit (source)
Wk 1 – Critical Infrastructure Security and Industrial Control Systems.pdf
Critical Infrastructure Security and Industrial Control Systems (source)

Categories
Telecommunications Engineering homework help

Create the legal and ethical foundation for a hypothetical business that works in the IoT field

Create the legal and ethical foundation for a hypothetical business that works in the IoT field so that the company can integrate such concerns into its cybersecurity framework.  Pay close attention to those matters which could most closely affect the public, who may not fully understand the enormity of such inter-related concerns.  Provide theoretical procedures that could be helpful.

Categories
Telecommunications Engineering homework help

Predict how present day legal and ethical concerns associated with cybersecurity may apply to possible insurance claims within the foreseeable future.

Predict how present day legal and ethical concerns associated with cybersecurity may apply to possible insurance claims within the foreseeable future.  As you do so, please be sure to apply facts, relevant procedures (legal, ethical and/or technical), as well as the concepts that you believe link all of these concepts together.

Categories
Telecommunications Engineering homework help

Discuss what you deem is the most effective security management framework for your organization

Week 8 Discussion
There are many methods, mechanisms, and practices discussed for the management of security. Discuss what you deem is the most effective security management framework for your organization and why.  Peers in your responses, I encourage you to respectably rebut their selection and or point out the gaps/vulnerabilities?
Example: Use as example only.
Hello everyone,
Here we are again at the end of yet another course. Hope everyone had a great Thanksgiving holiday and didn’t eat too much. This week we are discussing what we perceive as the most effective security management framework for our organization and why. Being in the military the last 20+ years, I would have to select the defense in depth method. A defense in depth method leverages multiple overlapping security measures including administrative, physical, and logical / technical controls. Administrative controls include such mechanisms as access control restrictions, having employees sign acceptable use agreements, and posting regulations banning unauthorized employee activities. Separately, physical controls include the use of fences, gates, security cameras, badge readers, door locks and keypads. Physical access controls tend to garner much of the focus due to the ability to physically see the security mechanisms in place, as opposed to administrative or logical controls. Lastly, logical controls include the use of network firewalls, encryption, patch management, and antivirus/anti-malware protection. There are numerous other mechanisms and access control measures that are included in a defense in depth strategy, but as we learned in the first week’s reading regarding the multiple areas of security, each layer’s defense is complemented and reliant on all the other layers of security.
-Chris
Reference:
Fortinet. (2022). Defense in depth. Fortinet, Inc. Retrieved November 26, 2022, from https://www.fortinet.com/resources/cyberglossary/defense-in-depth.
Jacobs, S. (2015). Engineering information security: The application of systems engineering concepts to achieve information assurance. John Wiley & Sons, Incorporated.

Categories
Telecommunications Engineering homework help

Discuss the security vulnerabilities that are found in each layer of the OSI model. 

Many of you have learned about the OSI and many do not get how this is applicable beyond foundational knowledge.  I would like you to take another look at the OSI model and each layer discuss a possible security risk you see in each layer.  You will see a common theme by the end of the discussion.
Example:  Use only as example!
This week we discuss the security vulnerabilities that are found in each layer of the OSI model.  The physical layer is up first.  Vulnerabilities in the physical layer have been discussed extensively in previous weeks.  One possible security risk is for an adversary to infect a USB drive and then physically plug it in to a networked device.
The next layer is the data link layer.  It is the layer responsible for the transmission of data between nodes.  A security threat in this layer would be for a potential adversary to corrupt or alter data that is about to be sent through the node.  This would subsequently alter the data that is transmitted form its original and intended form.
The network layer is responsible for routing messages through different networks.  A vulnerability here could be a data worm that has infected a device in one network, being transported via the network layer to another network.  The worm will then be able to infect the devices within the new network.
The transport layer is the first in the upper layer and is responsible for breaking messages down in to pieces before sending them onward.  A potential vulnerability here is for the interception of unencrypted messages being sent through the transport layer by an adversary.
Session layer is next and is responsible for passwords exchanges, log offs, and termination of connections.  A vulnerability here would be an adversary keeping the gateway open and preventing the session layer from terminating the connection.  This would allow the adversary access to the data protected beyond the password gateway.
The presentation layer provides conversion service which cause character change sequences.  A vulnerability here could be an adversary corrupting the change sequence which would produce the incorrect data once it has been converted.
The final layer, the application layer is the layer most responsible for communication of the various applications being utilized.  One of the vulnerabilities present here would be the potential for a virus to cause the application layer to redirect data that flows through it.
One of the common themes I see running through here is the spread of corruption and viruses.  Each layer has the potential to spread malicious content.  The conclusion this brings me to is that each layer must be properly defended with modern security protocols.
Jacobs, S. (2015) Engineering Information Security : The Application of Systems Engineering Concepts to Achieve Information Assurance

Categories
Telecommunications Engineering homework help

Compare the implementations of cryptographic solutions. 

(2-3 pages + references) should use 1″ margins, 12 point font size, and should be single-spaced.
: Compare the implementations of cryptographic solutions.

Categories
Telecommunications Engineering homework help

Identify and explain relevant conceptual material

Submit a reflections paper on your ISS642 readings, exercises and weekly discussion posts. The paper should be at least 2 pages long.  The paper should include:
A brief summary of your course experience.
Identify and explain relevant conceptual material (theories, concepts) from the course.
How the course concept/idea/theory may or will change your future actions/activities
Attached are the course work to use for this paper.

Categories
Telecommunications Engineering homework help

Differentiate between the various tools and tactics for attacking network security monitoring

Differentiate between the various tools and tactics for attacking network security monitoring and the considerations involved in incident response.