WEEK 2 ESSAY QUESTIONS
Instructions: Answer allquestions in a single document. Then submit to the appropriate assignmentfolder. Each response to a single essay question should be about a half-page inlength (about 150 words).
1.Not all information has the same importance and value to a company. How data isclassified is an important factor used in determining the amounts of fundingand resources that should be applied to protecting each type of data. Describethe data classification levels within commercial and military organizations andprovide examples of the types of information that would be classified at eachclassification level.
2.It takes a team of individuals throughout the organization working together tosafeguard the integrity and confidentiality of data resources. Describe thelayers of responsibility within an organization when it comes to asset securityand data protection. For each role, discuss their responsibility within theorganization for asset security.
3. The architecture of acomputer system is very important and comprises many topics. The system mustensure that memory is properly segregated and protected, ensure that onlyauthorized subjects access objects, ensure that untrusted processes cannot performactivities that would put other processes at risk, control the flow ofinformation, and define a domain of resources for each subject. It also mustensure that if the computer experiences any type of disruption, it will notresult in an insecure state. Many of these issues are dealt with in thesystem’s security policy, and the security mode is built to support therequirements of this policy. Explain the concept of a trusted computing baseand describe how it is used to enforce the system’s security policy. Provideexamples of specific elements (hardware, software or firmware) in thearchitecture of the computer system could be used that provide security withinthe TCB.
WEEK 3 ESSAYQUESTIONS
Instructions:Answer all questions in a single document. Then submit to the appropriateassignment folder. Each response to a single essay question should be about ahalf-page in length (about 150 words).
1.Cryptographic algorithms provide the underlying tools to most securityprotocols used in today’s infrastructures. The choice of which type ofalgorithm depends on the goal that you are trying to accomplish, such asencryption or data integrity. These algorithms fall into two main categories:symmetric key and asymmetric key cryptography. In this essay, please discussthe strengths and weaknesses of symmetric key cryptography and give an exampleof where this type of cryptography is used. Then discuss the strengths andweaknesses of asymmetric key cryptography and give an example of where thistype of cryptography is used.
2.Cryptography has been used in one form or another for over 4000 years andattacks on cryptography have been occurring since its inception. The type ofpeople attempting to break the code could be malicious in their intent or couldjust be trying to identify weaknesses in the security so that improvements canbe made. In your essay response, define cryptanalysis and describe some of thecommon cryptanalytic techniques used in attacks.
3. Manypeople overlook the importance of physical security when addressing securityconcerns of the organization. Complex cryptography methods, stringent accesscontrol lists, and vigilant intrusion detection/prevention software will berendered useless if an attacker gains physical access to your data center. Siteand facility security planning is equally important to the technical controlsthat you implement when minimizing the access, a criminal will have to yourassets. In your essay response, define CPTED and describe how following theCPTED discipline can provide a more aesthetic alternative to classic targethardening approaches. Make sure that the three CPTED strategies are covered inyour response.