SlideShare a Scribd company logo

Cis 333 Enthusiastic Study / snaptutorial.com

Download as DOCX, PDF
G
GeorgeDixon99

The document outlines a series of assignments and case studies related to information systems security for a course (CIS 333). Students are tasked with analyzing various aspects of cybersecurity, including the benefits and risks of Bring Your Own Device (BYOD) policies, identifying potential threats in a gaming company, implementing public key infrastructure, and establishing risk response strategies for a pharmacy. Each assignment requires students to produce detailed reports utilizing specific formatting and research guidelines.

Education
1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
CIS 333 Week 3 Case Study 1: Bring Your Own Device (BYOD) For more classes visit www.snaptutorial.com Case Study 1: Bring Your Own Device (BYOD) Due Week 3 and worth 60 points Read the following articles located in the course shell: “The dark side of BYOD” from TechRepublic and “BYOD As We Know It Is Dead” from Forbes. Write a two to three (2-3) page paper in which you: Identify the primary benefits of BYOD in organizations, and determine the key ways in which its concepts can enhance an end user’s overall working experience. Analyze in detail the major risks surrounding BYOD, and analyze the security controls and technologies that are currently available and being utilized to manage these risks. Provide a real-world example of how BYOD either positively or negatively affected an organization’sproductivity and / or security.
Determine whether or not you would consider implementing BYOD concepts in a real organization and whether or not the benefits outweigh the risks. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain how businesses apply cryptography in maintaining information security. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ********************************************************
CIS 333 Week 4 Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities For more classes visit www.snaptutorial.com Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Due Week 4 and worth 75 points You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains: 1) 2 – Firewalls 5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC) 2) 1 – Web / FTP server 6) 3 – File servers 3) 1 – Microsoft Exchange Email server
7) 1 – Wireless access point (WAP) 4) 1 – Network Intrusion Detection System (NIDS) 8) 100 – Desktop / Laptop computers 9) VoIP telephone system The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could have on the organization. Write a four to five (4-5) page paper in which you: Analyze three (3) specific potential malicious attacks and / or threats that could be carried out against the network and organization. Explain in detail the potential impact of the three (3) selected malicious attacks. Propose the security controls that you would consider implementing in order to protect against the selected potential malicious attacks. Analyze three (3) potential concerns for data loss and data theft that may exist in the documented network. Explicate the potential impact of the three (3) selected concerns for data loss and data theft. Propose the security controls that you would consider implementing in order to protect against the selected concerns for data loss and data theft.
Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions.
******************************************************** CIS 333 Week 6 Case Study 2: Public Key Infrastructure For more classes visit www.snaptutorial.com Case Study 2: Public Key Infrastructure Due Week 6 and worth 60 points Suppose you are the Information Security Director at a small software company. The organization currently utilizes a Microsoft Server 2012 Active Directory domain administered by your information security team. Mostly software developers and a relatively small number of administrative personnel comprise the remainder of the organization. You have convinced business unit leaders that it would be in the best interest of the company to use a public key infrastructure (PKI) in order to provide a framework that fosters confidentiality, integrity, authentication, and nonrepudiation. Email clients, virtual private network (VPN) products, Web server components, and domain controllers would utilize digital certificates issued by the certificate authority (CA). Additionally, the company would use digital certificates to sign software developed by the company in order to demonstrate software authenticity to the customer.
Write a two to three (2-3) page paper in which you: Analyze the fundamentals of PKI, and determine the primary ways in which its features and functions could benefit your organization and its information security department.Propose one (1) way in which the PKI could assist in the process of signing the company’s software, and explain the main reason why a customer could then believe that software to be authentic. Compare and contrast public and in-house CAs. Include the positive and negative characteristics of each type of certificate authority, and provide a sound recommendation of and a justification for which you would consider implementing within your organization.Explain your rationale. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain how businesses apply cryptography in maintaining information security.
Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ******************************************************** CIS 333 Week 8 Assignment 2: Identifying Potential Risk, Response, and Recovery For more classes visit www.snaptutorial.com Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats
specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow- up plan detailing a strategy for addressing all risks (i.e., risk mitigation, ******************************************************** risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale. For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk. Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization. Draft a one (1) page Executive Summary that details your strategies and recommendations to the CIO (Note: The Executive Summary is included in the assignment’s length requirements).
Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school- specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations. Use technology and information resources to research issues in information systems security.
Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ******************************************************** CIS 333 Week 10 Technical Project Paper: Information Systems Security For more classes visit www.snaptutorial.com Technical Project Paper: Information Systems Security Due Week 10 and worth 150 points Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared toward protecting medication and funds located on the premises, as well as the customers’ personally identifiable information and protected health information that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and
establishing strong physical and logical access control methods to mitigate the identified risks. 1) Firewall (1) 4) Desktop computers (4) 2) Windows 2012 Active Directory Domain Controllers (DC) (1) 5) Dedicated T1 Connection (1) 3) File Server (1) Write an eight to ten (8-10) page paper in which you: Identify at least five (5) potential physical threats that require attention. Determine the impact of at least five (5) potential logical threats that require attention. Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats. Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats.
For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. Use at least five (5) quality resources in this assignment (no more than 2-3 years old) from material outside the textbook.Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
Explain the role of access controls in implementing a security policy. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. Explain how businesses apply cryptography in maintaining information security. Analyze the importance of network principles and architecture to security operations. ********************************************************

More Related Content

DOC
Cis 333 Education Redefined - snaptutorial.com
DavisMurphyC75
 
PDF
CMGT 431 Education Specialist |tutorialrank.com
ladworkspaces
 
DOCX
CIS 560 Education Specialist / snaptutorial.com
McdonaldRyan139
 
DOCX
Cmgt 582 Education Specialist -snaptutorial.com
DavisMurphyC37
 
DOC
CIS 560 Exceptional Education - snaptutorial.com
DavisMurphyB34
 
DOC
Cis 560 Education Redefined-snaptutorial.com
robertledwes39
 
DOCX
Cis 560 Enhance teaching / snaptutorial.com
HarrisGeorg54
 
DOCX
Cis 560 Education Organization -- snaptutorial.com
DavisMurphyC
 
Cis 333 Education Redefined - snaptutorial.com
DavisMurphyC75
 
CMGT 431 Education Specialist |tutorialrank.com
ladworkspaces
 
CIS 560 Education Specialist / snaptutorial.com
McdonaldRyan139
 
Cmgt 582 Education Specialist -snaptutorial.com
DavisMurphyC37
 
CIS 560 Exceptional Education - snaptutorial.com
DavisMurphyB34
 
Cis 560 Education Redefined-snaptutorial.com
robertledwes39
 
Cis 560 Enhance teaching / snaptutorial.com
HarrisGeorg54
 
Cis 560 Education Organization -- snaptutorial.com
DavisMurphyC
 

What's hot (18)

DOC
Cis 560 Education Organization / snaptutorial.com
Baileya127
 
PDF
A Study of Database Protection Techniques
IJSRED
 
PDF
CIS 560 Effective Communication - tutorialrank.com
Bartholomew22
 
DOC
Cis 560 Effective Communication / snaptutorial.com
Baileyam
 
DOCX
CMGT 582 STUDY Inspiring Innovation--cmgt582study.com
KeatonJennings98
 
PDF
Application Security Maturity Model
Security Innovation
 
PDF
To Analyze Conflicts between Software Developer and Software Tester
AM Publications,India
 
DOC
Cis 333 Education Organization / snaptutorial.com
Baileya82
 
DOCX
CIS 560 Inspiring Innovation/tutorialrank.com
jonhson114
 
DOCX
Cis 333 Extraordinary Success/newtonhelp.com
amaranthbeg146
 
PDF
CIS 333 Life of the Mind/newtonhelp.com   
bellflower3
 
PDF
Cis 333 Enhance teaching / snaptutorial.com
Davis104
 
DOCX
CIS 333 Exceptional Education / snaptutorial.com
donaldzs97
 
PDF
Software reusabilitydevelopment through NFL approach For identifying security...
IJECEIAES
 
DOC
CIS 333 Imagine Your Future/newtonhelp.com   
bellflower45
 
PDF
Cmgt 400 cmgt400
GOODCourseHelp
 
PDF
A Comparative Study between Vulnerability Assessment and Penetration Testing
YogeshIJTSRD
 
PDF
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Dr. Ramchandra Mangrulkar
 
Cis 560 Education Organization / snaptutorial.com
Baileya127
 
A Study of Database Protection Techniques
IJSRED
 
CIS 560 Effective Communication - tutorialrank.com
Bartholomew22
 
Cis 560 Effective Communication / snaptutorial.com
Baileyam
 
CMGT 582 STUDY Inspiring Innovation--cmgt582study.com
KeatonJennings98
 
Application Security Maturity Model
Security Innovation
 
To Analyze Conflicts between Software Developer and Software Tester
AM Publications,India
 
Cis 333 Education Organization / snaptutorial.com
Baileya82
 
CIS 560 Inspiring Innovation/tutorialrank.com
jonhson114
 
Cis 333 Extraordinary Success/newtonhelp.com
amaranthbeg146
 
CIS 333 Life of the Mind/newtonhelp.com   
bellflower3
 
Cis 333 Enhance teaching / snaptutorial.com
Davis104
 
CIS 333 Exceptional Education / snaptutorial.com
donaldzs97
 
Software reusabilitydevelopment through NFL approach For identifying security...
IJECEIAES
 
CIS 333 Imagine Your Future/newtonhelp.com   
bellflower45
 
Cmgt 400 cmgt400
GOODCourseHelp
 
A Comparative Study between Vulnerability Assessment and Penetration Testing
YogeshIJTSRD
 
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Dr. Ramchandra Mangrulkar
 
Ad

Similar to Cis 333 Enthusiastic Study / snaptutorial.com (20)

DOCX
Cis 341 Enthusiastic Study - snaptutorial.com
GeorgeDixon100
 
DOCX
CIS 341 Success Begins / snaptutorial.com
Robinson070
 
DOCX
Cis 341 Technology levels--snaptutorial.com
sholingarjosh56
 
PDF
AJS 572 Effective Communication - tutorialrank.com
Bartholomew6
 
DOCX
Case Study 1 Mitigating Cloud Computing RisksDue Week 4 and wor
ogglili
 
DOCX
Assignment 1 Developing the Corporate Strategy for Information Secu.docx
murgatroydcrista
 
DOCX
AJS 572 Education Specialist / snaptutorial.com
McdonaldRyan130
 
DOC
Strayer cis 333 week 6 case study 2
vikscarter
 
DOC
Strayer cis 333 week 6 case study 2
nikig6806
 
PDF
Ajs 572 Exceptional Education / snaptutorial.com
Davis141
 
DOC
Strayer cis 333 week 6 case study 2
uopassignment
 
DOC
Strayer cis 333 week 6 case study 2
olivergeorg
 
DOC
Ajs 572 Education Redefined-snaptutorial.com
robertledwes29
 
DOCX
AJS 572 Education Organization -- snaptutorial.com
DavisMurphyB93
 
DOCX
Ajs 572 Enhance teaching / snaptutorial.com
HarrisGeorg45
 
DOCX
Cmgt 582 Effective Communication / snaptutorial.com
HarrisGeorg12
 
PDF
CMGT 431 Education Specialist |tutorialrank.com
ladworkspaces
 
DOCX
AJS 572 Exceptional Education - snaptutorial.com
DavisMurphyB27
 
DOC
Cis 558 Education Specialist-snaptutorial.com
robertlesew96
 
DOCX
Term Paper The Rookie Chief Information Security Officer.docx
manningchassidy
 
Cis 341 Enthusiastic Study - snaptutorial.com
GeorgeDixon100
 
CIS 341 Success Begins / snaptutorial.com
Robinson070
 
Cis 341 Technology levels--snaptutorial.com
sholingarjosh56
 
AJS 572 Effective Communication - tutorialrank.com
Bartholomew6
 
Case Study 1 Mitigating Cloud Computing RisksDue Week 4 and wor
ogglili
 
Assignment 1 Developing the Corporate Strategy for Information Secu.docx
murgatroydcrista
 
AJS 572 Education Specialist / snaptutorial.com
McdonaldRyan130
 
Strayer cis 333 week 6 case study 2
vikscarter
 
Strayer cis 333 week 6 case study 2
nikig6806
 
Ajs 572 Exceptional Education / snaptutorial.com
Davis141
 
Strayer cis 333 week 6 case study 2
uopassignment
 
Strayer cis 333 week 6 case study 2
olivergeorg
 
Ajs 572 Education Redefined-snaptutorial.com
robertledwes29
 
AJS 572 Education Organization -- snaptutorial.com
DavisMurphyB93
 
Ajs 572 Enhance teaching / snaptutorial.com
HarrisGeorg45
 
Cmgt 582 Effective Communication / snaptutorial.com
HarrisGeorg12
 
CMGT 431 Education Specialist |tutorialrank.com
ladworkspaces
 
AJS 572 Exceptional Education - snaptutorial.com
DavisMurphyB27
 
Cis 558 Education Specialist-snaptutorial.com
robertlesew96
 
Term Paper The Rookie Chief Information Security Officer.docx
manningchassidy
 
Ad

Recently uploaded (20)

PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PDF
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PDF
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
PDF
Pre independence Education in Inndia.pdf
goofy5603
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PPTX
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
RMMM.pdf make it easy to upload and study
sajedul2
 
Computing-Curriculum for Schools in Ghana
abigailanane203
 
O5-L3 Freight Transport Ops (International) V1.pdf
labyankof
 
Pre independence Education in Inndia.pdf
goofy5603
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
Anesthesia in Laparoscopic Surgery in India
mohitsuren827
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Institutional Correction lecture only . . .
limvtheghins
 
GDM (1) (1).pptx small presentation for students
shrawanbpkihs
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 

Cis 333 Enthusiastic Study / snaptutorial.com

  • 1. CIS 333 Week 3 Case Study 1: Bring Your Own Device (BYOD) For more classes visit www.snaptutorial.com Case Study 1: Bring Your Own Device (BYOD) Due Week 3 and worth 60 points Read the following articles located in the course shell: “The dark side of BYOD” from TechRepublic and “BYOD As We Know It Is Dead” from Forbes. Write a two to three (2-3) page paper in which you: Identify the primary benefits of BYOD in organizations, and determine the key ways in which its concepts can enhance an end user’s overall working experience. Analyze in detail the major risks surrounding BYOD, and analyze the security controls and technologies that are currently available and being utilized to manage these risks. Provide a real-world example of how BYOD either positively or negatively affected an organization’sproductivity and / or security.
  • 2. Determine whether or not you would consider implementing BYOD concepts in a real organization and whether or not the benefits outweigh the risks. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain how businesses apply cryptography in maintaining information security. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ********************************************************
  • 3. CIS 333 Week 4 Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities For more classes visit www.snaptutorial.com Assignment 1: Identifying Potential Malicious Attacks, Threats, and Vulnerabilities Due Week 4 and worth 75 points You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is identified in the below network diagram and specifically contains: 1) 2 – Firewalls 5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC) 2) 1 – Web / FTP server 6) 3 – File servers 3) 1 – Microsoft Exchange Email server
  • 4. 7) 1 – Wireless access point (WAP) 4) 1 – Network Intrusion Detection System (NIDS) 8) 100 – Desktop / Laptop computers 9) VoIP telephone system The CIO has seen reports of malicious activity being on the rise and has become extremely concerned with the protection of the intellectual property and highly sensitive data maintained by your organization. As one of your first tasks with the organization, the CIO requested you identify and draft a report identifying potential malicious attacks, threats, and vulnerabilities specific to your organization. Further, the CIO would like you to briefly explain each item and the potential impact it could have on the organization. Write a four to five (4-5) page paper in which you: Analyze three (3) specific potential malicious attacks and / or threats that could be carried out against the network and organization. Explain in detail the potential impact of the three (3) selected malicious attacks. Propose the security controls that you would consider implementing in order to protect against the selected potential malicious attacks. Analyze three (3) potential concerns for data loss and data theft that may exist in the documented network. Explicate the potential impact of the three (3) selected concerns for data loss and data theft. Propose the security controls that you would consider implementing in order to protect against the selected concerns for data loss and data theft.
  • 5. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions.
  • 6. ******************************************************** CIS 333 Week 6 Case Study 2: Public Key Infrastructure For more classes visit www.snaptutorial.com Case Study 2: Public Key Infrastructure Due Week 6 and worth 60 points Suppose you are the Information Security Director at a small software company. The organization currently utilizes a Microsoft Server 2012 Active Directory domain administered by your information security team. Mostly software developers and a relatively small number of administrative personnel comprise the remainder of the organization. You have convinced business unit leaders that it would be in the best interest of the company to use a public key infrastructure (PKI) in order to provide a framework that fosters confidentiality, integrity, authentication, and nonrepudiation. Email clients, virtual private network (VPN) products, Web server components, and domain controllers would utilize digital certificates issued by the certificate authority (CA). Additionally, the company would use digital certificates to sign software developed by the company in order to demonstrate software authenticity to the customer.
  • 7. Write a two to three (2-3) page paper in which you: Analyze the fundamentals of PKI, and determine the primary ways in which its features and functions could benefit your organization and its information security department.Propose one (1) way in which the PKI could assist in the process of signing the company’s software, and explain the main reason why a customer could then believe that software to be authentic. Compare and contrast public and in-house CAs. Include the positive and negative characteristics of each type of certificate authority, and provide a sound recommendation of and a justification for which you would consider implementing within your organization.Explain your rationale. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain how businesses apply cryptography in maintaining information security.
  • 8. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ******************************************************** CIS 333 Week 8 Assignment 2: Identifying Potential Risk, Response, and Recovery For more classes visit www.snaptutorial.com Assignment 2: Identifying Potential Risk, Response, and Recovery Due Week 8 and worth 75 points In Assignment 1, a videogame development company recently hired you as an Information Security Engineer. After viewing a growing number of reports detailing malicious activity, the CIO requested that you draft a report in which you identify potential malicious attacks and threats
  • 9. specific to your organization. She asked you to include a brief explanation of each item and the potential impact it could have on the organization. After reviewing your report, the CIO requests that you develop a follow- up plan detailing a strategy for addressing all risks (i.e., risk mitigation, ******************************************************** risk assignment, risk acceptance, or risk avoidance) identified in Assignment 1. Further, your plan should identify controls (i.e., administrative, preventative, detective, and corrective) that the company will use to mitigate each risk previously identified. Write a four to five (4-5) page paper in which you: For each of the three (3) or more malicious attacks and / or threats that you identified in Assignment 1, choose a strategy for addressing the associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Explain your rationale. For each of the three (3) or more malicious attacks and / or threats identified in Assignment 1, develop potential controls (i.e., administrative, preventative, detective, and corrective) that the company could use to mitigate each associated risk. Explain in detail why you believe the risk management, control identification, and selection processes are so important, specifically in this organization. Draft a one (1) page Executive Summary that details your strategies and recommendations to the CIO (Note: The Executive Summary is included in the assignment’s length requirements).
  • 10. Use at least three (3) quality resources in this assignment (no more than two to three [2-3] years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school- specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations. Use technology and information resources to research issues in information systems security.
  • 11. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. ******************************************************** CIS 333 Week 10 Technical Project Paper: Information Systems Security For more classes visit www.snaptutorial.com Technical Project Paper: Information Systems Security Due Week 10 and worth 150 points Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared toward protecting medication and funds located on the premises, as well as the customers’ personally identifiable information and protected health information that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and
  • 12. establishing strong physical and logical access control methods to mitigate the identified risks. 1) Firewall (1) 4) Desktop computers (4) 2) Windows 2012 Active Directory Domain Controllers (DC) (1) 5) Dedicated T1 Connection (1) 3) File Server (1) Write an eight to ten (8-10) page paper in which you: Identify at least five (5) potential physical threats that require attention. Determine the impact of at least five (5) potential logical threats that require attention. Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats. Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats.
  • 13. For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. Use at least five (5) quality resources in this assignment (no more than 2-3 years old) from material outside the textbook.Note: Wikipedia and similar Websites do not qualify as quality resources. Your assignment must follow these formatting requirements: Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions. Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length. The specific course learning outcomes associated with this assignment are: Explain the concepts of information systems security as applied to an IT infrastructure. Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. Explain the means attackers use to compromise systems and networks, and defenses used by organizations.
  • 14. Explain the role of access controls in implementing a security policy. Use technology and information resources to research issues in information systems security. Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions. Explain how businesses apply cryptography in maintaining information security. Analyze the importance of network principles and architecture to security operations. ********************************************************