Free

INFA questions - Assignment Example

Comments (0) Cite this document
Summary
As much as lower EALs cost less, they however do not provide increased assurance. Rather higher level EALs provide high assurance although they come at increased cost due to the more detailed documentation required, analysis and testing. Therefore EAL4 though cheaper does…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER92.2% of users find it useful
INFA questions
Read TextPreview

Extract of sample "INFA questions"

Computer Security Computer Security Data confidentiality Short timeliness- one time passwords Long timeliness – user details like email, home address, telephone
2. EAL 4 versus EAL 7
FALSE. As much as lower EALs cost less, they however do not provide increased assurance. Rather higher level EALs provide high assurance although they come at increased cost due to the more detailed documentation required, analysis and testing. Therefore EAL4 though cheaper does not provide high assurance.
3. It is TRUE that a business continuity plan explains how an organization will maintain operational capabilities during an incident, while an incident response describes how the organization will handle the security incident itself.
4. Defense in Depth
TRUE. Defense in dense entails use of several layers of security. It does not dictate how many or which tool to use in improving the security of system. Rather, the choice on what number of layers and technologies to use depends upon the risk analysis done by the organization (Cisco).
5. TRUE. Physical security and information security are often managed by different organizations. However, risk analysis for information security still needs to address physical security
6. TRUE. In conducting a risk analysis, it is often not possible to directly estimate the probability of an event (attack).
7. Not a security architecture framework
     (a.) Sherwood Applied Business Security Architecture (SABSA)
8.      g. (a), (b), (c) and (d)
9. TRUE. Security controls are the (main) mechanisms/means used to reduce risk consequence and risk likelihood.
10. FALSE. Denial of service attacks primarily affect confidentiality whereas inference attacks primarily affect availability.
Part 2: Short Answers (15 points each). Please answer briefly and completely, and cite all sources of information. Please restrict your answer for each question to one (1/2) page (double spaced).
1. Explain the difference between a vulnerability, threat, and control. Define each and please provide an example of each. (1/2 page)
Management control
Concerned with the way authority is assigned and organized (Northcutt). Entails formulating security policies, guidelines and planning in order to reduce loss (Stallings & Brown). Basically involves setting what employees may do, must always do, or cannot do. Examples include changing of policies, installing motion detectors, security awareness training among others.
Operational control
Involves enforcing the implementation of security policies, standards and also maintaining consistency in operations together with executing corrective measures in case of deficiencies (Stallings & Brown). The procedures are effected on both hardware and software. Examples include recovery actions like system reboot, data backup and access control to data (Slideshare).
Technical Control
It involves utilizing the security capabilities of the hardware and software. The security once set up is managed entirely by the computer system. Examples include setting up firewalls and access tokens, password encryptions.
2. Most security models categorize controls into three types: management, operational, and technical. Describe each of these categories, and provide two examples of controls that would fall within each category. (1/2 page)
Vulnerability
A characteristic of a technology that someone can take advantage of to orchestrate a security incident (Stallings & Brown). Example is when a program unintentionally allows ordinary users to execute commands that can only be executed by privileged users.
Threat
A potential for violation of a security policy that comes into play when there is an event or circumstance that could trigger breaching of security and therefore cause harm. It can be explained as a possible danger that could result in someone taking advantage of a vulnerability to breach security. Example is when an individual gains access to data that they are not supposed to thus there comes in a threat where sensitive data is exposed to unauthorized persons. (Stallings & Brown)
Control
A means of managing risk by laying down policies, procedures, guidelines, practices and organizational structures. These can be effected in administrative, management or technical manner. Examples of control include installation of security cameras, motion sensors and guards in order to effect physical access to the system.
Bibliography
Anciaux, N., Bauganim, L. & Pucheral, P. Data Confidentiality. Retrieved from http://www- caravel.inria.fr/dataFiles/ABP06b.pdf
Cisco. Understanding Operations Security. Retrieved from http://www.cisco.com/web/about/security/intelligence/opsecurity.html
Microsoft. Data Confidentiality. Retrieved from https://msdn.microsoft.com/en- us/library/ff650720.aspx
Northcutt, S. Security Controls. Retrieved from http://www.sans.edu/research/security- laboratory/article/security-controls
Slideshare. Operations Security. Retrieved from http://www.slideshare.net/7wounders/8- operations-security
Stallings, W. & Brown, L. Computer Security Principles and Practice. Retrieved from http://www.ebookandpdf.com/security-info/40252-computer-security-principles-and- practice-2nd_2.html
University of Washington. Administrative Policies. Retrieved from http://www.washington.edu/admin/rules/policies/APS/02.06.html
U.S.NRC. Defense in Depth. Retrieved from
http://www.nrc.gov/reading-rm/basic-ref/glossary/defense-in-depth.html
WhatIs.com. Security Management. Retrieved from http://whatis.techtarget.com/glossary/Security-Management Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“INFA questions Assignment Example | Topics and Well Written Essays - 500 words”, n.d.)
INFA questions Assignment Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/information-technology/1679252-infa-questions
(INFA Questions Assignment Example | Topics and Well Written Essays - 500 Words)
INFA Questions Assignment Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/information-technology/1679252-infa-questions.
“INFA Questions Assignment Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/information-technology/1679252-infa-questions.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF INFA questions

Questions

...? Essay Questions Question Employees’ Survey Employee survey is a critical aspect of organization that helps the management to collect information that is useful in understanding the workers in a better way, to improve their ability. Prior to surveying the perceptions of the employees, all the management knows is what they observe of employees’ behavior. For instance, the knowledge of their productivity, absenteeism, and turnover rates exists. Thus, there is lack of information on the attitudes and perceptions, which are responsible for driving employees’ behaviors. Understanding motivation factors helps the management in designing jobs and goal setting. Once the research questions have...
7 Pages(1750 words)Essay

Questions

...Literature Questions What do you believe to be the most important purpose of literature? Literature isa broad term that can be used to describe a wide variety of textual collections. These can be the texts that comprise the ideals of a nation, such as the Constitution of the United States, Mark Twain’s Huckleberry Finn, the Bible, and any other number of volumes that begin to define a common ideal of what it means to be America. They could also include texts that cover a single subject, such as Gawain and the Green Knight, Le Morte d’Arthur and the modern film Camelot which all deal in some close relationship with the Arthurian legend. As is indicated in the last example, not all of these texts need necessarily remain...
5 Pages(1250 words)Essay

Questions

...I Define: a) Quantitative Approaches of Assessments: These are theoretically based interventions that are grounded on constructivism. Constructivism refers to moving away from the traditional logical positive world view that influences the development and growth of the traditional career assessments. Quantitative career assessments has been recognised to be idiographic in nature and here it is the individual that serves as the point to identify the pertinent and the interpreting meaning of the events as well. b) Qualitative Approaches of Assessments: This is an objective approach and has several less rigid parameters. According to Goldman, the qualitative approaches to assessment needs is more clients involves and is based a lot... Define:...
2 Pages(500 words)Essay

Questions

... Greek Philosophy Greek philosophies insist on the facts of life and believe that an opposite exists for every philosophy. Mythology is given more prominence since it exhibited the reactions and opinions of the philosophers. Most of the philosophers and authors believed that myth played an important role and it formed a part of their inventions and creations. Plato, a Greek philosopher proposed several works which insisted on the importance of myth. One of his famous works, Phaedo, describes how a character changes in a particular sequence or a situation. (Cohen, 2005). Plato strongly believed that myth has gone through a phase of development and the way in which it was conceived has undergone continuous change. He also stated... Greek...
2 Pages(500 words)Essay

Questions

...XXXXXXXXXXXX XXXXXXXXXXXX FAMILY The most basic function of a family cannot be based on mere economical or social reasons. As proposed by the sociologists, most of the benefits were very efficiently provided by the community itself. Even in the current times families have to take the help of schools, churches, hospitals etc (community) for their physical and spiritual well-being. But the most important feature in a family of human beings in the phenomenon of Parenting. Mother and father of a child (or children) form a family where they become parents and teach young children about many things of life. Teaching and training isn’t the only motivation behind parenting. A family isn’t complete unless there is concern about children’s...
1 Pages(250 words)Essay

Questions

...Application stores Application stores Both Apple and Google have great application stores. However, further outlook into these apps shows that a difference exists between the two companies when it comes to the apps efficiency and effectiveness. Apple application stores are better when compared to those of Google mainly because they offer a wide variety of choices when it comes to downloading of different products from the internet. Profoundly, Apple application stores have a large capacity for usage. For instance, documented evidence shows that year 2010-witnessed users of Apple application store download about 3 billion apps in some of the most popular gadgets, which include iPod, iPhone, and iPad (Pak, 2011). On the other end... stores...
1 Pages(250 words)Assignment

Questions

...Solutions a) applying the operator d 2 /dx2 [exp –i(3x+2y d/dx[d/dx exp –i(3x+2y d/dx[-3iexp –i(3x+2y) =-3i(-3i)exp –i(3x+2y) =9i2exp –i(3x+2y) =-9exp –i(3x+2y). the eigenvalues is-9. (b) apply the operator as (1/x)(x2+y2)d/dx(x2+y2)1/2 =(1/x)(x2+y2)[x/(x2+y2)1/2] = (x2+y2)1/2. The eigenvalue is 1. (c) applying the operator sinөd/dө(sinөcosө)[sinөd/dө(sinөcosө)] + 6sin2ө = sinө[cosөd/dөsinө+sinөd/dөcosө]{sinө[cosөd/dөsinө+sinөd/dөcosө]}+6sin2ө =sinө[cos2ө-sin2ө]{sinө[cos2ө-sin2ө]}+6sin2ө, from this equation it is clear that the function cannot be regenerated. 2. for orthogonality, ʃ∞-∞(2ax2-1)(exp-1/2ax2)2dx=ʃ∞-∞(2ax2-1)exp-a2x4dx = -=∞-∞=0. 3.from ,=, == , , A=. 4. for the particle moving along a circle covers some radius r... a) applying...
5 Pages(1250 words)Assignment

Questions

... Geo101 Who were the three main European colonizers of what became the United s and Canada? In the past, both United States and Canada were grouped together. As a result, they were colonized together at the time. The three main colonizers were Spain, England, and France. 2. Where was each European colonizer most influential? Each colony had its influence in the region. For example, the Spanish was more influential in the islands. On the other hand, France and England were influential in New France and metropolitan respectively. 3. Describe long-term impacts of each European power in North America? The Spanish was the first to use the name America after discovery of new lands. Most of the Spanish colonies retain Spanish... Geo101 Who were...
2 Pages(500 words)Assignment

Questions

...Health sciences and medicine Paracetamol is mainly used for the relief of headaches together with some other minor pains and aches. It is a critical ingredient in many flu and cold remedies (ASHLEY & CURRIE, 2009). When it is combined with opioid analgesics, it can also be used to manage more serious pain like post-surgical and the provision of palliative care in the patients with cases of advanced cancer (ASHLEY & CURRIE, 2009).  PEG 400 has some unique properties that make it its formulation usable in many applications. It has a quite low toxicity and as a result, it is extensively used in a number of pharmaceutical formulations (BARNES, & GENTLE, 2005). Nevertheless, it has lately been used in the making of E-Liquid... sciences and...
1 Pages(250 words)Essay

Questions

...Questions Questions Question Catholic churches are masculine because of their doctrine of God latria, which is simply worshippingjust God. A common misconception is that Catholic churches worship Mary who they rather accord her to the utmost honor as a mere creation of God. Honoring Mary is a deed of affection that always converts to God’s glory, which further shows the masculine nature of Catholic doctrine. On the other hand, Protestant churches are feminine as leaders proclaim women as overseers of key ceremonies. Seminaries of protestant churches comprise of 50% women and the ordained priests largely consist of clergy from female dominated professions like...
1 Pages(250 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Assignment on topic INFA questions for FREE!

Contact Us