Free

CIS212 U1 Review - Essay Example

Comments (0) Cite this document
Summary
A threat is anything that poses the danger to the computer system whereas vulnerability refers to a loophole or a weakness that hackers or attackers can use to attack a system. Atheotherhandlikelihoodloss There are situations where a risk is said to be vulnerability but in other…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER92% of users find it useful
CIS212 U1 Review
Read TextPreview

Extract of sample "CIS212 U1 Review"

Nuclear Plant Password Policy Insert Insert Activity 1 As an information officer, what are the information security goals that you need to keep in mind while defining the protection you shall need?(Select all that apply.)
The goals are detection, prevention, and recovery
2) What are applicable forms of vulnerabilities? (select all that apply)
They include improperly configured software, misuse of communication protocols and damage to Hardware
3) Detail the difference between a threat, vulnerability, and a risk.
A threat is anything that poses the danger to the computer system whereas vulnerability refers to a loophole or a weakness that hackers or attackers can use to attack a system. Atheotherhandlikelihoodloss There are situations where a risk is said to be vulnerability but in other cases, some vulnerabilities occur without any risks.
Activity 1-2
1) The three most fundamental goals of computer security are: (Select all that apply.)
They include confidentiality, integrity, and privilege management.
3) A biometric handprint scanner is as part of a system for granting access to a facility. Once an identity is, the system checks and confirms that the user allowed leaving the lobby and entering the facility, and the electronic door lock is released. This is an example of (Select all that apply.)
It is an example of authentication.

3) Katie’s handprint is against a record in the system that indicates that she has been assigned clearance to view the contents of secret documents. Later, at her desk, she tries to connect her folder that is Top Secret, and access is denied. This an example of
MAC
4) At the end of the day, the security personnel can view electronic log files that record the identities of everyone who entered and exited the building along with the time of day. This is an example of:
Auditing
5) An administrator of a large multinational company can assign access rights and track user’s resource access from a central administrative console. Users throughout the organization can gain access to any system after providing a single username and password. This is an example of:
Privilege management
Activity 1-3
1) Brian works at a bank. To access his laptop, he inserts his employee ID card into a special card reader. This is an example of:
Token-based authentication
2) To access the server room, Brian places his index finger on a fingerprint reader. This is an example of:
Biometric authentication
3) To withdraw money from an automatic teller machine, Nancy inserts a card and types a four-digit PIN. This incorporates what types of authentication? Select all that apply.)
Token-based, password and multifactor.
4) What is the best example of a token-based authentication?
It relies on a card being inserted into a card reader
5) True or False? Mutual authentication protects clients from submitting confidential information to an insecure server.
That is true
6) How does multi-factor authentication enhance security?
Multifactor authentication enhances security by providing at minimum challenges for the attacker to breach the system. The latter can be extremely difficult with the use of biometrics.
Activity 1-4
1) Which algorithm is a hashing encryption algorithm?
That is SHA
2) Which of the following is a specific set of actions used to encrypt data?
Cipher is used to encrypt data.
3) True or False? A digital signature is an application of hashing encryption because the signature is never transformed back to clear text.
That is true
6) What are the distinctions between an encryption algorithm and a key?
The distinction is that the encryption algorithm is the general instruction that is applicable to data when changing it to ciphertext. On the other hand, the key refers to the real value that the algorithm uses. Whereas different ciphertext can result from the use of a different key the process of encryption is always similar.
7) What is a potential drawback of symmetric encryption?
It is the urge of sharing a key between the parties in play. The latter is a source of compromising that key.
8) What makes public key encryption potentially so secure?
it experiences full security as there is no sharing of the key between the parties.
9) Considering that hashing encryption is one-way, and the hash is decrypted, what makes hashing encryption a useful security technique?
Because hashing is applicable in verification of data in a number of circumstances that involve authentication using the password. The situation involves the exchange of hashes instead of the real passwords. Both parties can then verify the file or information after the transfer is complete.
Activity 1-5
Use the file Nuclear Plant Password Policy for these questions.
1) Open and review the policy file. What type of policy document is this?
It is a password policy
2) which standard policy components are in the policy? (Select all that apply.)
The standard policy components included in the policy are the policy statement, the standards, and guidelines.
3) How often must system level administrators change their passwords to conform to this policy?
They must change their passwords at least on a monthly basis
4) To conform to this policy, how often must regular system users change their passwords?
They have to be changed once in every three months
5) According to this policy, what is the minimum character length for a password and how should it be constructed?
According to this policy, there is a minimum character length of eight alphanumeric characters for a password. The policy states what makes up a strong password. First it incorporates both small and capital letters. Further, it is made of symbols, characters, marks for punctuation and digits 0-9 (Farrell, 2008). They should not be words in other languages, dialect, slang or jargon.
Caution should be taken not to include names relating to family members or personal information. The person creating it should be in a position of remembering it. The best passwords are created following a particular phrase. For instance, “I have always told you not to try this alone” has a resultant password of iHaTyNTt~T1
6) Why is password1 not a choice for a password?
Password1 is not a good password because the word password is available in the dictionary and also a common computer terminology. It precedes a digit that is a very common way to write weak passwords that are easily traceable.
References
Farrell, S. (2008). Password Policy Purgatory. IEEE Internet Comput., 12(5), 84-87. doi:10.1109/mic.2008.108 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 words”, n.d.)
CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 words. Retrieved from https://studentshare.org/information-technology/1688140-cis212-u1-review
(CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words)
CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words. https://studentshare.org/information-technology/1688140-cis212-u1-review.
“CIS212 U1 Review Essay Example | Topics and Well Written Essays - 250 Words”, n.d. https://studentshare.org/information-technology/1688140-cis212-u1-review.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF CIS212 U1 Review

Northrop Grumman U1

...UNIT BUSINESS APPLICATION ASSIGNMENT goes here] [Your goes here] [Due the paper] Northrop Grumman Corporation Introduction The name of the company that we have selected for review is Northrop Grumman Corporation. Northrop Grumman is an American company that offers defense technologies and cyber security systems to meet the demands of emerging security challenges of the world. “Cyberattacks have become a big concern for companies, and the US and foreign governments” (Maurer, 2012). Northrop Grumman deals with cyber attacks, as well as with four other business sectors that include aerospace systems, electronic systems, information systems, and technical services. I was interested in knowing different defense systems and technologies... that...
2 Pages(500 words)Essay

MGMT444 U1 IP

...Running Head: MGMT444 U1 IP MGMT444 U1 IP Teacher’s ID Since it is a senior level position, the candi is expected to have an ability of taking initiatives and taking charge of projects and day-to-day tasks. Please tell us how you were performing these tasks in your current job. Also what kind of projects and ideas you have introduced yourself during your career. This question is expected to indicate if the candidate is creative enough to introduce new ideas and take control of situations like a business leader. 2) We need someone who has 360 degree vision of everything going around them as leaving out necessary information means losing productivity and foresight for potential opportunities. Please tell us...
2 Pages(500 words)Research Paper

MGMT442 U1 IP

...Running Head: MGMT442 U1 IP MGMT442 U1 IP Teacher’s ID Q1. During your career, what are your most successful initiatives? Something that you are proud of or can quote as your achievement? The candidate should have experience of setting up a new service department in similar industry. If not, he should exhibit that he has entrepreneurial qualities and can take initiatives. Q2. While taking such initiatives, did you ever-encountered resistance (related to both material and human) and how did you managed it? This question should elaborate the interpersonal skills along with controlling and management skills of the candidate. Q3. Can you give some examples of your achievements as a team player or while...
2 Pages(500 words)Research Paper

MGMT458 U1 IP AVON

...AVON Mission ment Question Avon’s vision and mission is “To be the company that understands and satisfies the products, services and self-fulfillment needs of women-globally” (Avon, 2014). They represent empowering women by offering job opportunities; fighting breast cancer and domestic violence. To achieve a healthy balance between employees’ personal and work life, Avon offers benefits such as service rewards, health care, employee assistant programs, child care vouchers, annual leave entitlement, and flexible work hours to name a few (Avon, 2014). "Avons mission is centered on six-center yearnings the organization consistently strives to attain," starts Avons Mission statement. At that point, it goes on. It weighs in at 249... Mission...
2 Pages(500 words)Research Paper

U1 Discussion

...Cause of IP Address Conflict and its Resolution s Cause of IP Address Conflict and its Resolution As a network administrator, I am tasked with maintaining the computer software and hardware systems which make up the computer network, such as, monitoring and maintaining of either converged infrastructure or active data network, monitoring network traffic, testing the network for weakness, and installing and implementing security programs (Bautts, Dawson, & Purdy, 2010). The Dynamic Host Configuration Protocol (DHCP) is a network protocol which enables the server to assign automatically an IP address to a computer from a definite scope configured from a certain network. The DCHP allows the network administrator to supervise... of IP Address...
1 Pages(250 words)Coursework

CIS 206 U1 Discussion

...Fedora Comparison to other Linux Distributions School Linux operating system has many distributions that come up with several operating systems. The major operating systems and distributions are Debian, Ubuntu, Arch, and Red hat. Debian distribution produces operating systems like Ubuntu while Red-hat produces fedora and arch produce the Arch Linux. Other notable Linux distributions include OpenSuse, CentOS, Mint, Mandriva and Kali Linux formerly backtrack. In the text, we will focus on Fedora, Ubuntu and Arch Linux. Fedora started in 2002 as a spun off from an undergraduate project called Fedora Linux and is supported by the open-source community. Ubuntu is a fork of Debian, that is on of the oldest Linux distributions available...
1 Pages(250 words)Essay

CIS 206 U1 Review Assigment

...Computer Sciences and Information Technology Reasons why Linux is Popular Linux is popular because it has unique, as well as powerful features. It can work as a control program for computers. In addition, it is a well-orchestrated family of utility programs and a set of tools, which allow users to connect and use its utilities to build systems and applications (Sobell, 2012). Linux is popular in academia as students can easily understand it. It supports several codes and a rich software development environment. The development of Linux from the time it was UNIX took the effort of universities took the efforts of university and college students to publicize it. Linux also offers more flexible and configuration options... Sciences and...
1 Pages(250 words)Coursework

CIS212 U1 Discussion

...is with reviewing of the security mechanisms to ascertain and ensure that frequent testing is done on them and maintained as well. There are various common means of authentication. The notion is to get the victim known to be what they allude to be. Essentially there is user authentication and entity authentication. As a result, we have form authentication that entails passing in a username and password on web pages to gain access. Cookies are authentication mechanisms as a means to achieve entity authentication. It accomplishes this through the use of sessions. Authentication at the infrastructure will involve the use of DNS names. They are applicable where applications need to allow access to other hosts. In addition,...
1 Pages(250 words)Essay

CIS212 U3 Discussion

...How Users Access and Logon to Systems Access control tools are concerned with determining the allowed activities of legitimate users, mediating between every attempt by a user to access a particular resource in the system. Its main objective is to make sure that undesired users do not get access to certain information; only those who are allowed can access. Role-based access control and Discretionary Access Control both are based on defining the roles and adding each user to the system. Authorization and privileges are granted. The main difference between these two user control assets is that RBAC has ease of management while DAC is complicated since each new user has to go through all the details the user needs access to and add... Users...
1 Pages(250 words)Essay

CIS126 U1 Discussion 2 - 1

...The Dark Side of Object Technology Insert Insert Object technology became prevalent in industrial languages as from 80’s but became established in other languages like Java and UML in the 90s. The evolving nature of Object Technology has caused many companies to reexamine their legacy codes to ensure that it matches it. The progress and acceptability of Object Technology have been growing significantly in the market. In the recent years, some languages like C++ and Java have considerably advanced in the use of Object Technology. Despite the many benefits that object technology poses, its weaknesses include them being complex legacies that scare its owners. The latter has made timely delivery a complicated process. TDD... Dark Side of Object...
1 Pages(250 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic CIS212 U1 Review for FREE!

Contact Us