Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Two three- to five-page research papers each addressing a topic in information s

ID: 3897780 • Letter: T

Question

Two three- to five-page research papers each addressing a topic in information
security in more depth than it may covered in the course. The three pages should be content and do
not include cover page, bibliography, charts, diagrams, figures, appendices or other included
materials. Topics should be of particular interest to you and may be more technical in nature than the
course, but should relate to the management of information security. Papers must have a complete
bibliography citing a minimum of five sources other than the textbook or class notes. You must fully
attribute all material directly quoted and you must document all sources used in the preparation of the
paper using complete, APA-style bibliographic entries, and all in-text citations must also be in APA
style. Failure to format your bibliography entries and citations in APA style will result in an automatic
reduction of one letter grade for this assignment. No more than thirty-three percent of material
included in any paper may be direct quotes. No more than sixty percent of the resources cited may be
from online. However, online ebooks that have a corresponding print version and PDF or EPUB files
located online count as—and should be cited as—print sources. Wikipedia may not be cited.

Explanation / Answer

Security in depth (also known as Castle Approach) is an information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical security for the duration of the system's life cycle.

The idea behind the defense in depth approach is to defend a system against any particular attack using several independent methods. It is a layering tactic, conceived by the National Security Agency (NSA) as a comprehensive approach to information and electronic security. Defense in depth is originally a military strategy that seeks to delay rather than prevent the advance of an attacker by yielding space to buy time.

Defense in depth can be divided into three areas: Physical, Technical, and Administrative

Physical controls - Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physical security involves the use of multiple layers of interdependent systems which include CCTV surveillance, security guards, protective barriers, locks, access control protocols, and many other techniques.

Physical security systems for protected facilities are generally intended to:

It is up to security designers, architects and analysts to balance security controls against risks, taking into account the costs of specifying, developing, testing, implementing, using, managing, monitoring and maintaining the controls, along with broader issues such as aesthetics, human rights, health and safety, and societal norms or conventions. Physical access security measures that are appropriate for a high security prison or a military site may be inappropriate in an office, a home or a vehicle, although the principles are similar.

Administrative controls - Administrative controls are an organization's policies and procedures. Their purpose is to ensure that there is proper guidance available in regards to security and that regulations are met. They include things such as hiring practices, data handling procedures, and security requirements.

Technical controls - Technical controls are hardware or software whose purpose is to protect systems and resources. Examples of technical controls would be disk encryption, fingerprint readers, and Windows Active Directory. Hardware technical controls differ from physical controls in that they prevent access to the contents of a system, but not the physical systems themselves.

Antivirus software, or anti-virus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from: malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT) and botnet DDoS attacks.

Authentication - is the act of confirming the truth of an attribute of a single piece of data claimed true by an entity. In contrast with identification, which refers to the act of stating or otherwise indicating a claim purportedly attesting to a person or thing's identity, authentication is the process of actually confirming that identity. It might involve confirming the identity of a person by validating their identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product is what its packaging and labeling claim to be. In other words, authentication often involves verifying the validity of at least one form of identification.

Biometrics is the technical term for body measurements and calculations. It refers to metrics related to human characteristics. Biometrics authentication (or realistic authentication) is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance. Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are often categorized as physiological versus behavioral characteristics. Physiological characteristics are related to the shape of the body. Examples include, but are not limited to fingerprint, palm veins, face recognition, DNA, palm print, hand geometry, iris recognition, retina and odour/scent. Behavioral characteristics are related to the pattern of behavior of a person, including but not limited to typing rhythm, gait, and voice. Some researchers have coined the term behaviometrics to describe the latter class of biometrics.

Data-centric security is an approach to security that emphasizes the security of the data itself rather than the security of networks, servers, or applications. Data-centric security is evolving rapidly as enterprises increasingly rely on digital information to run their business and big data projects become mainstream. Data-centric security also allows organizations to overcome the disconnect between IT security technology and the objectives of business strategy by relating security services directly to the data they implicitly protect; a relationship that is often obscured by the presentation of security as an end in itself.

A good example of two-factor authentication is the withdrawing of money from an ATM; only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, something that the user knows) allows the transaction to be carried out.

Two-step verification or two-step authentication is a method of confirming a user's claimed identity by utilizing something they know (password) and a second factor other than something they have or something they are. An example of a second step is the user repeating back something that was sent to them through an out-of-bandmechanism. Or the second step might be a 6 digit number generated by an app that is common to the user and the authentication system

Please let me know in case of any clarifications required. Thanks!

Related Questions

Two thin hollow plastic spheres, about the size of a ping-pong ball with masses
Question #2228965
Two thin lenses with a focal length of magnitude 10 cm, the first diverging and
Question #2104684
Two thin lenses with a focal length of magnitude 13.5 cm , the first diverging a
Question #1634177
Two thin lenses with a focal length of magnitude 13.5 cm , the first diverging a
Question #1647344
Two thin lenses with a focal length of magnitude 15.5 cm , the first diverging a
Question #1504954
Two thin lenses with focal lengths 25.0 cm and 30.0 cm are placed in contact in
Question #2097773
Two thin parallel slits that are 1.00×10 2 mm apart are illuminated by a laser b
Question #1401692
Two thin parallel slits that are 1.29 Times 10^-2 mm apart are illuminated by a
Question #1342637

Navigate

Previous
Two threads; Print 1 – 10; 1 thread prints odd; 1 thread prints even Hi I need t
Next
Two tiny 5.0-g ballooms are suspended from two very thin 1.0-m-long threads. The

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.