Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Imagine you are the network administrator for your univerisity’s network and tha

ID: 3916643 • Letter: I

Question

Imagine you are the network administrator for your univerisity’s network and that you supervise eight network technicians who are responsible for day-to-day installations, upgrades, and troubleshooting. Describe the goals of the security policy you would have in place. For each answer, please explain your reasoning. Imagine you are the network administrator for your univerisity’s network and that you supervise eight network technicians who are responsible for day-to-day installations, upgrades, and troubleshooting. Describe the goals of the security policy you would have in place. For each answer, please explain your reasoning.

Explanation / Answer

Q1) Describe the goals of the security policy you would have in place. For each answer, please explain your reasoning.

The main 3 goals of Security Policy includes:-

Confidentiality

Integrity

Availability

1. Confidentiality - The confidentiality aspect refers to limiting the disclosure and access of information to only the people who are authorized and preventing those not authorized from accessing it. Through this method, a company or organization is able to prevent highly sensitive and vital information from getting into the hand of the wrong people while still making it accessible to the right people.

Encryption: To begin with, encryption of data involves converting the data into a form that can only be understood by the people authorized. In this case, the information is converted in to the cipher text format that can be very difficult to understand. Once all security threats have been dealt with, the information can then be decrypted which means that the data can be converted back to its original form so that it can be understood. The encryption process can involve the use of highly sophisticated and complex computer algorithms. In this case, the algorithms cause a rearrangement of the data bits into digitized signals. If such an encryption process is used, then decryption of the same information requires one to have the appropriate decryption key. The encryption process should be carried out on data at rest; that is data stored on a hard drive or USB flash. Data in motion should also be encrypted. In this case, data in motion refers to all kind of data that is traveling across a network.

Access controls: Access controls is also another way of ensuring confidentiality. This means that one set various policies and standards when accessing information and other organization resources. One can choose to use passwords where an individual with the motive of accessing some information must provide a password so as to gain access. In most cases, one will have to set access controls to work on the basis of identification and authentication. One can use unique user identification cards for the identification process. The verification process means that one can use items such as biometric readers and passwords so as to allow access. One can also implement physical access policies where all employees in an organization have work badges permitting them to access and use and facility or resource in the organization.

Steganography: Steganography is also another aspect that can be used to enforce confidentiality. Basically, this is hiding information. This means that the goal of this criterion is to hide information and data from third party individuals. Steganography can involve the use of microdots and invisible ink to hide data and information.

2. Integrity - Integrity is another security concept that entails maintaining data in a consistent, accurate and trustworthy manner over the period in which it will be existent. In this case, one has to ensure that data is not changed in the course of a certain period. In addition, the right procedures have to be taken to ensure that unauthorized people do not alter the data.

Hashing: Hashing is a kind of cryptographic science that involves the conversion of data in a manner that it is very impossible to invert it. This is mainly done when one is storing data in some storage device so that an individual who gains access to it cannot change it or cause some alterations.

Digital signatures: Digital signatures are special types of data safety maintenance where a special kind of signature is required to access some particular information. The signature can be in the form of QR code that must be properly read so as to access data.

Certificates: These are special types of user credentials that are required so as to gain access to some particular information. In this case, an individual without such certificates cannot access that piece of information. These certificates tend to guarantee some permission and rights.

Non-repudiation: Based on information security, non-repudiation is a cryptographic property that provides for the digital signing of a message by an individual who holds a private key to a particular digital signature.

3. Availability - The concept of availability refers to the up time maintenance of all resources and hardware. This means that all the hardware and resources one have are functional all the time. It can also involve carrying out of regular hardware repairs.

Redundancy: Redundancy is a concept that is mainly based on keeping things up and running in one's organization even with the absence of one important component. One idea behind redundancy is to keep things running and maintaining an uptime. With redundancy, one need to be sure that all one's network components and resources are working properly and that we are able to use all the resources available to us. This means that one's organization continues to function normally and as usual.

In this case therefore, one need to ensure that one has no hardware failure. In this case, one can have redundant servers or power supplies. With this, in case of a power outage, all one's systems will continue running efficiently because of there is another power supply available at one's disposal. With such redundancies, one is sure that if one component fails, there is another one that is there available and ready to take its place.

Fault tolerance: Fault tolerance is also another aspect of availability. This basically means that the system is up and working properly even when some of its components fail.

?Please let me know in case of any clarifications required. Thanks!

Related Questions

Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #1991440
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #1991473
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #1991660
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #2317409
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #2317608
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #2317611
Imagine you are measuring the output of a sensor in the lab, and you find the si
Question #2317627
Imagine you are now the owner of your own business. Tell us what business you ow
Question #1186884
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Imagine you are the marketing director for a company that makes fruit snacks for
Next
Imagine you are the only person on the whole of planet Earth. Standing on the Ea

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.