Issc342 Assignment 1

In: Computers and Technology

Submitted By mjlippold
Words 496
Pages 2
1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.
When considering the security of a system you will need to determine all the possible threats, vulnerabilities, and attacks. You will also need to consider the appropriate tradeoffs between security on one hand, and usability and cost on the other. A threat is the possibility of system compromise. For example, a threat could be the potential for unauthorized people to gain access to sensitive information, such as credit card information or health records. Microsoft (2005) Threats usually involve confidential information. An attack takes advantage of an existing vulnerability. For example, suppose a malicious user knows that some users have weak passwords and tries guessing them until gaining access to restricted resources. It is important to realize the different types of security attacks you might encounter. Once you understand these, you will learn the appropriate countermeasures to take. Microsoft (2005) The three main types of attacks are: Disclosure of data, Corruption of data, and Denial of service. Disclosure refers to unauthorized or inappropriate access to sensitive data. This is probably the most common form of attack. An example of disclosure is a file that holds confidential payroll information. If this file finds its way into the hands of someone who should not be privy to the data, then the data has been disclosed. Data corruption is mainly the realm of a computer virus, rather than that of intruders. Very few intruders actually wish to destroy data; most attack computer systems for entertainment and for the intellectual challenge. If data is corrupted, the only real remedy is restoration from a previous backup. Denial-of-service attacks have become one of the most common forms of attack on the Internet today because many can be…...

Similar Documents

Issc342 Assignment 1

...1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit. When considering the security of a system you will need to determine all the possible threats, vulnerabilities, and attacks. You will also need to consider the appropriate tradeoffs between security on one hand, and usability and cost on the other. A threat is the possibility of system compromise. For example, a threat could be the potential for unauthorized people to gain access to sensitive information, such as credit card information or health records. Microsoft (2005) Threats usually involve confidential information. An attack takes advantage of an existing vulnerability. For example, suppose a malicious user knows that some users have weak passwords and tries guessing them until gaining access to restricted resources. It is important to realize the different types of security attacks you might encounter. Once you understand these, you will learn the appropriate countermeasures to take. Microsoft (2005) The three main types of attacks are: Disclosure of data, Corruption of data, and Denial of service. Disclosure refers to unauthorized or inappropriate access to sensitive data. This is probably the most common form of attack. An example of disclosure is a file that holds confidential payroll information. If this file finds its way into the hands of someone who should not be privy to the data, then the data has been disclosed. Data corruption is...

Words: 496 - Pages: 2

Assignment 1

...Brian Romero 1/24/14 Week 5 TBLS Assignment Denise, Haynes How I can see this exercise helping to support the choices I have made to improve my outlook would be that we should never judge anybody. The way that I look at it would be that everyone has their mistakes, their bad times and their own way that they look at life. We should never judge anybody by the way they look, our the way they dress or even the way they dress. Everyone has their own lifestyle, and everyone is different in their own way. We should never talk about someone because we have never been are never will be the person that we are judging. Others should know that it doesn’t only hurt the people that we are judging but it hurts us as well because we are judging someone else and we don’t even have the full story of that person. I have always been told that we should never judge others, because we don’t like it when others judge us so why should we judge other people for what they do or say. The activity has made me see that we all have our own way that we look at things. I have learned that we should treat others with the same respect that we are treated by them. We should never judge are even point fingers at someone are the way that person has their own lifestyle. We should all give everyone the proper respect that others give us. I have become more positive with the way that I look at others and keep myself from not judging others as they would not judge me. I put all the negative outlooks...

Words: 447 - Pages: 2

Assignment 1

...1: Instructor-Graded Assignment Nick Milazzo (NAM 744) 1. Some people are pessimistic about the chances of making people virtuous but optimistic about the chances of having good government without virtue. They say that because of checks and balances and all of the other paraphernalia of complex government, civic virtue isn’t really necessary; bad people will keep each other from doing any serious injustice. Do you think this claim is true? Why or why not? I totally disagree with this claim for a couple of reasons. One, checks and balances are not necessarily fail-proof. For instance, the check on the Legislative Branch is the Presidential veto, but the Legislature can still override this veto with a 2/3 vote. If the Legislature is completely corrupt and without virtue then, it might override vetoes and pass legislation that are evil or in some way detrimental to society. Secondly, civic virtue is the motivation behind good government. Good government is supposed to serve and protect its people, two aspects of virtue. If the people running the Government are not virtuous then it is impossible for the Government to perform its duties and fulfill its purpose. Both the Federalists and Anti-Federalists agreed that civic virtue is necessary for a republic, such as the United States, to exist. 2. As you are reading the debates at the Constitutional Convention, make a list for yourself of the various conflicting interests that delegates had to compromise...

Words: 1057 - Pages: 5

Issc342

...LAB #1 – ASSESSMENT WORKSHEET Configure Active Directory and Implement Departmental and User Access Controls Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured Windows Active Directory to create Department and User accounts, and set unique read/write folder and fi le access privileges. You used the Windows Configuration Applet and Group Policy Management console to create and test configurations and read/write of several fi les with specific access controls. You also used group policy objects to restrict access to certain users and groups at the directory, folder, and fi le level. Lab Assessment Questions & Answers 1. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. 2. Is it a good practice to include the account or user name in the password? Why or why not? 3. To enhance the strength of user passwords, what are some of the best practices to implement for user password definitions to maximize confidentiality? 4. Can a user defined in Active Directory access a shared drive if that user is not part of the domain? 5. Does Windows Server 2008 R2 require a user’s logon/password credentials prior to accessing shared drives? 6. When looking at the Active Directory structure for Users and Computers, which group has the least amount of implied privileges? 7. When granting access to LAN systems for guests...

Words: 363 - Pages: 2

Issc342 Lab 3 Q&a

...Lab 3 Questions and Answers 1. Within a Microsoft® Windows 2008 server R2 environment, who has access rights to the EFS features and functions in the server? Only the users that have been given the rights to encrypt files and have rights to encrypt and decrypt. 2. BitLocker can enable three modes of access control on drives. List these three modes. The three modes are TPM, PIN, and USB. 3. What feature and function can you enable to mitigate the risk caused by USB thumb drives moving confidential data to/from a USB hard drive? You can use either a smartcard or a USB key/password through windows prompts. 4. What are some best practices you can implement when encrypting BitLocker drives and the use of BitLocker recovery passwords? Well whenever you encrypt BitLocker drives and use BitLocker passwords, windows will give you options of ways to store the passwords. You can save to a USB flash drive, save to a file, or print the recovery key out. 5. What encryption algorithm is supported by BitLocker? The main type is Asymmetric algorithm. 6. What is the Trusted Platform Module (TPM) within BitLocker, and how does this verify the integrity of the workstation domain and laptop boot process? (TPM) uses a microchip to manage and protect the key used for volume encryption and decryption. BitLocker uses a combination of TPM, PIN, and USB keys to verify the integrity of the boot processes. 7. How do you grant additional...

Words: 467 - Pages: 2

Assignment 1

...Procurement Assignment 1- Part A Industry: Automobile Ancillaries (Tyres & Tubes) Financial Year 2011-2012 | Turnover of Indian Tyre Industry | Rs. 43,000 Crores | Tyre Production (Tonnage) | 15 lakh M.T. | Tyre Production – All Categories (Nos.) | 2254 Lakh | Tyre Export from India (Value) : | Rs. 4209 crores | Number of tyre companies: | 39 | Industry Concentration | 10 Large tyre companies account for over 95% of total tyre production. | Radialisation Level - Current  (as a % of total tyre production) | Passenger Car tyres: 98%  Light Commercial Vehicles: 20% Heavy Vehicles ( Truck & Bus ): 18% | Major Players of Tyres & Tubes in India * MRF Tyres Ltd. * Apollo Tyres Ltd. * CEAT Ltd. * Balkrishna Industries Ltd. * Govind Rubber Ltd. * Falcon tyres Ltd. * JK Tyres & Industries Ltd. Company of Interest: MRF Tyres Ltd. Company Background: Mr K. M. Mammen is the CMD of the company. The promoters hold about 26% of the total equity in the company, while institutional investors hold about 14% and individuals hold about 34%. Industry group: Tyres & tubes Main product / service: Tyres Ownership group: MRF Group Entity type: Public Ltd. Incorporation year: 1960 Size group: Top decile Ranking: Global Ranking 2012 Ranking | 2011Ranking | Company  | 2011 tyre sales (100 million U.S.dollars | 2010 tyre sales (100 million U.S.dollars) | 2009 tyre sales (100 million U.S.dollars) | 17...

Words: 1051 - Pages: 5

Assignment 1

...Assignment 1 I. The Broken Window a. There seems to be a key element of opportunity cost within the first section regarding the broken window, with the exception of what is not seen is the opportunity cost. This highlights key elements of economics but not necessarily public policy. With the destruction of the window there doesn’t seem to be any mandated public policy that would necessarily require, at least not that is brought up within this section. The economics play into factor when James B. spends money to pay the glazier to fix the window, which supplements the glazier’s business, who in turn supplements the suppliers business and begins kind of a ripple of effect of sorts in the economy several parties benefit from the broken window, not just one. II. The Disbanding of Troops b. Both economics and public policy come into play with this section. The government has the ability to enact public policy that pertains to the troops, which could entail how many troops are to be held at certain times and how much they get paid. The economics, to my understanding are a little bit tricky when the government increases the number of required troops. On one hand they decrease the amount of men or women that are in the industries working and putting goods or services into the economy, but on the other hand it seems that the government replaces it by the need of having to buy supplies and goods necessary to support the troops that it requires. III. Taxes...

Words: 683 - Pages: 3

Issc342 Lab4

...Lab #4 Operating Systems: Hardening and Security March 1st, 2015 Lab Assessment Questions & Answers 1. What is the one thing that a virus, a worm, spyware, and malicious code have in common? What are the differences among these three threats: a virus, a worm, and spyware? A virus, worm and spyware all have in common that they replicate themselves into the network’s system. Some of the differences between the three are that worms can edit files, viruses need a host file to propagate itself and a spyware can steal very sensitive information within the network. 2. How often should you update your antivirus protection? You should update your antivirus protection daily to always keep your network secured. 3. Why is it a best practice to have and to carry an antivirus boot-up disk or CD? It is best practice to use an antivirus boot-up or CD because it can bypass any files that are meant to protect the malware from being detected during scans. 4. In a corporate environment, should new antivirus definitions be installed as soon as they are available? Yes, in a corporate environment antivirus programs should be installed right away to protect the company’s files. 5. Is the manual quick scan good enough protection for a system? No a manual quick scan is not good enough protection for a system the files also have to be deleted. 6. What best practices for the workstation domain that can mitigate the risks and threats caused by malicious...

Words: 421 - Pages: 2

Issc342

...Running head: Cyber Security Securing Networks Wagner, Juan ISSC342 ABSTRACT As our dependency on technology grows so does the need to protect the data contained in them. We live in a world where digital imaginary data has become just as important if not more than actual physical work these machines perform. One of the biggest jobs for any respectable firm is the ability to protect its information from the unrelenting attacks by hackers, insiders, social engineers and software exploits. this is an on going struggle that will never end. The reality is there is no way to fully and completely protect a network. The second best thing we can do as IT professionals is ensure protocols that have resulted in having a more secure network are being met. Since most of the errors in the world are human errors we must take extra consideration when securing a network. Computers don't make mistakes only people make mistakes. Finally as professionals we must do our job in researching new exploits, tools and reasons why someone would want to perform a cyber attack on said company. INTRODUCTION In the IT world knowledge is power, and there is much to be learned if a corporation is to be able to perform at an AAA level. There are many things that can go wrong in regards to intellectual property. Some of those things are certificates, classification of data, and how computing devices are used. In conjunction with the material professionals also should be actively...

Words: 1917 - Pages: 8

Assignment 1

...Professor Teresa Wilburn PSY 105 November 1, 2012 Assignment 1: Preferences ` I coach track and field and until a year ago, I could not run one lap around the track. I started out slowly but I am now able to run miles without stopping and I love it! Track and Field is a competitive sport with various athletic contests that include running (road, cross-country and race walking), jumping and throwing. It is normally an individual sport with athletes competing against each other to decide a single victor. The racing events, which are categorized as sprints, middle and long distance, hurdling and relays, are won by the fastest times. The jumping (long jump, triple jump and pole vault) and throwing (shot put, javelin, discus and hammer) events are won by the athlete with the furthest distance or height. I was first introduced to the sport of track and field in 2001 when my daughter who was six years old at the time, took a liking to running. Five days out of the week, I would take her to practice and before I knew it, I was assisting the coaches. By 2003, I was an assistant coach of this local track club and in 2005 I became certified by U.S Track and Field to be a coach. In 2011, I started my very own track club in my area. Although it is not a requirement to have been a track and field athlete to become a coach, I felt like I needed to put some experience with the book knowledge I had gained. I saw the physical and emotional difference in those...

Words: 885 - Pages: 4

Assignment 1

...Assignment Module 1 – Leadership Due Date: by Friday of Week 6  Weight:    20% of final grade  Penalty:    10% for work submitted up to one week late and 25% for work submitted up to two weeks late (work submitted after two weeks will receive a 0%, but must be submitted in order for the course to be completed). The submission to your instructor must be your own analysis. You will be marked on the logic of your written analysis and the application of material covered in the course readings and discussed in the discussion forums | A. Read the Assignment #1 scenario B. Answer each of the following questions ensuring that your response reflects a clear analysis and thorough application of relevant course material. | Feel free to make assumptions about the sub-section in the scenario and attributes of its members in your answers. Each question has a weight of [5] marks. Length of the whole assignment is to be 8 to 10 pages (excluding Title Page). Answer the following: 1. Groups and Teams. Drawing from your knowledge of group dynamics and performance, explain why this sub-section may be ineffective. 2. Decision-making. Select a decision-making approach and explain how you could use it to identify possible problems and potential solutions for this sub-section’s ineffectiveness.    3. Motivation. Select one of the members of the sub-section, and using a theory of motivation, explain why their performance might be low, and how you could help improve it...

Words: 741 - Pages: 3

Assignment 1

...Assignment 1: Background: Imagine that you work for the maker of a leading brand of low-calorie, frozen microwavable food that estimates the following demand equation for its product using data from 26 supermarkets around the country for the month of April. Below lists two options. 1. Compute the elasticities for each independent variable under both options: Option 1: QD= -5200-42P+20PX+5.2I+.20A+.25M (2.002) (17.5) (6.2) (2.5) (.09) (.21) R2=0.55 n=26 F=4.88 QD=-5200-42(500)+20(600)+5.2(5500)+0.20(10000)+.25(5000)=17,650 sold per month Price Elasticity = -42P/Q= -42*(500/17650) =-1.1898 Income Elasticity = 5.2*(5500/17650)=1.6204 PX Elasticity = 20*(600/17650)=0.6799 Advertising Elasticity = .20(10000/17650)=0.1133 Market Size Elasticity = .25*(5000/17650)=0.0708 Option 2: QD= -2000-100p+15A+25PX+10I (5234)(2.29)(525)(1.75)(1.5) R2=.85 n=120 F=35.25 QD=-2000-100(200)+15(640)+25(300)+10(5000)=45100 sold per month Price Elasticity = -100*(200/45100) = 0.4435 PX Elasticity = 25*(300/45100)=0.1663 Income Elasticity = 10(5000/45100)=1.1086 Advertising Elasticity = 15*(640/45100)=0.2129 2. Determine the implications for each of the computed elasticities for the business in terms of short-term and long-term pricing strategies. Provide a rationale in which you cite your results: According to Edmund D. McGarry, “As strictly defined by economists, the phrase "elasticity of demand" means the relative flexibility in the amounts of goods which would...

Words: 969 - Pages: 4

Assignment 1

...Assignment 1: Market Segmentation and Product Positioning New Millennium Affairs: Market Segmentation and Product Positioning Robin Brown Dr. Shirley Todd McLaughlin, CLU, ChFC MKT 500: Marketing Management January 22, 2012 New Millennium Affairs New Millennium Affairs is an event planning company specializing in social event planning. The company will offer specialized services in bridal consulting and party planning for consumers in order to personalize these special events. Our company offers one stop shopping to our customers as we will make all arrangements from venue, caterers, as well as travel arrangements for honeymoons or vacations. New Millennium Affairs is seeking to be one of the top event planning services in the Richmond metro; however, there is currently one location in Chesterfield County, Virginia. There are two employees; one part-time and one full-time. Within the next six months New Millennium Affairs anticipates both employees requires on a full-time basis. Overall, New Millennium Affairs is a small business designed to meet the needs of today’s working middle to upper middle class customers that have little time for outside event planning. Marketing segmentation of New Millennium Affairs is based upon age group and income and will include small private organizations. Consumers under the age of 25 are less likely to utilize the services of an event planner and will not be directly marketed and will generate low revenue for the company...

Words: 712 - Pages: 3

Assignment 1

...Assignment 1 HRM530 Date: April 22, 2012 Describe your approach to this new client in terms of relying upon knowledge you have gained working with other similar situations. South Korean business would be the choice of a new client. In order to effectively adhere to their needs the choice of approach would be the regiocentric staffing approach. This approach will allow us to have an understanding of HRM policies that are given across all the subsidiaries. “This approach considers the needs of the entire region and managers from the host country are often selected for managerial positions in their own country and some may be promoted to regional positions” (McGraw-Hill, 2011). This lets our client know that we are all about finding the best person for the job. This is somewhat the same of what is done in the military in South Korea. The SOFA agreement prevents the United States Government from hiring mostly Americans for the jobs. The agreement is that the Korean Nationals are to hold at least 75% of the jobs on base. That has proven to be true. Every store and restaurant on every base in South Korea is operated by Koreans. It is not easy for any American to get a simple part time job. This is why regiocentic staffing would prove to work effectively. That way jobs are filled based on their nationality in order to keep the confidence of having a new client relationship with the United States. Identify the areas of overlap in the new client organization with others...

Words: 1199 - Pages: 5

Assignment 1

...Assignment 1 Beckey Gordon Diane Taylor McGeehan World Cultures 1/29/2012 1. Clearly state the “mystery” and provide a brief summary of at least two (2) theories which could explain the mystery. Because some theories may sound far-fetched, include the source or promoter of each theory – such as a scientist, a historian, a theologian, etc. Hatshepsut was the only Egyptian woman in power to ever acquire as much respect and power as she held. Although she built beautiful temples and monuments, there is very little evidence that she ever ruled. What is left behind leads us to believe that she was once very respected but then suddenly vanished from record. All of her statues in her palace were found beheaded or defaced, her temple was abandoned, and her remains were never found. The question what caused Egypt to suddenly turn against her and where is her body? Dr. Peter Dormon, an architect who spent years studying the tomb that was closely built near the temple of Deir el-Bahri, claims that although the architect and Hatshepsut’s close advisor, Senenmet built the tomb for her, it became the place where he was laid to rest. Records depict Senenmet and Hatshepsut engaged in provocative poses, suggesting that they were secretly lovers.  It was very common in Royal Egyptian families to marry brothers, sisters, and other relatives to keep a fluent blood lineage. Hatsheput's affair with a commoner could have been seen as a crime and also may have been the reason for...

Words: 1136 - Pages: 5