Case Study 1: Stuxnet
Due Week 2 and worth 60 points
In June 2010, Stuxnet, a complex and highly sophisticated computer worm was discovered by Kaspersky Lab. Stuxnet targeted Siemens industrial Supervisory Control and Data Acquisition (SCADA) systems. It was reported that the worm appeared to target Iran’s uranium enrichment infrastructure. Most computer worms and viruses tend to target consumer systems such as desktop computers and laptop computers.
You can learn more about Stuxnet athttp://www.youtube.com/watch?v=scNkLWV7jSw.
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
Cis 560 Enthusiastic Study / snaptutorial.com
1. CIS 560 Week 2 Case Study 1 Stuxnet
For more classes visit
www.snaptutorial.com
Case Study 1: Stuxnet
Due Week 2 and worth 60 points
In June 2010, Stuxnet, a complex and highly sophisticated computer
worm was discovered by Kaspersky Lab. Stuxnet targeted Siemens
industrial Supervisory Control and Data Acquisition (SCADA) systems.
It was reported that the worm appeared to target Iran’s uranium
enrichment infrastructure. Most computer worms and viruses tend to
target consumer systems such as desktop computers and laptop
computers.
You can learn more about Stuxnet
athttp://www.youtube.com/watch?v=scNkLWV7jSw.
Write a four to five (4-5) page paper in which you:
1. Analyze the level of security requirements between industrial systems
and consumer devices such as desktop computers. Address if they should
be the same or different.
2. 2. Analyze the anatomy of Stuxnet and how it was able to damage Iran’s
SCADA systems.
3. Evaluate the lessons that were learned from Stuxnet about the
vulnerability of Iran’s SCADA systems. Suggest how the attacks could
have been prevented.
4. Provide five (5) guidelines that should be used to reduce a network’s
attack surface for industrial control systems.
5. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Describe methods that mitigate risk to an IT infrastructure’s with
confidentiality, integrity, availability and access controls
3. • Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
CIS 560 Week 2 Case Study 1: Stuxnet
For more classes visit
www.snaptutorial.com
Case Study 1: Stuxnet
Due Week 2 and worth 60 points
In June 2010, Stuxnet, a complex and highly sophisticated computer
worm was discovered by Kaspersky Lab. Stuxnet targeted Siemens
industrial Supervisory Control and Data Acquisition (SCADA) systems.
4. It was reported that the worm appeared to target Iran’s uranium
enrichment infrastructure. Most computer worms and viruses tend to
target consumer systems such as desktop computers and laptop
computers.
You can learn more about Stuxnet
athttp://www.youtube.com/watch?v=scNkLWV7jSw.
Write a four to five (4-5) page paper in which you:
1. Analyze the level of security requirements between industrial systems
and consumer devices such as desktop computers. Address if they should
be the same or different.
2. Analyze the anatomy of Stuxnet and how it was able to damage Iran’s
SCADA systems.
3. Evaluate the lessons that were learned from Stuxnet about the
vulnerability of Iran’s SCADA systems. Suggest how the attacks could
have been prevented.
4. Provide five (5) guidelines that should be used to reduce a network’s
attack surface for industrial control systems.
5. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
5. or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Describe methods that mitigate risk to an IT infrastructure’s with
confidentiality, integrity, availability and access controls
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
CIS 560 Week 3 Assignment 1 Access Restrictions
(2 Papers)
6. For more classes visit
www.snaptutorial.com
Assignment 1: Access Restrictions
Due Week 3 and worth 80 points
In a business environment, controlling who has access to business
information and at what level is critical for facilitating day-to-day
business operations. There are three levels of information access: no
access, read access, and read-write access. Use a business of your
choice to answer the criteria for this assignment.
Write a four to five (4-5) page paper in which you:
1. Identify the business you have selected.
2. Create five (5) cases in which the no-access level should be applied
within the selected business environment. Explain the reasons for no
access.
3. Provide five (5) cases in which the read-access level should be
applied within a business environment. Explain the reasons for read
access.
7. 4. Provide five (5) cases in which the read-write level should be applied
within the selected business. Explain the reasons for read-write access.
5. Determine the type of access levels you would provide to a contractor
or consultant.
6. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
8. **********************************************************
CIS 560 Week 3 Assignment 1: Access
Restrictions (2 Papers)
For more classes visit
www.snaptutorial.com
Assignment 1: Access Restrictions
Due Week 3 and worth 80 points
In a business environment, controlling who has access to business
information and at what level is critical for facilitating day-to-day
business operations. There are three levels of information access: no
access, read access, and read-write access. Use a business of your
choice to answer the criteria for this assignment.
Write a four to five (4-5) page paper in which you:
9. 1. Identify the business you have selected.
2. Create five (5) cases in which the no-access level should be applied
within the selected business environment. Explain the reasons for no
access.
3. Provide five (5) cases in which the read-access level should be
applied within a business environment. Explain the reasons for read
access.
4. Provide five (5) cases in which the read-write level should be applied
within the selected business. Explain the reasons for read-write access.
5. Determine the type of access levels you would provide to a contractor
or consultant.
6. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
10. • Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
CIS 560 Week 4 Case Study 2 Cisco’s Remote
Access (2 Papers)
For more classes visit
www.snaptutorial.com
Case Study 2: Cisco’s Remote Access
Due Week 4 and worth 60 points
11. Go to Cisco’s Website and read, “How Cisco IT Provides Remote
Access for Small Offices and Teleworkers”, located at
http://bit.ly/MkvlbA. According to the study, an IDC forecast from
December 2007, expected the global mobile worker population to
increase from 758.6 million in 2006 to more than 1.0 billion in 2011.
Cisco had a significant number of telecommuting employees and faced
three challenges: provide network access features that cannot be
supported on a software VPN client, automate and simplify router
provisioning and updates, and enable a scalable VPN solution to
support up to 30,000 workers.
Write a four to five (4-5) page paper in which you:
1. Evaluate the deployment cost savings realized by Cisco, and
determine if it was significant.
2. Analyze how the solution deployed by Cisco improved:
1. employee productivity
2. satisfaction
3. retention
1. Discuss how Cisco was able to achieve VPN scalability to support
thousands of users.
2. When thousands of employees telecommute and work in virtual
offices, there are benefits to the environment. Discuss the environmental
impact of the Cisco telecommuting and virtual offices solution.
3. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
12. Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
13. CIS 560 Week 4 Case Study 2: Cisco’s Remote
Access (2 Papers)
For more classes visit
www.snaptutorial.com
Case Study 2: Cisco’s Remote Access
Due Week 4 and worth 60 points
Go to Cisco’s Website and read, “How Cisco IT Provides Remote
Access for Small Offices and Teleworkers”, located at
http://bit.ly/MkvlbA. According to the study, an IDC forecast from
December 2007, expected the global mobile worker population to
increase from 758.6 million in 2006 to more than 1.0 billion in 2011.
Cisco had a significant number of telecommuting employees and faced
three challenges: provide network access features that cannot be
supported on a software VPN client, automate and simplify router
provisioning and updates, and enable a scalable VPN solution to
support up to 30,000 workers.
Write a four to five (4-5) page paper in which you:
14. 1. Evaluate the deployment cost savings realized by Cisco, and
determine if it was significant.
2. Analyze how the solution deployed by Cisco improved:
1. employee productivity
2. satisfaction
3. retention
1. Discuss how Cisco was able to achieve VPN scalability to support
thousands of users.
2. When thousands of employees telecommute and work in virtual
offices, there are benefits to the environment. Discuss the environmental
impact of the Cisco telecommuting and virtual offices solution.
3. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
15. The specific course learning outcomes associated with this assignment
are:
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
CIS 560 Week 7 Assignment 2 Single Sign-On
Access (2 Papers)
For more classes visit
www.snaptutorial.com
Assignment 2: Single Sign-On Access
16. Due Week 7 and worth 80 points
Some business and organizationalnetwork infrastructures consist of
multiple systems from the same or different vendors to provide, conduct,
process, and execute various business functions. Some employees must
access one or more of these systems using valid access credentials
(username and password). Logging in and out of each system whenever
access is desired can become a problem for most users. Businesses and
organizations have resorted to using Single Sign-On (SSO) for user
authentication and authorization.
Write a four to five (4-5) page paper in which you:
1. Analyze at least five (5) problems experienced by employees in an
enterprise where Single Sign-On (SSO) has not been implemented.
2. Some businesses and organizationsuse Active Directory (AD) to
provide SSO access to the enterprise. Analyze the advantages and
disadvantages of using AD for SSO access.
3. Some businesses and organizationsuse Lightweight Directory Access
Protocol (LADP) to provide SSO access to the enterprise. Analyze the
advantages and disadvantages of using LADP for SSO access.
4. Compare and contrast a Kerberos-based SSO configuration to a
smart card based configuration in terms of:
1. configurability
2. established standards
3. implementation challenges
4. cost
1. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
17. Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior
• Use technology and information resources to research issues in access
control.
Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions
**********************************************************
18. CIS 560 Week 7 Assignment 2: Single Sign-On
Access (2 Papers)
For more classes visit
www.snaptutorial.com
Assignment 2: Single Sign-On Access
Due Week 7 and worth 80 points
Some business and organizationalnetwork infrastructures consist of
multiple systems from the same or different vendors to provide, conduct,
process, and execute various business functions. Some employees must
access one or more of these systems using valid access credentials
(username and password). Logging in and out of each system whenever
access is desired can become a problem for most users. Businesses and
organizations have resorted to using Single Sign-On (SSO) for user
authentication and authorization.
Write a four to five (4-5) page paper in which you:
1. Analyze at least five (5) problems experienced by employees in an
enterprise where Single Sign-On (SSO) has not been implemented.
19. 2. Some businesses and organizationsuse Active Directory (AD) to
provide SSO access to the enterprise. Analyze the advantages and
disadvantages of using AD for SSO access.
3. Some businesses and organizationsuse Lightweight Directory Access
Protocol (LADP) to provide SSO access to the enterprise. Analyze the
advantages and disadvantages of using LADP for SSO access.
4. Compare and contrast a Kerberos-based SSO configuration to a
smart card based configuration in terms of:
1. configurability
2. established standards
3. implementation challenges
4. cost
1. Use at least three (3) quality resources in this assignment.Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
20. The specific course learning outcomes associated with this assignment
are:
• Define authorization and access to an IT infrastructure based on an
access control policy framework.
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior
• Use technology and information resources to research issues in access
control.
Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions
**********************************************************
CIS 560 Week 9 Assignment 3: Secure Encrypted
Communications (2 Papers)
For more classes visit
www.snaptutorial.com
21. Assignment 3: Secure Encrypted Communications
Transmitting personal and business data and information over secure
communication channels is critical. In some cases it is required,
especially when personally identifiable information is being transmitted.
Credit card numbers, Social Security Numbers, online purchases,
business orders, and so on must all be transmitted over secure
communication channels. The Public Key Infrastructure (PKI) provides
the most widely used secure communications technology. PKI relies on
encryption.
Write a four to five (4-5) page paper in which you:
Compare and contrast symmetric encryption to asymmetric encryption.
PKI uses digital certificates to encrypt / decrypt data. Analyze the
process of encrypting and decrypting data using a digital certificate.
Evaluate the advantages and disadvantages of using digital certificates.
Evaluate the challenges related to public and private key management
when using PKI.
Use at least three (3) quality resources in this assignment.
Note:Wikipedia and similar Websites do not qualify as quality
resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
22. page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
CIS 560 Week 9 Assignment 3 Secure Encrypted
Communications (2 Papers)
For more classes visit
www.snaptutorial.com
Assignment 3: Secure Encrypted Communications
Transmitting personal and business data and information over secure
communication channels is critical. In some cases it is required,
especially when personally identifiable information is being transmitted.
Credit card numbers, Social Security Numbers, online purchases,
business orders, and so on must all be transmitted over secure
communication channels. The Public Key Infrastructure (PKI) provides
the most widely used secure communications technology. PKI relies on
encryption.
Write a four to five (4-5) page paper in which you:
Compare and contrast symmetric encryption to asymmetric encryption.
23. PKI uses digital certificates to encrypt / decrypt data. Analyze the
process of encrypting and decrypting data using a digital certificate.
Evaluate the advantages and disadvantages of using digital certificates.
Evaluate the challenges related to public and private key management
when using PKI.
Use at least three (3) quality resources in this assignment.
Note:Wikipedia and similar Websites do not qualify as quality
resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
**********************************************************
24. CIS 560 Week 10 Term Paper The Human
Element (2 Papers)
For more classes visit
www.snaptutorial.com
Term Paper: The Human Element
Human nature is the single greatest vulnerability in any control system
and cannot be ignored. Organizations should always take human
behavior into account when designing access plans and strategies.
Human beings can pose unintentionalthreats when they accidentally
delete data. Hackers may be motivated by financial data when they
attack a system or use social engineering skills to gain access to
restricted data. Consider human nature and organizationalbehavior in
this term paper.
Write an eight to ten (8-10) page paper in which you:
1. Propose five (5) techniques that organizations should apply to
mitigate the threats arising from human nature.
2. Evaluate the consequences of a poor hiring decision. Propose steps
that could be taken to prevent such bad decisions in the first place.
3. Examine what an organization could possibly learn when a policy is
implemented to observe personnel in an ongoing manner.
25. 4. Propose five (5) best practices that you would use to handle human
nature and organizationalbehavior.
5. Use at least three (3) quality resources in this
assignment.Note:Wikipedia and similar Websites do not qualify as
quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************
26. CIS 560 Week 10 Term Paper: The Human
Element (2 Papers)
For more classes visit
www.snaptutorial.com
Term Paper: The Human Element
Human nature is the single greatest vulnerability in any control system
and cannot be ignored. Organizations should always take human
behavior into account when designing access plans and strategies.
Human beings can pose unintentionalthreats when they accidentally
delete data. Hackers may be motivated by financial data when they
attack a system or use social engineering skills to gain access to
restricted data. Consider human nature and organizationalbehavior in
this term paper.
Write an eight to ten (8-10) page paper in which you:
1. Propose five (5) techniques that organizations should apply to
mitigate the threats arising from human nature.
2. Evaluate the consequences of a poor hiring decision. Propose steps
that could be taken to prevent such bad decisions in the first place.
3. Examine what an organization could possibly learn when a policy is
implemented to observe personnel in an ongoing manner.
27. 4. Propose five (5) best practices that you would use to handle human
nature and organizationalbehavior.
5. Use at least three (3) quality resources in this
assignment.Note:Wikipedia and similar Websites do not qualify as
quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
• Include a cover page containing the title of the assignment, the
student’s name, the professor’s name, the course title, and the date. The
cover page and the reference page are not included in the required
assignment page length.
The specific course learning outcomes associated with this assignment
are:
• Define proper security controls within the User Domain to mitigate
risks and threats caused by human behavior.
• Use technology and information resources to research issues in access
control.
• Write clearly and concisely about topics related to Security Access &
Control Strategies using proper writing mechanics and technical style
conventions.
**********************************************************