This document provides an overview of the entire CIS 333 course from SNAP Tutorial, including discussions, labs, assignments, and exams. The course covers topics such as providing security over data, risk management, cryptography, malware, and eliminating threats with a layered security approach. Labs involve tasks like performing reconnaissance and probing with common tools, enabling Windows Active Directory controls, and packet capture analysis. Assignments require identifying potential attacks and vulnerabilities, and developing risk response and recovery plans. The document lists the materials included for each week of the course.
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
Cis 333 Education Redefined - snaptutorial.com
1. CIS 333 Entire Course
For more classes visit
www.snaptutorial.com
PLEASE CHECK ALL INCLUDED PRODUCTS IN THIS
TUTORIAL AS SOME QUIZ MAY BE MISSING
CIS 333 Week 1 Discussion Providing Security Over Data
CIS 333 Week 2 Discussion Risk Management and Malicious Attacks
CIS 333 Week 2 Lab 1 Performing Reconnaissance and Probing Using
Common Tools
CIS 333 Week 3 Discussion
Security Administration and Access Control
CIS 333 Week 3 Case Study 1 Bring Your Own Device (BYOD)
CIS 333 Week 3 Lab 2
CIS 333 Week 4 Discussion Security Monitoring
CIS 333 Week 4 Lab 3 Enabling Windows Active Directory and User
Access Controls
CIS 333 Week 4 Assignment 1 Identifying Potential Malicious Attacks,
Threats, and Vulnerabilities
CIS 333 Week 5 Lab 4 Using Group Policy Objects and Microsoft
Baseline Security Analyzer for Change Control
CIS 333 Week 5 Discussion Business Impact Analysis (BIA) and Risk
Management
CIS 333 Week 6 Discussion Cryptography
CIS 333 Week 6 Lab 5 Performing Packet Capture and Traffic Analysis
2. CIS 333 Week 6 Case Study 2 Public Key Infrastructure
CIS 333 Week 7 Discussion Network Security
CIS 333 Week 7 Lab 6 Using Encryption to Enhance Confidentiality and
Integrity
CIS 333 Week 8 Discussion The Impact of Malware
CIS 333 Week 8 Assignment 2 Identifying Potential Risk, Response,
and Recovery
CIS 333 Week 8 Lab 7 Performing a Web Site and Database Attack by
Exploiting Identified Vulnerabilities
CIS 333 Week 9 Discussion
CIS 333 Week 9 Lab 8 Eliminating Threats with a Layered Security
Approach
CIS 333 Week 10 Discussion
CIS 333 Week 10 Technical Project Paper Information Systems Security
CIS 333 Week 11 Discussion 1 Course Takeaway
CIS 333 Week 11 Discussion 2 Course Wrap up
CIS 333 Final Exam (3 Sets)
***************************************************
CIS 333 Final Exam (3 Sets)
For more classes visit
www.snaptutorial.com
This Tutorial contains 3 Set of Finals
3. Question 1 SIP is a ___________ protocolused to support real-time
communications.
Question 2 What name is given to a U.S. federal law that requires U.S.
government agencies to protect citizens’ private data and have proper
security controls in place?
Question 3 This security appliance examines IP data streams for
common attack and malicious intent patterns.
Question 4 What name is given to an exterior network that acts as a
buffer zone between the public Internet and an organization’s IT
infrastructure (i.e., LAN-to-WAN Domain)?
Question 5 ____________ is the amount of time it takes to recover and
make a system, application, and data available for use after an outage.
Question 6 The requirement to keep information private or secret is the
definition of __________.
Question 7 The physical part of the LAN Domain includes a
__________,which is an interface between the computer and the LAN
physical media.
Question 8 The _________ Domain connects remote users to the
organization’s IT infrastructure.
Question 9 The world needs people who understand computer-systems
________ and who can protect computers and networks from criminals
and terrorists.
Question 10 With wireless LANs (WLANs), radio transceivers are used
to transmit IP packets from a WLAN NIC to a _____________.
4. Question 11 As users upgrade LANs to GigE or 10GigE, switches must
support ________ and data IP traffic.
Question 122 Under HIPAA, an organization that performs a health care
activity on behalf of a covered entity is known as a(n) ________.
Question 123 Tier C violations under the HITECH Act are ________.
Question 124 The regulating agency for the Federal Information
Systems Management Act is the ________.
Question 125 What is meant by protected health information (PHI)?
***************************************************
CIS 333 Week 1 Discussion Providing Security
Over Data
For more classes visit
www.snaptutorial.com
"Providing Security Over Data" Please respond to the following:
· • The CIA triad (confidentiality, integrity, and availability)
offers three (3) security tenets that allow data owners the framework to
secure data. Considering your place of employment or your home
computing environment, discuss in detail the primary means in which
each of the three (3) tenets are addressed to mitigate risk and enhance
security in your chosen environment.
5. · • The proliferation of mobile devices to create or access
data has had a significant effect on the security concerns surrounding
personal and corporate data. From the selected e-Activity article,
summarize the attack, and determine the key ways in which you would
consider mitigating the threat.
***************************************************
CIS 333 Week 1-11 Discussion
For more classes visit
www.snaptutorial.com
CIS 333 Week 1 Discussion Providing Security Over Data
CIS 333 Week 2 Discussion Risk Management and Malicious Attacks
CIS 333 Week 3 Discussion
CIS 333 Week 4 Discussion Security Monitoring trol
CIS 333 Week 5 Discussion Business Impact Analysis (BIA) and Risk
Management
CIS 333 Week 6 Discussion Cryptography
CIS 333 Week 7 Discussion Network Security
CIS 333 Week 8 Discussion The Impact of Malware
CIS 333 Week 9 Discussion
CIS 333 Week 10 Discussion
CIS 333 Week 11 Discussion 1 Course Takeaway
CIS 333 Week 11 Discussion 2 Course Wrap up
6. ***************************************************
CIS 333 Week 2 Discussion Risk Managementand
Malicious Attacks
For more classes visit
www.snaptutorial.com
"Risk Management and Malicious Attacks" Please respond to the
following:
• With regards to risk-response planning, there are four (4)
responses to negative risks that an organization may pursue: avoid,
transfer, mitigate, and accept. Develop an original and unique scenario
to describe and contrast each of these responses.
• From the selected e-Activity article, describe in detail the way in
which the malware was utilized to steal data or gain privileged remote
access to a computer or network. Suppose you were an IT Security
professional working at the attacked business, and detail the security
controls that you would consider putting into practice that would help to
prevent this and similar types of malware attacks moving forward.
***************************************************
CIS 333 Week 3 Case Study 1: Bring Your Own
Device (BYOD)
7. For more classes visit
www.snaptutorial.com
Case Study 1: Bring Your Own Device (BYOD)
Due Week 3 and worth 60 points
Read the following articles located in the course shell: “The dark side of
BYOD” from TechRepublic and “BYOD As We Know It Is Dead” from
Forbes.
Write a two to three (2-3) page paper in which you:
Identify the primary benefits of BYOD in organizations, and determine
the key ways in which its concepts can enhance an end user’s overall
working experience.
Analyze in detail the major risks surrounding BYOD, and analyze the
security controls and technologies that are currently available and being
utilized to manage these risks.
Provide a real-world example of how BYOD either positively or
negatively affected an organization’s productivity and / or security.
Determine whether or not you would consider implementing BYOD
concepts in a real organization and whether or not the benefits outweigh
the risks.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
8. Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Explain how businesses apply cryptography in maintaining information
security.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
***************************************************
CIS 333 Week 3 Lab 2
For more classes visit
www.snaptutorial.com
CIS 333 Week 3 Lab 2 Performing a Vulnerability Assessment Case
Study 1 Bring Your Own Device (BYOD)
***************************************************
9. CIS 333 Week 4 Assignment 1: Identifying
Potential Malicious Attacks, Threats, and
Vulnerabilities
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
Assignment 1: Identifying Potential Malicious Attacks, Threats, and
Vulnerabilities
Due Week 4 and worth 75 points
You have just been hired as an Information Security Engineer for a
videogame development company. The organization network structure is
identified in the below network diagram and specifically contains:
1) 2 – Firewalls
5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC)
2) 1 – Web / FTP server
6) 3 – File servers
3) 1 – Microsoft Exchange Email server
7) 1 – Wireless access point (WAP)
4) 1 – Network Intrusion Detection System (NIDS)
8) 100 – Desktop / Laptop computers
9) VoIP telephone system
The CIO has seen reports of malicious activity being on the rise and has
become extremely concerned with the protection of the intellectual
10. property and highly sensitive data maintained by your organization. As
one of your first tasks with the organization, the CIO requested you
identify and draft a report identifying potential malicious attacks, threats,
and vulnerabilities specific to your organization. Further, the CIO would
like you to briefly explain each item and the potential impact it could
have on the organization.
Write a four to five (4-5) page paper in which you:
Analyze three (3) specific potential malicious attacks and / or threats that
could be carried out against the network and organization.
Explain in detail the potential impact of the three (3) selected malicious
attacks.
Propose the security controls that you would consider implementing in
order to protect against the selected potential malicious attacks.
Analyze three (3) potential concerns for data loss and data theft that may
exist in the documented network.
Explicate the potential impact of the three (3) selected concerns for data
loss and data theft.
Propose the security controls that you would consider implementing in
order to protect against the selected concerns for data loss and data theft.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
11. Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe the principles of risk management, common response
techniques, and issues related to recovery of IT systems.
Describe how malicious attacks, threats, and vulnerabilities impact an IT
infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
CIS 333 Week 4 Discussion Security Monitoring
For more classes visit
www.snaptutorial.com
"Security Monitoring" Please respond to the following:
• Considering your place of employment or your home computing
environment, discuss in detail the way in which in-depth (or layered)
defense is employed to enhance security in your chosen environment.
• According to the textbook, Intrusion Detection Systems (IDS),
which can be categorized as Host IDS (HIDS) and Network IDS
(NIDS), is a means of providing real-time monitoring. Compare and
contrast HIDS and NIDS, and provide at least one (1) example
identifying when one (1) would be more appropriate to use over the
other. Provide a rationale to support your chosen example.
12. ***************************************************
CIS 333 Week 4 Lab 3 Enabling Windows Active
Directory and User Access Controls
For more classes visit
www.snaptutorial.com
CIS 333 Week 4 Lab 3 Enabling Windows Active Directory and User
Access Controls
***************************************************
CIS 333 Week 6 Case Study 2: Public Key
Infrastructure
For more classes visit
www.snaptutorial.com
This Tutorial contains 2 Papers
Case Study 2: Public Key Infrastructure
13. Due Week 6 and worth 60 points
Suppose you are the Information Security Director at a small software
company. The organization currently utilizes a Microsoft Server 2012
Active Directory domain administered by your information security
team. Mostly software developers and a relatively small number of
administrative personnel comprise the remainder of the organization.
You have convinced business unit leaders that it would be in the best
interest of the company to use a public key infrastructure (PKI) in order
to provide a framework that fosters confidentiality, integrity,
authentication, and nonrepudiation. Email clients, virtual private
network (VPN) products, Web server components, and domain
controllers would utilize digital certificates issued by the certificate
authority (CA). Additionally, the company would use digital certificates
to sign software developed by the company in order to demonstrate
software authenticity to the customer.
Write a two to three (2-3) page paper in which you:
Analyze the fundamentals of PKI, and determine the primary ways in
which its features and functions could benefit your organization and its
information security department.
Propose one (1) way in which the PKI could assist in the process of
signing the company’s software, and explain the main reason why a
customer could then believe that software to be authentic.
Compare and contrast public and in-house CAs. Include the positive and
negative characteristics of each type of certificate authority, and provide
a sound recommendation of and a justification for which you would
consider implementing within your organization. Explain your rationale.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
14. or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Explain how businesses apply cryptography in maintaining information
security.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
***************************************************
CIS 333 Week 6 Discussion Cryptography
For more classes visit
www.snaptutorial.com
"Cryptography" Please respond to the following:
• Considering that, due to its extremely sensitive nature, shared
data that organizations transmit through collaboration must be kept
confidential at all costs, formulate a possible solution that utilizes
symmetric or asymmetric cryptography, and describe the advantages and
15. disadvantages of the selected solution. If you had to select one (1) of the
two (2) encryption options over the other, justify the one that you would
choose, and explain your reasoning.
• From the e-Activity and your own research, give your opinion of
the two (2) most important ways that you believe encryption could assist
in addressing some of the current challenges facing organizations today,
and explain why these solutions are so important. Justify your answer.
***************************************************
CIS 333 Week 6 Lab 5 Performing Packet Capture
and Traffic Analysis
For more classes visit
www.snaptutorial.com
CIS 333 Week 6 Lab 5 Performing Packet Capture and Traffic Analysis
***************************************************
CIS 333 Week 8 Assignment 2: Identifying
Potential Risk, Response, and Recovery
For more classes visit
16. www.snaptutorial.com
Assignment 2: Identifying Potential Risk, Response, and Recovery
Due Week 8 and worth 75 points
In Assignment 1, a videogame development company recently hired you
as an Information Security Engineer. After viewing a growing number of
reports detailing malicious activity, the CIO requested that you draft a
report in which you identify potential malicious attacks and threats
specific to your organization. She asked you to include a brief
explanation of each item and the potential impact it could have on the
organization.
After reviewing your report, the CIO requests that you develop a follow-
up plan detailing a strategy for addressing all risks (i.e., risk mitigation,
risk assignment, risk acceptance, or risk avoidance) identified in
Assignment 1. Further, your plan should identify controls (i.e.,
administrative, preventative, detective, and corrective) that the company
will use to mitigate each risk previously identified.
Write a four to five (4-5) page paper in which you:
For each of the three (3) or more malicious attacks and / or threats that
you identified in Assignment 1, choose a strategy for addressing the
associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or
risk avoidance). Explain your rationale.
For each of the three (3) or more malicious attacks and / or threats
identified in Assignment 1, develop potential controls (i.e.,
administrative, preventative, detective, and corrective) that the company
could use to mitigate each associated risk.
Explain in detail why you believe the risk management, control
identification, and selection processes are so important, specifically in
this organization.
17. Draft a one (1) page Executive Summary that details your strategies and
recommendations to the CIO (Note: The Executive Summary is included
in the assignment’s length requirements).
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; references must follow APA or school-
specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required page length.
The specific course learning outcomes associated with this assignment
are:
Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe the principles of risk management, common response
techniques, and issues related to recovery of IT systems.
Describe how malicious attacks, threats, and vulnerabilities impact an IT
infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
***************************************************
18. CIS 333 Week 9 Lab 8 Eliminating Threats with a
Layered Security Approach
For more classes visit
www.snaptutorial.com
CIS 333 Week 9 Lab 9 Eliminating Threats with a Layered Security
Approach
***************************************************
CIS 333 Week 10 Discussion
For more classes visit
www.snaptutorial.com
Describe one (1) IT position that you currently hold or would like to
hold in the future. Next, explain whether or not you believe obtaining
certifications would help you in the position in question. If so, determine
the certifications that you believe would prove to be helpful. Provide a
rationale for your response.
19. · From the e-Activity, explain the regulatory compliance law that
you researched, and ascertain the effect that information security could
have on such a law. Based on the requirements of the law that you
researched, indicate whether or not you believe that the regulations are
reasonable for organizations to follow. Justify your answer.
***************************************************
CIS 333 Week 10 Technical Project Paper:
Information Systems Security
For more classes visit
www.snaptutorial.com
Technical Project Paper: Information Systems Security
Due Week 10 and worth 150 points
Suppose you are the IT professional in charge of security for a small
pharmacy that has recently opened within a shopping mall. The daily
operation of a pharmacy is a unique business that requires a combination
of both physical and logical access controls geared toward protecting
medication and funds located on the premises, as well as the customers’
personally identifiable information and protected health information that
resides on your system. Your supervisor has tasked you with identifying
inherent risks associated with your pharmacy and establishing strong
physical and logical access control methods to mitigate the identified
risks.
1) Firewall (1)
20. 4) Desktop computers (4)
2) Windows 2012 Active Directory Domain Controllers (DC) (1)
5) Dedicated T1 Connection (1)
3) File Server (1)
Write an eight to ten (8-10) page paper in which you:
Identify at least five (5) potential physical threats that require attention.
Determine the impact of at least five (5) potential logical threats that
require attention.
Detail the security controls (i.e., administrative, preventative, detective,
and corrective) that the pharmacy could implement in order to protect it
from the five (5) selected physical threats.
Explain in detail the security controls (i.e., administrative, preventative,
detective, and corrective) that could be implemented to protect from the
five (5) selected logical threats.
For each of the five (5) selected physical threats, choose a strategy for
addressing the risk (i.e., risk mitigation, risk assignment, risk
acceptance, or risk avoidance). Justify your chosen strategies.
For each of the five (5) selected logical threats, choose a strategy for
handling the risk (i.e., risk mitigation, risk assignment, risk acceptance,
or risk avoidance). Justify your chosen strategies.
Use at least five (5) quality resources in this assignment (no more than
2-3 years old) from material outside the textbook.Note: Wikipedia and
similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
21. The specific course learning outcomes associated with this assignment
are:
Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe how malicious attacks, threats, and vulnerabilities impact an IT
infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Explain the role of access controls in implementing a security policy.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
Explain how businesses apply cryptography in maintaining information
security.
Analyze the importance of network principles and architecture to
security operations.
***************************************************
CIS 333 Week 11 Discussion 1 Course Takeaway
For more classes visit
www.snaptutorial.com
"Course Takeaway" Please respond to the following:
22. Share two new insights about networking security fundamentals you
have discovered from this course.
Explain how this type of course is essential for every network security
professional.
***************************************************
CIS 333 Week 11 Discussion 2 Course Wrap up
For more classes visit
www.snaptutorial.com
"Course Wrap-up" Please respond to the following:
Explain five or more key topics discussed during this course that you
would like to teach a friend who has a minimal level of information
systems security knowledge. Discuss how you can apply the learning
outcomes of this course to your professional and personal life.
***************************************************
CIS 333 Week 11 Exam
For more classes visit
23. www.snaptutorial.com
• Question 1
The world needs people who understand computer-systems
________ and who can protect computers and networks from criminals
and terrorists.
• Question 2
Connecting your computers or devices to the ________
immediately exposes them to
What term is used to describe streamlining processes with
automation or simplified steps?
• Question 19
As users
***************************************************