1. CIS 341 Quiz 1
For more classes visit
www.snaptutorial.com
Question 1
Which attack is prevented by using IPSec in AH mode?
• Question 2
Why is the default implementation of ISS 6.0 more stable than
previous versions?
• Question 3
Which authentication option for IPSec is most appropriate
when computers are not in the same Active Directory forest?
• Question 4
Which type of authentication sends credentials in clear text
across the Internet?
• Question 5
Which IPsec hashing algorithm, used during the creation of a
security association, is the most secure, but also the slowest?
• Question 6
2. Which of the following is a major security risk in FTP?
• Question 7
Which of the following provides automatic IP configuration
for wireless devices?
• Question 8
Which version of HTTP must be supported by browser to us
Digest authentications?
• Question 9
Which feature for 802.1x authentication makes WEP more
secure?
• Question 10
Which tool would you use to keep detailed information about
Web sites usage?
********************************************************
CIS 341 Week 3 Case Study 1: Bring Your Own
Device (BYOD)
3. For more classes visit
www.snaptutorial.com
Case Study 1: Bring Your Own Device (BYOD)
Due Week 3 and worth 60 points
Read the following articles located in the course shell: “The dark side of
BYOD” from TechRepublic and “BYOD As We Know It Is Dead” from
Forbes.
Write a two to three (2-3) page paper in which you:
Identify the primary benefits of BYOD in organizations, and determine
the key ways in which its concepts can enhance an end user’s overall
working experience.
Analyze in detail the major risks surrounding BYOD, and analyze the
security controls and technologies that are currently available and being
utilized to manage these risks.
Provide a real-world example of how BYOD either positively or
negatively affected an organization’sproductivity and / or security.
Determine whether or not you would consider implementing BYOD
concepts in a real organization and whether or not the benefits outweigh
the risks.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
4. Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Explain how businesses apply cryptography in maintaining information
security.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
********************************************************
5. CIS 341 Week 4 Assignment 1: Identifying
Potential Malicious Attacks, Threats, and
Vulnerabilities
For more classes visit
www.snaptutorial.com
Assignment 1: Identifying Potential Malicious Attacks, Threats, and
Vulnerabilities
Due Week 4 and worth 75 points
You have just been hired as an Information Security Engineer for a
videogame development company. The organization network structure is
identified in the below network diagram and specifically contains:
1) 2 – Firewalls
6. 5) 2 – Windows Server 2012 Active Directory Domain Controllers (DC)
2) 1 – Web / FTP server
6) 3 – File servers
3) 1 – Microsoft Exchange Email server
7) 1 – Wireless access point (WAP)
4) 1 – Network Intrusion Detection System (NIDS)
8) 100 – Desktop / Laptop computers
9) VoIP telephone system
The CIO has seen reports of malicious activity being on the rise and has
become extremely concerned with the protection of the intellectual
property and highly sensitive data maintained by your organization. As
one of your first tasks with the organization, the CIO requested you
identify and draft a report identifying potential malicious attacks,
threats, and vulnerabilities specific to your organization. Further, the
CIO would like you to briefly explain each item and the potential impact
it could have on the organization.
7. Write a four to five (4-5) page paper in which you:
Analyze three (3) specific potential malicious attacks and / or threats
that could be carried out against the network and organization.
Explain in detail the potential impact of the three (3) selected malicious
attacks.
Propose the security controls that you would consider implementing in
order to protect against the selected potential malicious attacks.
Analyze three (3) potential concerns for data loss and data theft that
may exist in the documented network.
Explicate the potential impact of the three (3) selected concerns for data
loss and data theft.
Propose the security controls that you would consider implementing in
order to protect against the selected concerns for data loss and data
theft.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
8. page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are: Explain the concepts of information systems security as applied to
an IT infrastructure.
Describe the principles of risk management, common response
techniques, and issues related to recovery of IT systems.
Describe how malicious attacks, threats, and vulnerabilities impact an
IT infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
********************************************************
CIS 341 Week 6 Case Study 2: Public Key
Infrastructure
9. For more classes visit
www.snaptutorial.com
Case Study 2: Public Key Infrastructure
Due Week 6 and worth 60 points
Suppose you are the Information Security Director at a small software
company. The organization currently utilizes a Microsoft Server 2012
Active Directory domain administered by your information security
team. Mostly software developers and a relatively small number of
administrative personnel comprise the remainder of the organization.
You have convinced business unit leaders that it would be in the best
interest of the company to use a public key infrastructure (PKI) in order
to provide a framework that fosters confidentiality, integrity,
authentication, and nonrepudiation. Email clients, virtual private
network (VPN) products, Web server components, and domain
controllers would utilize digital certificates issued by the certificate
authority (CA). Additionally, the company would use digital certificates
to sign software developed by the company in order to demonstrate
software authenticity to the customer.
10. Write a two to three (2-3) page paper in which you:
Analyze the fundamentals of PKI, and determine the primary ways in
which its features and functions could benefit your organization and its
information security department.
Propose one (1) way in which the PKI could assist in the process of
signing the company’s software, and explain the main reason why a
customer could then believe that software to be authentic.
Compare and contrast public and in-house CAs. Include the positive and
negative characteristics of each type of certificate authority, and provide
a sound recommendation of and a justification for which you would
consider implementing within your organization.Explain your rationale.
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
11. page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Explain how businesses apply cryptography in maintaining information
security.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
********************************************************
CIS 341 Week 8 Assignment 2: Identifying
Potential Risk, Response, and Recovery
12. For more classes visit
www.snaptutorial.com
Assignment 2: Identifying Potential Risk, Response, and Recovery
Due Week 8 and worth 75 points
In Assignment 1, a videogame development company recently hired you
as an Information Security Engineer. After viewing a growing number of
reports detailing malicious activity, the CIO requested that you draft a
report in which you identify potential malicious attacks and threats
specific to your organization. She asked you to include a brief
explanation of each item and the potential impact it could have on the
organization.
After reviewing your report, the CIO requests that you develop a follow-
up plan detailing a strategy for addressing all risks (i.e., risk mitigation,
risk assignment, risk acceptance, or risk avoidance) identified in
Assignment 1. Further, your plan should identify controls (i.e.,
administrative, preventative, detective, and corrective) that the company
will use to mitigate each risk previously identified.
Write a four to five (4-5) page paper in which you:
For each of the three (3) or more malicious attacks and / or threats that
you identified in Assignment 1, choose a strategy for addressing the
associated risk (i.e., risk mitigation, risk assignment, risk acceptance, or
risk avoidance). Explain your rationale.
For each of the three (3) or more malicious attacks and / or threats
identified in Assignment 1, develop potential controls (i.e.,
13. administrative, preventative, detective, and corrective) that the company
could use to mitigate each associated risk.
Explain in detail why you believe the risk management, control
identification, and selection processes are so important, specifically in
this organization.
Draft a one (1) page Executive Summary that details your strategies and
recommendations to the CIO (Note: The Executive Summary is included
in the assignment’s length requirements).
Use at least three (3) quality resources in this assignment (no more than
two to three [2-3] years old) from material outside the textbook. Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; references must follow APA or school-
specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required page
length.
The specific course learning outcomes associated with this assignment
are:
Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe the principles of risk management, common response
techniques, and issues related to recovery of IT systems.
14. Describe how malicious attacks, threats, and vulnerabilities impact an
IT infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
********************************************************
CIS 341 Week 10 Technical Project Paper
Information Systems Security
For more classes visit
www.snaptutorial.com
15. Technical Project Paper: Information Systems Security
Due Week 10 and worth 150 points
Suppose you are the IT professional in charge of security for a small
pharmacy that has recently opened within a shopping mall. The daily
operation of a pharmacy is a unique business that requires a
combination of both physical and logical access controls geared toward
protecting medication and funds located on the premises, as well as the
customers’ personally identifiable information and protected health
information that resides on your system. Your supervisor has tasked you
with identifying inherent risks associated with your pharmacy and
establishing strong physical and logical access control methods to
mitigate the identified risks.
1) Firewall (1)
4) Desktop computers (4)
2) Windows 2012 Active Directory Domain Controllers (DC) (1)
5) Dedicated T1 Connection (1)
3) File Server (1)
Write an eight to ten (8-10) page paper in which you:
16. Identify at least five (5) potential physical threats that require attention.
Determine the impact of at least five (5) potential logical threats that
require attention.
Detail the security controls (i.e., administrative, preventative, detective,
and corrective) that the pharmacy could implement in order to protect it
from the five (5) selected physical threats.
Explain in detail the security controls (i.e., administrative, preventative,
detective, and corrective) that could be implemented to protect from the
five (5) selected logical threats.
For each of the five (5) selected physical threats, choose a strategy for
addressing the risk (i.e., risk mitigation, risk assignment, risk
acceptance, or risk avoidance). Justify your chosen strategies.
For each of the five (5) selected logical threats, choose a strategy for
handling the risk (i.e., risk mitigation, risk assignment, risk acceptance,
or risk avoidance). Justify your chosen strategies.
Use at least five (5) quality resources in this assignment (no more than
2-3 years old) from material outside the textbook.Note: Wikipedia and
similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
17. or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
The specific course learning outcomes associated with this assignment
are:
Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe how malicious attacks, threats, and vulnerabilities impact an
IT infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Explain the role of access controls in implementing a security policy.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
Explain how businesses apply cryptography in maintaining information
security.
18. Analyze the importance of network principles and architecture to
security operations.
********************************************************
CIS 341 Week 10 Technical Project Paper:
Information Systems Security
For more classes visit
www.snaptutorial.com
Technical Project Paper: Information Systems Security
Due Week 10 and worth 150 points
Suppose you are the IT professional in charge of security for a small
pharmacy that has recently opened within a shopping mall. The daily
19. operation of a pharmacy is a unique business that requires a
combination of both physical and logical access controls geared toward
protecting medication and funds located on the premises, as well as the
customers’ personally identifiable information and protected health
information that resides on your system. Your supervisor has tasked you
with identifying inherent risks associated with your pharmacy and
establishing strong physical and logical access control methods to
mitigate the identified risks.
1) Firewall (1)
4) Desktop computers (4)
2) Windows 2012 Active Directory Domain Controllers (DC) (1)
5) Dedicated T1 Connection (1)
3) File Server (1)
Write an eight to ten (8-10) page paper in which you:
Identify at least five (5) potential physical threats that require attention.
Determine the impact of at least five (5) potential logical threats that
require attention.
20. Detail the security controls (i.e., administrative, preventative, detective,
and corrective) that the pharmacy could implement in order to protect it
from the five (5) selected physical threats.
Explain in detail the security controls (i.e., administrative, preventative,
detective, and corrective) that could be implemented to protect from the
five (5) selected logical threats.
For each of the five (5) selected physical threats, choose a strategy for
addressing the risk (i.e., risk mitigation, risk assignment, risk
acceptance, or risk avoidance). Justify your chosen strategies.
For each of the five (5) selected logical threats, choose a strategy for
handling the risk (i.e., risk mitigation, risk assignment, risk acceptance,
or risk avoidance). Justify your chosen strategies.
Use at least five (5) quality resources in this assignment (no more than
2-3 years old) from material outside the textbook.Note: Wikipedia and
similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with
one-inch margins on all sides; citations and references must follow APA
or school-specific format. Check with your professor for any additional
instructions.
Include a cover page containing the title of the assignment, the student’s
name, the professor’s name, the course title, and the date. The cover
page and the reference page are not included in the required assignment
page length.
21. The specific course learning outcomes associated with this assignment
are:
Explain the concepts of information systems security as applied to an IT
infrastructure.
Describe how malicious attacks, threats, and vulnerabilities impact an
IT infrastructure.
Explain the means attackers use to compromise systems and networks,
and defenses used by organizations.
Explain the role of access controls in implementing a security policy.
Use technology and information resources to research issues in
information systems security.
Write clearly and concisely about network security topics using proper
writing mechanics and technical style conventions.
Explain how businesses apply cryptography in maintaining information
security.
Analyze the importance of network principles and architecture to
security operations.
********************************************************