IT Questions

Question 1: Basic Security Design Principles

Defense in depth is a security standard used to manage risk in the creation of applications and software. Several layers are used to enforce security so that if one layer were penetrated, the other layers would avert a complete breach. A good illustration of this concept is the two-step verification service provided by Gmail. After a user login to their individual Gmail account, the company sends a verification code to the mobile phone of the user. Thus, even if a hacker manages to hack the account, he or she cannot obtain the verification code. Consequently, people with illegal access cannot view the information of a person that uses the two-step verification procedure. These different layers of security ensure that the accounts of users are secured from hackers (Bertino & Takahashi, 2011).

Question 2: IT Security Best Practices?

Mandatory vacation is a policy implemented to prevent fraud in organizations. It involves the management compelling the workers to take random breaks from their tasks. These breaks last for a sufficient period; thus, another employee is to take over the processes of a person on a mandatory vacation. This exercise helps in identifying sham activities since the employees on leave cannot cover their fraudulent activities. The separation of powers is an organizational approach, where tasks and powers are distributed among groups instead of being centrally held. The principle of least privilege presupposes a situation where users are granted only those permissions that they require to conduct their tasks. For instance, the users of a system are granted read-only rights in the database (Panigrahy, 2010). Finally, job rotation refers to a situation where the responsibilities of the staff change within the business. It helps identify areas where individual employees would be most efficient. Granting least privilege is evident in school systems, where the staff is given the rights to specific tasks. For instance, employees in the academics can view and edit the grades of the students, while employees in the finance can view and edit the financial information of the students. Thus, an employee in the finance department cannot change the grades of the students.

Question 3: Access Control Categories and Models

The primary objective of access control is to secure the information of an organization and users. It ensures that information and access to the database are restricted only to the users with sufficient permission. Other goals include authentication, authorization, and auditing. Authentication involves evaluating the identity of people claiming that they have the authorization to utilize certain resources. After users have been authenticated, they are authorized to receive the relevant permission. Auditing involves keeping log files that record the activities of the authorized users to determine any violations. Penetration and audit tests are useful practices that should be used to attain the objectives of the access control (Whitman & Mattord, 2012). These tests help identify loopholes in the system that can be used to gain illegal access to the system. Furthermore, these tests should often be conducted to ensure that the system integrity is enforced.

Question 4: Information and Access Management

The challenges overcome by identity access system include increased distributed staff, distributed applications, productive provisioning, BYOD, password issues, and regulatory compliance. The increased number of the workforce that is distributed in different geographical location requires standard access to the system without compromising security. Distributed applications now allow users to log into the essential systems of a business regardless of their location and device. The challenge posed here is the difficulty of managing the applications. Productive provisioning means granting access to the user on a real-time basis. For instance, an employee, who is moved to a different department, should not have the rights that he or she had in the previous department. The challenge of BYOD arises when users and other stakeholders of an organization use their personal devices to access the corporate network. Thus, the corporate resources are at risk of being accessed by the BYOD devices. Regulatory compliance increases the spending of the IT department. However, an effective identity and access management system help solve all the above challenges as it enhances security, productivity, efficiency, compliance, and simplicity (Bertino & Takahashi, 2011).

Question 5: Physical Security Controls

The components of a CCTV include a camera, a recording device, and a monitor. A camera is utilized to capture videos and still images that are recorded by a DVR. The recorded videos and images are viewed with the aid of the monitor. There are two major types of recorders - the standalone DVRs and the NVRs. Thus, standalone DVRs are connected to a single system, whereas the NVRs are connected to a network (Panigrahy, 2010). The images and videos recorded by an NVR can be viewed by anyone on the network who has the necessary permissions. The primary concern for the deployment of CCTV is privacy since the people without appropriate access can obtain the video footage and used for malicious purposes. Therefore, CCTV systems could be hacked, which would compromise the validity of the entire process.

Question 6: Network Devices, Topologies, and Network Attacks

A hub takes input data from one port and broadcasts the information to other ports linked to the network. Thus, it does not make any decisions since it functions in the physical layer. A switch functions in the data link layer. It is an intelligent device as it performs error checking prior to sending a packet to the correct port. A router links different wide area and local area networks, thus operating at the network layer. Gateways connect different networks that function upon dissimilar networking models. Furthermore, they also operate at the network layer (Bertino & Takahashi, 2011).

Question 7: Overview of the Cryptography Domain

Watermarking is utilized to confirm the identity and legitimacy of the proprietor of a digital image. In watermarking, the information that proves the proprietor is entrenched into digital signal and image. These digital signals are pictures or videos. For instance, artists watermark their images so that if someone had copied their image, the watermark would be also copied. Steganography is altering the image in a manner that only the sender and the envisioned recipient can decipher the sent message. It is undetectable and hence, the recognition is not easy. It is an effective method for sending secret messages. Steganography is attained by hiding the info in computer files (Panigrahy, 2010). On the other hand, digital rights management is a methodical approach to patent guard for digital media. The aim of DRM is to avert an illegal redeployment of digital media and limit the techniques, with which clients can copy the material they have bought.

Question 8: Encryption, Hashing and Digital Signature Methods

Symmetric key encryption is relatively secure as compared to asymmetric key encryption. Nevertheless, this scenario is only evident if a secure system is used. Another strength of symmetric key encryption is that it is fast. SSD drives use this type of encryption, which makes them faster than HDD drives. The weaknesses of this encryption include sharing the key and severe damage when the key is compromised. The Advanced Encryption Standard uses this cryptography. The strengths of asymmetric encryption include convenience, authentication, and detection of tampering. It resolves the issue of deploying the encryption key as individuals publish their public keys but keep the private keys confidential. The weaknesses include the fact that public keys must be authenticated; it is relatively slower, thus not efficient for the decryption of bulk messages. It utilizes extra computer resources, and the damage of the private key may be irreversible. An example of this system is RSA (Whitman & Mattord, 2012).

Question 9: Business Continuity Planning

The steps involved in business continuity planning comprise of identifying risks, analyzing the impact of risk, designing strategy, planning development and execution, and evaluating the plan. Identifying risk entails performing a risk assessment to detect any possible hazard that could upset business activities. Analyzing the risk involves conducting a business impact analysis to measure the impact of possible threats. The design strategy presupposes establishing the policies that alleviate interruptions. The planning stage involves creating an organized procedure that will be followed by the business in the event of data loss. Evaluating the plan means testing the plan to ensure it is effective. Understanding the architecture of the organization is vital to this process since it ensures that all the susceptible areas are identified and much emphasis is placed on them when generating the plan to avert data loss (Panigrahy, 2010).

Question 10: Fault Tolerance, Backups, and Facility Recovery

Cold backup site is a small suitably configured space in a business. All the items needed to restore amenity to the workers must be obtained and conveyed to the location prior to the data recovery process. Thus, the interruption from a cold backup site before the service is restored is lengthy. Cold sites are the cheapest ones in data recovery. Warm sites represent a blend of hot and cold sites. They have equipment pre-mounted, waiting until they are required. In the event of data loss, backups are run onto the devices, and the recovery process commences (Bertino & Takahashi, 2011). They can be executed as part of the general plan utilized for the systems that may still need backups and that can function longer prior to being restored. Lastly, hot sites provide the swiftest recovery in the event of a disaster. These sites fundamentally emulate the internal data center, permitting an organization to switch over when necessary. Furthermore, several hot sites are cloud-based, thus permitting a virtual full backup of the devices. Whereas warm and cold sites are located near the main site, hot sites are located far from the main site to ensure that the same disaster does not affect it.

Question 11: Threats to Software Development Security Domain

A virus is a program created to change the way a computer functions without the permission and knowledge of the user. It must meet the following criteria. First, a virus executes itself by establishing its code in the path of another program. Second, it may replace other executable files with infected files. Viruses harm computer systems and servers by deleting files and rearranging the hard disk. Contrary, worms are the programs that replicate themselves without the need of a host program. Thus, worms spread by exploiting vulnerabilities in the system or tricking users to execute them (Whitman & Mattord, 2012).

Logic bombs are programs that are triggered by the events like date and disk space. When they launch, they may delete necessary codes of the system. They are often created by the people with the rights in the system. Trojans are applications that must be run by a user to function. Usually, they disguise themselves as beneficial programs that the user should install to solve serious problems in the computer. After they are run, they perform unexpected actions like opening ports for intruder access and replacing genuine files with malicious ones.

Question 12: Software Development Security Countermeasures

View-based access control is a feature that permits content and context-based security. A data warehouse is an interactive database planned for query analysis instead of transaction processing. It often comprises of historical data obtained from transaction data, but it could also comprise of data from different sources. Furthermore, it consists of ETL, OLAP engine, and customer analysis tools that govern the process of collecting data and delivering it to users. OLTP is a range of software with the ability of backing transaction-oriented applications via the net. These systems are utilized for order entry, financial transactions, client relationship management, and retail sales (Bertino & Takahashi, 2011).

Question 13: Security Operations Practices

The separation of duties involves a scenario where the management sets duties that have to be completed by several employees. These tasks require collaboration from different staff that has to play different roles to accomplish the tasks. Job rotation refers to a management practice where the administration swaps employees to different departments to establish where they are more productive and to find which employees would be best substitutes for the senior employees. Mandatory vacations refer to a situation where the staff members are required to take random breaks from work and their positions are filled by different employees throughout the vacation. All these practices enforce security within the workplace since they allow a thorough review of the actions of employees (Panigrahy, 2010). For instance, a logic bomb may be detected when a job rotation or mandatory vacation is enforced.

Question 14: Operations Security Attacks and Counter Measures

The various methods of RAID include striping, parity, mirroring, and a combination of all the above methods. Striping is a procedure of writing data to associate disks, where data flow is divided into the blocks of a precise size and then inscribed to disks in turn. Mirroring stores the matching data duplicates on the array affiliate disks. Parity is a kind of data organization, where data divided into the blocks is utilized with the calculation of a specific checksum inscribed to the member disks. Redundant array of inexpensive tapes (RAIT) is a tape array, where data is stripped over several tape drives, with one drive writing an exclusive of the others that can be utilized for error recovery (Whitman & Mattord, 2012).