Categories
IT, Web

With Continuous Delivery, your software is always release-ready to deploy and au

With Continuous Delivery, your software is always release-ready to deploy and automatically pushed to the next environment.
Discuss three reasons in agreement or disagreement with the following statements. Using automatic deployments for Production environment is dangerous and can lead to unexpected results. Furthermore, automatic deployments make your Production environment very vulnerable.
Should deployment to production environment be manual, Yes or No?
Who should be responsible for the timings of deployment to the production environment?

Categories
IT, Web

Based on market trends, Gartner predicted security spending worldwide would have

Based on market trends, Gartner predicted security spending worldwide would have reached approx. $86 billion in 2016 and exceed this amount by 2020. However, there has been no evidence that this increase in spending has led to better security for many organizations. Maybe the real problem might be too much focus on investments in security technology and not placing enough attention on designing security architecture and infrastructure.
In your discussion, discuss THREE (3) reasons why you agreed or disagreed with the following statement:
Utilizing security frameworks such as the Sherwood Applied Business Security Architecture (SABSA) or Open Security Architecture (OSA) to establish a common foundation for our network architecture is far more critical to sound security design than acquiring the best security technologies.

Categories
IT, Web

CSID found that amongst U.S. consumers, 61% reused the same password across mult

CSID found that amongst U.S. consumers, 61% reused the same password across multiple sites and 46% of them had 5 or more passwords to remember. You can, of course, use a federated system, which is used by platforms such as Facebook, Twitter, Google, Papal, and Amazon as an alternative to a username and password. See: Consumer Survey: Password Habits.
In your discussion, address the following:
Discuss 3 pros and 3 cons to using a federated system.

Categories
IT, Web

Many organizations have not established basic account policies which control how

Many organizations have not established basic account policies which control how to handle credentials or grant third parties access to their internal networks directly. For example, the security breach experienced by retailer Target. Target eventually proposed to pay $10 million to settle a class-action lawsuit over its massive 2013 data breach, according to court documents filed in the U.S. District Court in Minnesota on Wednesday. A third-party maintenance company was involved, and this shows that third-party agreements can pose security threats to companies of all sizes. Many companies have federate their partner access.
Discuss 3 other potential approaches to addressing the issue of third party access to company’s internal networks
Discuss 2 real risk from using trusted forests (transitive trust) / domains.

Categories
IT, Web

Each network component stores electronic configuration files and/or records. Dis

Each network component stores electronic configuration files and/or records. Discuss three reasons why having a security configuration baseline is a critical security management control.
To writer:
I know I paid for 275 words, but 250 words is ok. Thanks.

Categories
IT, Web

The use of repeated challenges is intended to limit the time of exposure to any

The use of repeated challenges is intended to limit the time of exposure to any single attack. Password Authentication Protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP) are authentication protocols used for establishing authenticated network connections.
In your opinion discuss 3 problems with using Challenge Handshake Authentication Protocol CHAP as an authentication protocol
To the writer:
I know i paid for 275 words, please you can proceed with 250 words. Thanks.

Categories
IT, Web

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1) As

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1)
As part of the University’s implementation of the NIST Cybersecurity Framework, an organization-wide security assessment resulted in a prioritized data security mitigation and remediation plan –which became a launch point for an ongoing dialogue on a more holistic approach to security issues in general.
Situation:
The University of _ – with 5,400 faculty members serving 16 schools on five campuses and close ties to the University of _ Medical Center – ranks in the very top cluster of U.S. public research universities. The decentralized nature of cybersecurity management made it challenging for the University’s central IT organization to understand and manage multiple cybersecurity risk efforts and plans.
Drivers:
The need to meet cybersecurity needs associated with managing federal grant recipients while alleviating complexity.
Process:
_ Information Technology initiated a three-step hybrid approach, which builds an environment for those needing NIST 800-171 compliance and fits within the Cybersecurity Framework, as the basis for all risk assessment across the University.
Lessons Learned:
Departments that did not embrace the initial pilot Information Technology risk assessment process due to its complexity would welcome a process organized along the lines of the Cybersecurity Framework and NIST 800-171.
Adopting specific guidelines like NIST 800-171 could actually make requirements for compliance easier to communicate and more widely accepted.
Note: _
Case Study Questions:
Explain three ways how the Framework offers a flexible way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions.
Explain three ways how the Framework can assist organizations in addressing cybersecurity as it affects the privacy of customers, employees, and other parties.

Categories
IT, Web

U.S Federal regulators lifted all uncertainty when they announced it was lawful

U.S Federal regulators lifted all uncertainty when they announced it was lawful to hack or “jailbreak” an iPhone, and declared that there was “no basis for copyright law to assist Apple in protecting its restrictive business model.” By hacking your device, you can potentially open security holes that may have not been readily apparent, or undermine the device’s built-in security measures.
In your assignment, discuss the following:
What are the advantages?
What are the disadvantages?
How frequently is this technology used?
Can a device that has been broken return to its default state? If so, how?
Finally, create a list of at least seven reasons why rooting and jailbreaking are considered harmful in a corporate environment.

Categories
IT, Web

Research Database Management Systems and write a brief white paper explaining ea

Research Database Management Systems and write a brief white paper explaining each one and their features and requirements. Based on these findings, what kind of information is stored and what would an organization benefit from using them?

Categories
IT, Web

Gathering requirements and collecting data are important elements in learning ab

Gathering requirements and collecting data are important elements in learning about the organization’s security posture status, and as input to any proposal or action plan for improvements. There are many methods of collecting data and information.
After reading the article Setting the Course PDF on … about gathering and analyzing project requirements, write an initial post in which you share your experience with data collection and requirement gathering for a proposal or project. Align your experience with the importance of how data is collected for security awareness programs. Explain what method you used to collect it. Why did you select this method over others? How does this compare to data collection for security awareness programs?