All sources must be cited. That means you should have a citation in every answer … But if the source is the textbook, class discussion, or your own work experience, feel free to cite them that way, e.g. “(textbook)”, “(class discussion)”, or “(work experience)”. No need to go find a specific article or page number from the text.
–Pick five (5) of the following items to address. Please include the original question with your answer, so it’s clear which one you’re answering ☺. Answers to each of my numbered items below should be 2 to 3 paragraphs, with exceptions noted in the question as appropriate.
1.Based on our discussion of various types of malicious attacks (Chapter 11), which two or three of them do you consider to be the most significant threat against government and political organizations, and why? Which threats may not be as great of a risk for those organizations, and why?
2.Organizations can choose to keep all of their data encrypted both in transit (when it’s being moved on a network) as well as in storage. Obviously, there are upsides to this – it’s less vulnerable to theft, among others. Comment on the tradeoffs of
always-encrypted
3.In light of the numerous
high-profile
4.One of the emerging risks in the security field is highly targeted attacks – often with a very specific piece of malware, or an attack targeted to a specific individual in a firm. Think about this from the perspective of the attacker
– what are the tradeoffs to conducting a targeted attack on a small number of individuals, vs. a
larger-scale
5.Physical security refers to the need to protect the physical assets of an organization. In some organizations, one senior officer is responsible for both physical and logical (workstation, network, system/application, and other domains) of security. In other organizations, physical and logical security are divided between at least two senior officers. (Feel free to review, if you like,
http://www.csoonline.com/article/742317/the-emerging-turf-battle-
between-information-and-physical-security-pros?source=CSONLE_nlt_update_2013-10-31
6.Part of a disaster recovery plan may make some assumptions about the state of services provided to the organization by third parties. In the event of a disaster as
wide-spread
long-term
short-term
long-term
7.What are some of the ways that
technology-based
8.
Cloud-based
cloud-based
e-mail
9.Given the recent DDoS attack on DYN Corporation, which provides DNS services to a number of large corporations, what are at least three potential motivations of an attacker to try a DDoS attack against DYN? What types of things could the attacker hope to gain or learn from the process of the attack?
WhatsApp us