The DISA training and the simulation tool which helps in understanding the securities associated with the information systems. The risks associated with the information systems are discussed in the training sessions. Budget is a huge issue for maintaining the security of the information systems as there is a need of huge initial financial investment. The functional and technical training helped in understanding the technologies associated with Joint deployment training center (Whitman & Mattord, 2013). The training session helped in understanding the importance of the joint deployment, situational awareness. The different aspects of administration in terms of the security measures was discussed in the training. The strategies that were selected for the training was to understand the different constraints associated with the simulation tool so that the understandings can be applied in real situations.
The role and responsibilities of the authorizing official is very much important for the operations of the information systems. The different risks associated with the information systems are properly managed with the help of the authorizing officials. The assets associated with the information systems are managed with the help of the authorizing officials, the stakeholders associated with the information systems also falls under the category of the authorizing officials. The AO training was important to understand the importance of the strategic risk management, the policies associated with the information systems was understood with the help of this training session. The different types of risks and risk management tool was understood with the help of this training. The core competencies of the system and application security was also an important aspect of the training.
The different types of Access Control Mechanism are as followings:
There are different phases present in the Risk Management Framework such as the followings:
The discussed cyclical design helps in understanding the information security officers can understand the amount of threat which still persists in the system even after all the preventive measures, amount of vulnerability which is reduced by the safeguards, risks which are not covered by the framework and value of the assets of the system considering the security threats.
Baseline is defined as the type of measurement at a given point of time and Benchmarking is defined as the type of measurement which compares the entity with the industrial standards.
|
Baseline |
Benchmarking |
|
|
Similarity |
It is a type of strategic planning. Known configurations is used in this category. |
It is also a type of strategic planning. Unknown category are used in the benchmarking. |
|
Difference |
It only considers the entity which is selected for planning. |
It considers the industry standards which is more useful as compared with the baseline. |
Table 1: Difference and similarity of bench making and baseline
(Source: Created by the author)
It is defined as the type of analysis technique used in the business processes for the identification of the critical aspects of the business. The nature and impact of the critical aspects are analyzed with the help of the Business Impact Analysis. The recovery strategies are identified with the help of BIA.
In planning process BIA is very much useful to understand the potentials risks associated with the business (Whitman & Mattord, 2011). The risks and the challenges of the business can be identified with the help of the involvement of BIA in planning process.
Based on the discussion in chapter 10, it can be said that the business continuity and disaster recovery planning are not different from each other.
|
Business Continuity |
|
|
It is defined as the ability of an organization to maintain their normal procedures during and after a disaster. |
It is defined as the type of documented process which is useful in the protection of the assets of an organization from potential disasters. |
|
Any kind of emergency threats such as fire can be tackled effectively with the help of the business continuity. |
Bigger hazards are considered to find the effectiveness of this type of planning. |
|
It deals with the non-technical aspects of the organization. |
It deals with the technical aspects of the organization such as physical assets. |
Table 2: Comparison between Business Continuity and Disaster Recovery planning
(Source: Created by the author)
Based on the discussions it can be found that the two forms of intrusion detection such as the followings:
|
Signature-based IDPS |
Anomaly-based IDPS |
|
Specific patterns are considered in this technique such as byte sequences. |
Both computer and network can be secured with the help of this system. |
|
Identifies the presence of malware with matching bytecode of the software with the signature of the malicious program. |
It monitors the system activities and classifies them as anomalous or not. |
Table 3: Difference between Signature based IDPS and Anomaly-based IDPS
(Source: Created by the author)
Both the discussed technologies are competing technologies and are very much useful for the detection of the malicious activities.
Based on the discussions in chapter 12 the comparison between the two physical firewall architectures are as followings:
|
Single Bastion Host Architecture |
Dual homed Host Firewall |
|
Single device is configured with the filtered packets which serves as a security point for two networks. |
It blocks the entry of the external data packets with the help of the external filtering router which is connected with the firewall providing the service of NAT. |
|
Only one network interfaces are involved in this architecture. |
Two network interfaces are involved in this architecture. |
Table 4: Comparison of two types of firewall architecture
(Source: Created by the author)
Based on the discussions in chapter 12 the comparison between the two physical firewall devices are as followings:
|
Packet filtering Firewalls |
Unified Threat Management devices |
|
It filters every outgoing and incoming data. |
It plays the role of a middleman between the cache server and the requestor of the information. |
|
It can selectively packet filters as needed. |
It provides the proxy services in the network as well as the firewall services. |
Table 5: Comparison of two types of firewall devices
(Source: Created by the author)
Reference
Whitman, M. E., & Mattord, H. J. (2011). Principles of information security. Cengage Learning.
Whitman, M., & Mattord, H. (2013). Management of information security. Nelson Education.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download