Premium Essay

Introduction to Security

In: Computers and Technology

Submitted By tyeworth
Words 735
Pages 3
Associate Level Material
Appendix C

Introduction

Student Name:

University of Phoenix

IT/244 Intro to IT Security

Instructor’s Name:

Date: October 28, 2012

Introduction

Due in Week One: Give an overview of the company and the security goals to be achieved.

1 Company overview

As relates to your selected scenario, give a brief 100- to 200-word overview of the company.

Sunica Music and Movies is the company that I have chosen. Working independent of one another, the four locations cannot effectively service their costumer’s needs when it comes to inventory and special items, which is causing the stores to lose money due to the lack of good communication between each of the stores. By not having access to share, any customer information or inventory between the stores costumers are growing tired of the inconvenience. In other words, they do not have the best communications skills. What they are trying to do is make it very simple so that they are able to connect to each other through the internet to a central database so that customers are able to see what is available and what they have in stock. This way the stores will be able to communicate with one another through the internet and to know what is available at the other locations and what items that are being sold in order to keep the more popular items in stock and not waste time or money ordering the items that are not creating positive revenue.

2 Security policy overview

Of the different types of security policies—program-level, program-framework, Issue-specific, and system-specific—briefly cover which type is appropriate to your selected business scenario and why.

The security policy that I am going to use would be the CIA-Confidentiality, Integrity, and Availability. The CIA triad is the basis of all…...

Similar Documents

Premium Essay

Introduction to Security

...CCJS345: Introduction to Security Professor Michael A. Jackson Final Project: Case Study Presented by: James W. Johnson 04 November 2012 Table of Contents Introduction………………………………………………..……………………………………..iii Facility Overview……....…………….……………………………………………...……….......iv Current Crime Prevention and Security Measures in Place............................................................iv Physical Limitations.…………………………..…………….…………………………………….v Optional Physical Security………..………………........................................................................vi Information and Records Security………..………........................................................................vi Emergency and Response Planning...............................................................................................vii OSHA Standards and Violaton….…………………………………………….……………..….xiii Hiring Practices……………...….…………………………………………….……………..….xiii Legal Issues…..……………...….…………………………………………….……………..……ix Conclusion……………...….…………………………………………….……………..………...ix References…………………………………………………………………….……………..…….x Introduction The purpose of this paper is to design a security plan for the Maryland Public Safety Education and Training Center (MPSETC) that, at a minimum, identifies the facility assets requiring protection, the criticality of those assets, the various threats directed at the assets and the probability of......

Words: 3218 - Pages: 13

Free Essay

Introduction to Computer Security

...CSS150-1302B-04 Introduction to Computer Security Phase 3: Discussion Board 3 Networks, Cryptography, and Malicious Activity Professor: Shawn Murray June 5, 2013 In this paper I will discuss a malicious computer worm that spread rather quickly and affected thousands of people and targeted a company in Utah. I will discuss how the worm spread in detail. Lastly, I will discuss how to prevent / defend against such worms. On January 26, 2004 MyDoom, also known as W32.MyDoom@mm, Novarg, Mimail.R and Shimgapi was a computer worm that affected Microsoft Windows (wildammo.com, 2010). MyDoom in 2004 had set the record for spreading the fastest through email. It was said to be started by e-mail spammers through junk mail being sent. That was one way the worm was sent. MyDoom was also sent out as failure sent messages. One of the messages that MyDoom had sent out was “Andy; I’m just doing my job, nothing personal, sorry.” (wildammo.com, 2010). With messages such as that and sent failure / system error messages, one whom was not knowledgeable of such worms would foolishly open it. These messages including but not limited to the one mentioned above brought suspicion to a lot of people and it was believed that the maker of the worm was paid. To date, the author of MyDoom is not known. It is thought though that MyDoom was created in Russia by a programmer (wildammo.com, 2010). In the result of MyDoom globally internet access had slowed......

Words: 622 - Pages: 3

Premium Essay

An Introduction to the Computer Security Problem

...Essay 1 What Is There to Worry About? An Introduction to the Computer Security Problem Donald L. Brinkley and Roger R. Schell This essay provides an overview of the vulnerabilities and threats to information security in computer systems. It begins with a historical presentation of past experiences with vulnerabilities in communication security along with present and future computer security experiences. The historical perspective demonstrates that misplaced confidence in the security of a system is worse than having no confidence at all in its security. Next, the essay describes four broad areas of computer misuse: (1) theft of computational resources, (2) disruption of computational services, (3) unauthorized disclosure of information in a computer, and (4) unauthorized modification of information in a computer. Classes of techniques whereby computer misuse results in the unauthorized disclosure and modification of information are then described and examples are provided. These classes are (1) human error, (2) user abuse of authority, (3) direct probing, (4) probing with malicious software, (5) direct penetration, and (6) subversion of security mechanism. The roles of Trojan horses, viruses, worms, bombs, and other kinds of malicious software are described and examples provided. In the past few decades, we have seen the implementation of myriads of computer systems of all sizes and their interconnection over computer networks. These systems handle and are required to......

Words: 13185 - Pages: 53

Premium Essay

Introduction to Computer Security

...Introduction to Computer Security CSE 3482 Introduction to Information/Computer Security Instructor: N. Vlajic, Winter 2014 Learning Objectives Upon completion of this material, you should be able to: • Describe the key security requirements of confidentiality, integrity and availability (CIA). • Describe the CNSS security model (McCumber Cube). • Identify today’s most common threats and attacks against information. • Distinguish between different main categories of malware. Required Reading Computer Security, Stallings: Chapter 1 Computer Security, Stallings: Chapter 6 Introduction • Information Technology – technology involving development & use of computer systems & networks for the purpose of processing & distribution of data  in many organizations, information/data is seen as the most valuable asset categories of IT jobs:  IT administrator - installs, maintains, repairs IT equipment  IT architect - draws up plans for IT systems and how they will be implemented  IT engineer - develops new or upgrades existing IT equipment (software or hardware)  IT manager - oversees other IT employees, has authority to buy technology and plan budgets  Introduction (cont.) • Information System – entire set of data, software, hardware, networks, people, procedures and policies that deal with processing & distribution of information in an organization  each component has its own strengths, weaknesses, and its own security......

Words: 1194 - Pages: 5

Premium Essay

Introduction to Information Security Student

...Principles of Information Security Sherwin R. Pineda Introduction to Information Security Do not figure on opponents not attacking; worry about your own lack of preparation. Learning Outcomes 嗗Define information security 嗗Recount the history of computer security, and explain how it evolved into information security 嗗Define key terms and critical concepts of information security Introduction 嗗The History of Information Security –The 1960 –The 1970 to 80 –The 1990 –2000 to present The History of Information Security The need for computer security — that is, the need to secure physical locations, hardware, and software from threats arose during World War II when the first mainframes, developed to aid computations for communication code breaking were put to use The History of Information Security 嗗 Multiple levels of security were implemented to protect these mainframes and maintain the integrity of their data. 嗗 Access to sensitive military locations was controlled by means of badges, keys, and the facial recognition of authorized personnel by security guards. 嗗 The growing need to maintain national security eventually led to more complex and more technologically sophisticated computer security safeguards. The History of Information Security During these early years, information security was a straightforward process composed predominantly of physical security and simple document classification schemes. The primary threats to security were physical......

Words: 1230 - Pages: 5

Premium Essay

Nt2580: Introduction to Information Security Week 2 Essay

...Week 2 Essay Johnathan Terrance NT2580: Introduction to Information Security Brian Alley May 10, 2014 I have been given the task of designing a remote access control policy for establishing secure access between remote offices across several different states. Establishing this policy will protect the company and employees against attacks that may cost them tons of money and even their jobs. The policy will define several different security practices that employees need to adhere to in order to keep the network safe. These policies will be dictated through an AUP and signed by all employees with access to the network. The employees will also have to go through initial information security training before gaining access to the network. This training will also be required annually in order to maintain their access to the network. The AUP will dictate the requirements for passwords. The requirements will include an eight character alphanumeric password, two uppercase letters, two lowercase letters, two special characters, and two numbers. This will make it more difficult for the password to be breached. The AUP will also state that the company systems will only be used for work related purposes. All social networking sites and many other miscellaneous sites will be blocked. The user will also have to consent to monitoring when signing the AUP. Users will only be given access to files they need through the use of an ACL. This way if a password is breached the hacker will...

Words: 617 - Pages: 3

Free Essay

Cjs 250 Full Course - Introduction to Security

...CJS 250 Full Course - Introduction to Security http://www.learnyourcourse.com/cjs-250/83-cjs-250-full-course.html CJS 250 Full Course - WEEK 1 CJS 250 Week 1 CheckPoint - Historical Laws and Security CJS 250 Week 1 Assignment - Allan Pinkerton CJS 250 Full Course - WEEK 2 CJS 250 Week 2 DQ: - 1 - Security gaps analysis for real-life locations CJS 250 Week 2 DQ: - 2 - Consider the definition of security given on pp. 71-72 of the text. Can any target environment ever be 100% stable or 100% predictable? Why or why not? Why does the author stress that security efforts for any target environment will be a “never-ending process” and that security objectives will change over time? How can complacency pose a problem for security professionals? CJS 250 Week 2 Appendix B - Threat and Risk Assessment CJS 250 Full Course - WEEK 3 CJS 250 Week 3 CheckPoint [Appendix C] - Risk Management CJS 250 Week 3 Assignment - Security Objective Components CJS 250 Full Course - WEEK 4 CJS 250 Week 4 DQ: - 1 - While it may be ideal for security planners to utilize or install the latest technology, it may not always be practical. How do you think a security professional can balance the limitations, such as budget or space, of a particular environment with the need for keeping abreast of the latest industry technology and trends? How much knowledge of technology do you think security professionals should have? How broad or detailed should that knowledge be? CJS 250 Week 4 DQ: -...

Words: 679 - Pages: 3

Premium Essay

Introduction to Network Security

...and protocols up to date, and regularly scanning computer systems for viruses and intrusion detection. Security topology of a network defines the network design and implementation from a security perspective (Dulaney, 2009). There are four primary areas of concern: Design Goals, Security Zones, Technologies, and Business Requirements. There are four issues with design goals and they are confidentiality, integrity, availability, and accountability (Dulaney, 2009). Confidentiality is to stop unauthorized access and disclosure of data and information. Over the years there have been laws and regulations passed on confidentiality to help protect customer’s information. Integrity involves making sure the data that is being used is accurate and hasn’t been tampered with. Availability means the data must be protected to prevent its loss from a mishap or attack. Finally, accountability is always important to help insure that for one it is clear who is responsible for the data and also to hold that person accountable should they not properly monitor and fix damage to the system. Security Zones in a network describes design methods that isolate systems from other systems or networks (Dulaney, 2009). This is important to the security of the network because it can separate less secure connections and can even hide resources on the network. Four of the most common security zones are the Internet, Intranet, Extranet, and Demilitarized Zone or DMZ. Internet is a global......

Words: 1012 - Pages: 5

Premium Essay

Introduction to Derivative Securities

...Assignment 1 [Due 11 September 2015, 4pm] Assignment should be submitted in the box 402-512 by the due date. Penalty will apply for late submission Question-1 The six month and one-year rates are 3% and 4% per annum with semi-annual compounding. Is 3.90% or 3.95% or 3.99% closest to the one-year par yield expressed with semi-annual compounding? (3 marks) Question-2 A company enters into a short futures contract to sell 50,000 units of a commodity for 70 cents per unit. The initial margin is $4,000 and the maintenance margin is $3,000. Explain what is the futures price per unit above which there will be a margin call? (3 marks) Question-3 The spot price of an investment asset is $30 and the risk-free rate for all maturities is 10% with continuous compounding. The asset provides an income of $2 at the end of the first year and at the end of the second year. What is the three-year forward price? (2 mark) Question-4 On March 1 a commodity’s spot price is $60 and its August futures price is $59. On July 1 the spot price is $64 and the August futures price is $63.50. A company entered into futures contracts on March 1 to hedge its purchase of the commodity on July 1. It closed out its position on July 1. What is the effective price (after taking account of hedging) paid by the company? (2 marks) ---------------------------------------------------------END-----------------------------------------------...

Words: 256 - Pages: 2

Free Essay

Introduction

...12/10/2015 Introduction to Social Networking Skip to Content | Change text size | Contact ACCAN Australian Communications Consumer Action Network Top of the page Main Menu Home News Consumer info Our work Grants Events Members About us Search.........

Words: 1143 - Pages: 5

Premium Essay

Introduction

...Introduction Case Study for Wingspanbank.com It was a freestanding Internet bank under the auspices of the First USA division of Bank One. It was an Internet-only bank that marketed itself with the claim, "If your bank could start over, this is what it would be. Created in a record four months and launched with a huge advertising campaign in year 1999, Wingspan provided one-stop shopping for financial services. At first glance Wingspanbank appeared to be a hugely successful startup, and in a way, it was because it had met virtually all of its goals and led the industry. However, the First USA division had performed poorly since then, it suffered $70 billion in outstanding receivables and shares of Bank One had fallen more than 40 percent since May 1999. Finally, "Wingspanbank was downgraded to be a test lab because it didn't attract enough customers. Bank One officials said in September 2000. But was Wingspan, a standalone Internet bank, a flawed business model or a good idea doomed by circumstance? The answer may be both. Internet pure plays don't have staying power, especially in banking. "Pure online banks are beginning to look like failed dreams, said a report issued by Newton, MA-based Meridien Research. However, the bad management in Wingspanbank also contributed to its failure. The internal problems included the direct competition between Wingspanbank and its parent company? Bank One, frequent system failure, huge marketing campaign, the lack of planning, and the......

Words: 1927 - Pages: 8

Premium Essay

Nt2580 Introduction to Information Security

...Ken Hoge System Security Project Multi-layer Security Plan When working in the field of IT we must make sure all data can be accessed to the proper employees when the need it. We would love to know that all of the information we have in our database is safe and secure however the number of hackers online today is skyrocketing. Most of these hackers are from other countries such as China or Russia that are trying to gain access to important information of large corporations and government institutions. Some of these hackers have all the time in the world on their hands and are taking any steps they can think of to try and exploit or gain access to financial assets. The first and for most thing we need to do is setup a multi-layered security plan to be able to deal with any incoming online threats and attacks. Most hackers will start with and end user on a network since they are the leased experienced in technical security measures. An outside attack will typically come from some sort of email sent to the end user attempting to get them to click on some sort of link and have them enter login information or some other security details. We can typically setup security protocols for these employees such as password changes every 30 days and increased password strength techniques. This will prevent attackers from being able to log onto employee accounts. Next we can move to the gateway that is the networks first line of defense. This defense will consist...

Words: 349 - Pages: 2

Premium Essay

Introduction

...Introduction Enterprise systems (ES) are large scale application software packages that support business and data analytics in complex organisations. These systems having maninted a large amount of critical and complex data are designed typically for high intensity transcation performance and high data security. Also, operational excellence could be achieved with the effective implementation of enterprise systems. This can be better understood with the given example – A customer requests company X (pharmaceutical drug manufacturing company) for information of approximate price for the order he is willing to deal with them. In this case, company X can not only address the plea of customer with the exact price but also very rapidly with the usage of an enterprise system. This task can be performed firmly as the enterprise systems help in integrating every detail such as client information, order, manufacturing, delivery, price of rawmaterials, chemical formulae, time taken in the inventory, packaging costs and many more. These enterprise systems can also be customized in special cases where the software systems doesnot appropriately suite the business needs. However, it is not advisable based on previous research in this field which showed the detoriation of the software system or low intensity performance in case of any major changes made. Thus, it is advisable to gain maximum benefit out of these enterprise system softwares by tuning them to the business of interest. Like......

Words: 473 - Pages: 2

Premium Essay

Introduction to Information Security

...personal information is created susceptible for a malicious coworker spying and obtaining passwords and personal information that can be used to access the system and cause damage to it. Another common treat is the user violating security policies and also apathy toward those policies where security can be vulnerable for not following proper policies in the work environment. Vulnerability from lack of user awareness is not only a concern about security in a work place, companies need to implement risk assessments to prevent computer risks and probable attacks by an uneducated or malicious user. The most important part of deployment is planning. It is not possible to plan for security until a risk assessment has been performed. Security planning involves developing security policies and implementing controls to prevent computer risks from becoming reality. The workstation Domain common threats in this domain are unauthorized access to workstation, unauthorized access to systems, applications and data, desktop or laptop computer operating system software vulnerabilities, desktop or laptop application software vulnerabilities and software patched updates, user downloads photos, music, music via the internet. User violates AUP and creates security risks for the organization's IT infrastructure. The LAN-To-WAN Domain this domain is where all data travels into and out of the IT infrastructure. The LAN-to WAN domain provides Internet access for the entire organization and......

Words: 652 - Pages: 3

Free Essay

Introduction to Information System Security

...software and hardware. Interface design impacts the software life-cycle in that it should occur early; the design and implementation of core functionality can influence the user interface – for better or worse. Because it deals with people as well as computers, as a knowledge area HCI draws on a variety of disciplinary traditions including psychology, computer science, product design, anthropology and engineering. HC: Human Computer Interaction (4 Core-Tier1 hours, 4 Core-Tier2 hours) Core-Tier1 hours HCI: Foundations HCI: Designing Interaction HCI: Programming Interactive Systems HCI: User-cantered design & testing HCI: Design for non-Mouse interfaces HCI: Collaboration & communication HCI: Statistical Methods for HCI HCI: Human factors & security HCI: Design-oriented HCI HCI: Mixed, Augmented and Virtual Reality 4 4 Core-Tier2 hours Includes Electives N N HC/Foundations [4 Core-Tier1 hours, 0 Core-Tier2 hours] Motivation: For end-users, the interface is the system. So design in this domain must be interaction-focussed and human-centred. Students need a different repertoire of techniques to address this than is provided elsewhere in the curriculum. Topics: • • • Contexts for HCI (anything with a user interface: webpage, business applications, mobile applications, games, etc.) Processes for user-centered development: early focus on users, empirical testing, iterative design. Different measures for evaluation: utility, efficiency, learnability, user......

Words: 1936 - Pages: 8