by admin | Aug 30, 2022 | IT, Web
With Continuous Delivery, your software is always release-ready to deploy and automatically pushed to the next environment.
Discuss three reasons in agreement or disagreement with the following statements. Using automatic deployments for Production environment is dangerous and can lead to unexpected results. Furthermore, automatic deployments make your Production environment very vulnerable.
Should deployment to production environment be manual, Yes or No?
Who should be responsible for the timings of deployment to the production environment?
by admin | Aug 30, 2022 | IT, Web
Single Sign-On (SSO) is an exceptionally convenient access management mechanism. Single sign-on is a mechanism used to simplify the login process for a connected group of websites and applications. “Multi-partner SSO worries me tremendously,” Kenneth S. Robb, a Cyber Security & Risk Consultant at Citadel Cyber Solutions. “It falls squarely in the “Convenience” model for users to hop back and forth between related systems.
Discuss 3 potential security risks with using Single Sign-On
Discuss 1 way in which the SSO mechanism is different from a federated system
by admin | Aug 30, 2022 | IT, Web
Proper network design is critical for the security of your network, servers, and client computers. However, for some business owners and management, when it comes to beating competitors in the marketplace, network security for enterprises is less of a priority than business performance. Should network security supersede business performance? Discuss three reasons why network security should not take priority over business performance. Provide scholarly references for each of your reasons provided.
by admin | Aug 30, 2022 | IT, Web
Many organizations have not established basic account policies which control how to handle credentials or grant third parties access to their internal networks directly. For example, the security breach experienced by retailer Target. Target eventually proposed to pay $10 million to settle a class-action lawsuit over its massive 2013 data breach, according to court documents filed in the U.S. District Court in Minnesota on Wednesday. A third-party maintenance company was involved, and this shows that third-party agreements can pose security threats to companies of all sizes. Many companies have federate their partner access.
Discuss 3 other potential approaches to addressing the issue of third party access to company’s internal networks
Discuss 2 real risk from using trusted forests (transitive trust) / domains.
by admin | Aug 30, 2022 | IT, Web
Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1)
As part of the University’s implementation of the NIST Cybersecurity Framework, an organization-wide security assessment resulted in a prioritized data security mitigation and remediation plan –which became a launch point for an ongoing dialogue on a more holistic approach to security issues in general.
Situation:
The University of _ – with 5,400 faculty members serving 16 schools on five campuses and close ties to the University of _ Medical Center – ranks in the very top cluster of U.S. public research universities. The decentralized nature of cybersecurity management made it challenging for the University’s central IT organization to understand and manage multiple cybersecurity risk efforts and plans.
Drivers:
The need to meet cybersecurity needs associated with managing federal grant recipients while alleviating complexity.
Process:
_ Information Technology initiated a three-step hybrid approach, which builds an environment for those needing NIST 800-171 compliance and fits within the Cybersecurity Framework, as the basis for all risk assessment across the University.
Lessons Learned:
Departments that did not embrace the initial pilot Information Technology risk assessment process due to its complexity would welcome a process organized along the lines of the Cybersecurity Framework and NIST 800-171.
Adopting specific guidelines like NIST 800-171 could actually make requirements for compliance easier to communicate and more widely accepted.
Note: _
Case Study Questions:
Explain three ways how the Framework offers a flexible way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions.
Explain three ways how the Framework can assist organizations in addressing cybersecurity as it affects the privacy of customers, employees, and other parties.
by admin | Aug 30, 2022 | IT, Web
Historically, there has been a range of well-structured attacks on many embedded systems, ranging from HVAC to vehicle control systems. Many embedded systems are mainly secured by strong password protection and encryption protocols such as Secure Socket Layer (SSL) or Secure Shell (SSH). While IP networks employed firewalls, embedded systems do not commonly employ these types of security layers.
In your initial response, include the following:
Discuss 3 potential secure measures or technologies to make the embedded systems secure
Discuss 2 challenges of securing embedded systems
