SEC 280 Week 1-6 Complete Case Studies
SEC 280 Week 1
Your boss has just heard about some nefarious computer activities
called ping sweeps and port scans. He wants to know more about them and
what their impact might be on the company. Write a brief description of
what they are, and include your assessment of whether the activities are
something to worry about or not. This assignment requires two to three
pages, based upon the APA style of writing.
SEC 280 Week 2
You are the Information Security Officer at a medium-sized company
(1,500 employees). The CIO asks you to explain why you believe it is
important to secure the Windows and Unix/Linux servers from known
shortcomings and vulnerabilities. Explain to your CIO what you can do to
make sure the network infrastructure is more secure.
SEC 280 Week 3
ABC Institute of Research has sensitive information that needs to be
protected from its rivals. The Institute has collaborated with XYZ Inc.
to research genetics. The information must be kept top secret at any
cost. At ABC Institute, the researchers are unsure about the type of key
(asymmetric or symmetric) to use. Please formulate a possible solution,
and describe the advantages and disadvantages of any solution employed.
SEC 280 Week 4
Computer security is not an issue for organizations alone. Anyone
whose personal computer is connected to a network or the Internet faces a
potential risk of attack. Identify all the potential security threats
on a personal computer. Identify some of the techniques an attacker
might employ to access information on the system.
SEC 280 Week 5
You have just been hired as an Information Security Engineer for a
large, multi-international corporation. Unfortunately, your company has
suffered multiple security breaches that have threatened customers’
trust in the fact that their confidential data and financial assets are
private and secured. Credit-card information was compromised by an
attack that infiltrated the network through a vulnerable wireless
connection within the organization. The other breach was an inside job
where personal data was stolen because of weak access-control policies
within the organization that allowed an unauthorized individual access
to valuable data. Your job is to develop a risk-management policy that
addresses the two security breaches and how to mitigate these risks.
SEC 280 Week 6
Gem Infosys, a small software company, has decided to better secure
its computer systems after a malware attack shut down its network
operations for 2 full days. The organization uses a firewall, three file
servers, two Web servers, one Windows 2008 Active Directory server for
user access and authentication, ten PCs, and a broadband connection to
the Internet. The management at Gem needs you to formulate an
incident-response policy to reduce network down time if future incidents
occur. Develop an incident-response policy that covers the development
of an incident-response team, disaster-recovery processes, and
business-continuity planning.