What would be the advantages/disadvantages of Cisco changing the IOS interface in terms of security, ease of use, etc.?

/in /by

So, the question is why? Are there some hidden reasons behind the cryptic nature of the Cisco IOS? Isn’t it time for Cisco to join the modern age with its management interface? What are some of the specifics you like (or dislike) most about the IOS in its current state?

NOTE: Although it is not taught as part of the routing curriculum, Cisco DOES offer an alternate PC-based GUI interface not available via the router/switch console called the Cisco Configuration Professional (CCP). If you are interested in trying it, there is an optional lab available within NetLab for you to do so: 1.1.4.7 Configuring Basic Routers Settings with CCP

  • Give us your honest, brief opinion of the Cisco IOS.
  • Would a GUI be a better or worse choice as an interface?
  • What would be the advantages/disadvantages of Cisco changing the IOS interface in terms of security, ease of use, etc.?
  • Make sure you conduct research for your post by either using class content or from the Web. Be sure you cite your source(s).

 

Explain why you think a company would choose hardware from this brand instead of Cisco.

/in /by
  • Write a brief description of the company you found.
  • Explain why you think a company would choose hardware from this brand instead of Cisco.
  • Elaborate your post to include your thoughts about why they are better or worse than Cisco.
  • Does your company offer network switches and routers like Cisco does? Compare and contrast some of your company’s hardware models, preferably switches and routers, with similar Cisco models.  Items such as technical support, cost, and technical capabilities should be compared and contrasted between the two companies.
  • Make sure you conduct research for your post by either using class content or from the Web. Be sure you cite your source(s).

 

Explain what the statistic is intending to communicate

/in /by

Find five examples of published misleading statistics and answer the following questions for each: ( Copy an image of each misleading statistics and answer the questions below them)

1. Explain what the statistic is intending to communicate

2. Detail how the statistic is misleading

3. Identify what you would do to correct the issue

Create the report in Microsoft Word, citing each of the five sources.

Identify one concern that people have about NextGen and describe it, using at least two citations.

/in /by

Many advantages of NextGen have been presented in this module’s information. However, there are some people who oppose components of the project based on its cost, technical challenges, and other concerns. Identify one concern that people have about NextGen and describe it, using at least two citations. (Note: since the prompt is to consider a concern people have, personal blogs are an appropriate source to cite.) You should present this as factual narrative, not personal opinion.

Identify Key Management Gaps, Risks, Solutions, and Challenges Incorporate and cite actual gaps in key management within your key management plan.

/in /by
Enterprise Key Management Plan 9 pages Word, APA double-spaced, The page count does not include figures, diagrams, tables, or citations. Part 1: Identify Components of Key Management Provide a high-level, top-layer network view (diagram) of the systems in Superior Health Care Identify data at rest, data in use, and data in motion. Identify where data are stored and how it’s accessed. Identify areas where insecure handling may be a concern for your organization. Key management will be an important aspect of the new electronic protected health information (e-PHI). Key management is often considered the most difficult part of designing a cryptosystem. Choose a fictitious or an actual organization. The idea is to provide an overview of the current state of enterprise key management for Superior Health Care. “ Authentication is the process by which credentials are presented and validated to enable access. There are a number of different methods of authentication. Passwords are the most common type of authentication and are usually coupled with user identification (user IDs). Tokens and certificates are often used in place of passwords to provide a higher level of security. Tokens can contain unique identifiers (e.g., digital signatures or keys). Tokens can also store biometric data—for example, fingerprints.”

There are several different types of combinations of authentication. Higher levels of security are generally associated with more levels of authentication (multifactor). For example, two-factor authentication might include a token and a password. Kerberos is a protocol for authentication made up of two components: a ticket (distributed by a service) for user authentication and a key that is developed from the user’s password. Another authentication scheme is the Challenge-Handshake Authentication Protocol (CHAP), which uses a representation (hash) of the user’s password to authenticate. Some sources: https://csrc.nist.gov/projects/risk-management/security-assessment/assessment-cases-download-page http://www.tldp.org/REF/INTRO/SecuringData-INTRO.pdf Part 2 : Identify Key Management Gaps, Risks, Solutions, and Challenges Incorporate and cite actual gaps in key management within your key management plan. Identify crypto attack and other risks to the cryptographic systems posed by these gaps. Propose solutions organizations may use to address these gaps and identify necessary components of these solutions. Identify challenges, including remedies, other organizations have faced in implementing a key management system Provide a summary table of the information within your key management plan.

Crypto Attacks Cryptography is used to send data over the network: Plaintext is encrypted to ciphertext using a key, transmitted over the network and decrypted back to plaintext by the receiver. Crypto attacks are the attacks that are performed to get unauthorized access to the transmitted data. According to Phatak, some “cryptographic attacks try to decipher the key, while others try to steal data on the wire by performing some advanced decryption” (2013). Common examples of crypto attacks include key hijacking, man-in-the-middle attacks, and SSL brute-force attacks. Some sources: Phatak, P. (2013). Cyber attacks explained: Cryptographic attacks. http://opensourceforu.com/2013/05/cyber-attacks-explained-cryptographic-attacks/ Part 3 : Provide Additional Considerations for the CISO Explain the uses of encryption and the benefits of securing communications by hash functions and other types of encryption. Evaluate and assess whether or not to incorporate file encryption full disc encryption, and partition encryption. Discuss the benefits of using DES, triple DES, or other encryption technologies. Describe the use and purpose of hashes and digital signatures in providing message authentication and integrity. Explain the use of cryptography and cryptanalysis in data confidentiality.

Determine if it will be more effective to develop the SEs to perform these tasks, taking into consideration the need, cost, and benefits of adding cryptanalysts to the organization’s workforce. Discuss alternative ways for obtaining cryptanalysis if the organization chooses not to maintain this new skilled community in-house Explain the concepts and practices commonly used for data confidentiality: the private and public key protocol for authentication, public key infrastructure (PKI), the x.509 cryptography standard, and PKI security. There are two main types of encryption technologies: symmetric and asymmetric. Symmetric encryption technologies use the same key for both encryption and decryption, whereas asymmetric—or public-key—encryption technologies use separate public and private keys for encryption and decryption. The most well-known encryption technique is symmetric cryptography, which is based on a shared secret, or key. Although symmetric cryptography works well within an isolated environment, maintaining secure communication is difficult if the system has to communicate with a large number of users. Asymmetric cryptography involves the use of an asymmetric-key pair—a private key and a public key. This method is also known as public-key cryptography. The public key is freely available to anyone on the Internet, whereas the private key is kept secret by the owner. Some sources:

Scarfone, K., Souppaya, M., & Sexton, M. (2007). Guide to storage encryption technologies for end user devices (Special Publication 800-111). National Institute of Standards and Technology. US Department of Commerce. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-111.pdf. Keswani, A., & Khadilkar, V. (n.d.). The SHA-1 algorithm. Lamar University Computer Science Department, Beaumont, TX. cs.lamar.edu/faculty/osborne/5340_01/summer_06/…/SHA/Project_Paper.docPart 4. Analyze Cryptographic Systems Describe the cryptographic system, its effectiveness and efficiencies. Provide an analysis of the trade-offs of different cryptographic systems. Include information on Security index rating, Level of complexity, and Availability or utilization of system resources the possible complexity and expense of implementing and operating various cryptographic ciphers Final. Develop the Enterprise Key Management Plan In the previous steps, you gathered information about systems used elsewhere. Using the materials produced in those steps, develop your Enterprise Key Management Plan for implementation, operation, and maintenance of the new system. Address these as separate sections in the plan. In this plan, you will identify the key components, the possible solutions, the risks, and benefits comparisons of each solution, and proposed mitigations to the risks. These, too,

should be considered as a separate section or could be integrated within the implementation, operation, and maintenance sections. A possible outline could be: •Introduction •Purpose •Key Components •Implementation •Operation •Maintenance •Benefits and Risks •Summary/Conclusion *****

Enterprise Key Management Policy 3 pages page double-spaced APA Word document. Discuss Digital Certificates Discuss different scenarios and hypothetical situations the policy should address. Provide policy standards, guidance, and procedures that would be invoked by the enterprise key management policy using three scenarios The final step requires you to use the information from the previous steps to develop the Enterprise Key Management Policy. The policy governs the processes, procedures, rules of behavior, and training for users and administrators of the enterprise key management system. Research similar policy documents used by other organizations and adapt an appropriate example to create your policy. Review and discuss the following within the policy: •digital certificates •certificate authority •certificate revocation lists Discuss different scenarios and hypothetical situations. For example, the policy could require that when employees leave the company, their digital certificates must be revoked within 24 hours. Another could require that employees must receive initial and annual security training.

Include at least three scenarios and provide policy standards, guidance, and procedures that would be invoked by the enterprise key management policy. Each statement should be short and should define what someone would have to do to comply with the policy. *****

Give an example of a security issue that came about through use of an information technology?

/in /by

Give an example of a security issue that came about through use of an information technology? Elaborate on the reasons for the security breach as well as what was done in response to the situation.

Your response should include an example of a high profile case that involved the loss of data.

Please ensure that the paper is written with no errors and its grammatically correct.

Limit your response to 200 words.

Describe the relationship between the entities in each model.

/in /by
  1. Identify the type of each model (conceptual data model and the logical data model). Explain your selection.
  2. Identify the components of each model: the entities and attributes. Describe an entity and an attribute, and identify an example from each model.
  3. Describe the relationship between the entities in each model.
  4. Describe how these models benefit the organization, the rental car company. In the context of the scenario (involving a rental car company), why is the central entity the branch rather than the sales?
  5. How would these models be useful for the rental car business to build a database?

What methods of communication are in use in the experiential learning activity you are participating in?

/in /by

Your ability to communicate effectively with co-workers, supervisors, and upper management will have a significant impact on your career as an IT professional.

Communication takes many forms. What methods of communication are in use in the experiential learning activity you are participating in? How is information shared with with you in that experience? If the experience is mostly self-directed, how or why might you attempt to engage with others who are also participating in the experience?

What observations can you make about communication within the experience? What do you see done well, and where do you see gaps/problems?

Identify and analyze operations and the outside world related to information security based on:

/in /by

You work is based on the company SMS and the company description available. The work will be carried out in your student groups, but the report must clearly state who did what in the assignment. It is up to you to decide what is a reasonable limit for the task. Keep in mind that demarcation can be the hard part to solve. The task is also to determine the limit against the course schedule. Be sure to motivate your demarcation.
The work will be carried out with the tools provided and based on ISO/IEC 27001 and MSB’s method support.

Aim

Analyse Business and Environment
Identify and analyze operations and the outside world related to information security based on:

Business
• internal stakeholders
• internal prerequisites
• information assets

Environment
• external stakeholders
• external prerequisites
• legal requirements

More information about Analyse Business and EnvironmentAnalyse Risk

Perform a risk analysis with a focus on information security by:
• Select appropriate information assets to proceed with
• Identify and  threats vulnerability
• Make a risk assessment – Consequence and Probability
• Develop suggestions for action

More information about Analyse RiskAnalyse Gap

Perform a Gap analysis with a focus on information security by:
• Identify the applicability of security controls
• Document the current situation
• Document improvement suggestions

Describe the experience and what you hope to gain from participating in the experience.

/in /by

Experiential learning opportunities are an essential way to focus on the knowledge, skills, and abilities you need to realize your career goals. You have specifically selected this course as an opportunity to earn practical experience in your chosen field to help realize these goals.

In your journal, post your experiences and reflections on a weekly basis during your learning experience. In addition to relating the details of your actual work and position, you should note information that will assist in the completion of the Final Project. (Refer to the Final Project Document for information on the project.)

In your journal, post your experiences and reflections on a weekly basis during your experiential learning activity.(Note: It is strongly suggested that you spend at least 10 hours per week in the experiential learning activities. Number of hours must be documented and final certificate of completion will be required as part of your final project.) In addition to relating the details of your experience, you should note information that will assist in the completion of the Final Project. (Refer to the Final Project Document for information on the project.)

Your weekly entries should address the following topics:

Describe the experience and what you hope to gain from participating in the experience.
Provide an overview of tasks and key activities (training, discussions, labs, assessments, etc.) in which you were engaged during the week, with sufficient detail for your instructor to understand what you were involved in.
How did the activities in which you were involved demonstrate your knowledge, skills, and abilities in meeting your selected program competencies?
Have you implemented any changes this week in your approach to interpersonal communication, collaboration, project/time management or other aspects as a result of your experiences from the prior week? (N/A for Week One)
Reflect on your experiences during the current week and:
Describe key challenges (problems, issues, etc.) you encountered during the current week as they relate to your experiential learning activity
Describe how you identified/evaluated options for handling those challenges
What aspects of prior coursework and/or work experiences helped you in identify/evaluating options and developing resolutions?
Were there any aspects of the situation(s) – either the problems themselves or the resolutions/outcomes – that were contrary to your assumptions or expectations based on what you have learned during coursework?
What did you learn as a result of this experience? What might you do differently in future to either minimize the chance of occurrence or in your approach to resolving/overcoming?