ipl-logo

Cis 4680 Assignment 1

1272 Words6 Pages

Aron Park Midterm
October 29, 2015
CIS 4680 Intro to Info Sec
Prof. Carver
1. Select one of the three characteristics of information security (CIA) and explain its importance as related to the development of policy, education, OR technology. The three key characteristics of information security are confidentiality, integrity, and availability. They are designed to guide policies for information security within an organization. Confidentiality refers to limiting information access and disclosure to authorized users, and preventing access by or disclosure to unauthorized ones. In other words, preventing information from reaching the wrong people, and making sure the right people can in fact get it. Confidentiality …show more content…

The CSE’s vision statement is safeguarding Canada's security through information superiority. In regarding their value statements, the CSE Ethics Charter defines the values and ethics and expected behaviors of CSE to guide and support our employees in their professional activities. The content of this document emphasizes the importance of employees making value-based decisions and conducting their duties in an ethical and professional manner.
3. Design an incident response plan for your home computer if there is a fire exploring actions taken before, during and after the incident (see page 85 in book for a hint).
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. An incident response plan includes a policy that defines what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs. The example I will be using is an incident response plan for my computer in case of a fire. The steps that will be taken will show what to do before, during and after the …show more content…

Using the framework presented in the course textbook, draft a sample issue-specific security policy for an organization.
An issue-specific security policy instructs an organization to securely use a technology system. It provides detailed and targeted guidance to employees. The ISSP instructs the fundamental technological philosophy of the organization. It also protects the organization from inefficiency and ambiguity. The example below will be a draft sample of an issue-specific security policy regarding the internet use of an organization.
Statement of Policy
The main purpose of the policy is to addresses the internet usage of the organization. This Sample Internet Usage Policy applies to all employees of the organization who have access to computers and the Internet to be used in the performance of their work. Use of the Internet by employees of the organization is permitted and encouraged where such use supports the goals and objectives of the business.
Appropriate Use
Company employees are expected to use the Internet responsibly and productively. Internet access is limited to job-related activities only and personal use is not permitted. Job-related activities include research and educational tasks that may be found via the Internet that would help in an employee's

Show More
Related

Nt1330 Unit 3

630 Words | 3 Pages

Do we have a backup power system for our offices? Protection of customer personal information (in addition to security measures stated elsewhere in this audit checklist) 54. Do we only giving access to personal information to a person who is verified to be able to receive that information? 55.

Read More

Nt1310 Unit 3 Pest Analysis

131 Words | 1 Pages

1. Policies governing the network insecurities which include Email and communications policy, Remote Access Policy, BYOD Policy and Encryption policy 2. User accounts management through training and assigning of user roles depending on their access levels to information in the organization. 3. Setting up workstations and assigning every user a workstation.

Read More

Nt1330 Unit 7 Group Policies

500 Words | 2 Pages

Assignment-7 Group Policies Group Policies: Group policies specifies settings for users and computers which includes security settings, software installation, computer startup and shut down, registry based policy settings and folder redirection. Group policies are responsible for controlling the working environment of users and computers accounts. It provides the configuration and management of the user’s settings, operating system and applications in a working environment. It is responsible for the user’s actions in a computer like what a user can and cannot do on the computer for example enforce users to have a complex password to prevent the network from being accessed by unidentified users. Group policies when properly planned and implemented

Read More

Nt1330 Unit 3 Information Security Risk Management

223 Words | 1 Pages

The Information Security Manager reports in their capacity to the CEO. Company officers, executives, directors, employees, contractors and third party service providers cooperate and work with the Information Security Manager to ensure the protection of customer’s non-public information and Licensee’s Information Assets. Policies, such as Enterprise Antivirus Program, Network Access, Software Development Security Standards, Physical Security, Vendor Manangmenet Ativirus, Mobile Computing/Remote Access, Inromation Security Risk Assessment, Social Media, Data Loss Prevention, and Secuiryt Incident Response Policies have been implemented to protect customer’s non-public personal information and company Information

Read More

Hrm 531 Week 3 Individual Assignment

323 Words | 2 Pages

This group of population was chosen as the target respondent because of their ease of accessibility to internet and the nature of company business which require internet access throughout the whole working hours. Every respondent was provided by the company with internet-connected device either a laptop or computer for working purpose. However, any employee who wish to bring internet-connected device such as mobile phone and tablet is allowed by the company as long as they are not connected to corporate network. For a start, the researcher approached the Human Capital Development department of the target respondent, where he sought permission to conduct his research by producing a formal application through letter. The researcher was granted

Read More

Nt1330 Unit 6 Paper

684 Words | 3 Pages

I expect everyone in the staff to respect people’s personal information and to treat the data as if it was their own. The outline of an internet usage policy, it’s a role for the human resources and IT departments, an undertaking to protect employee as well as IT network. Hence, a partnership between these two parties is vital to guarantee that a comprehensive internet usage policy is created matching the needs of the company and

Read More

Hcr 220 Week 3 Term Paper

449 Words | 2 Pages

Procedures and policies required to address this are: • Access control using unique user Identification protocols, emergency access, procedures, timed auto logoff, and encryption and decryption mechanisms. • Auditing system that ensures that the IT system with the PHI is being recorded and examined. • Having an IT system that is dependable and protects PHI from alteration and being destroyed. • Making sure that the person accessing the PHI has the proper proof to identify who they are and are authorized to access.

Read More

Cac 010 Unit 1 Assignment 1

422 Words | 2 Pages

Prior to Writing 010 I had no understanding as to how difficult research papers were formatted. My experience on being capable to write a well-developed research paper was beyond minimal. This assignment was by far one of the most challenging. As a second year college student I know what is expected of me. In order to have a successful college writing career I believe one needs to be capable of properly locating credible sources, provide citations and avoid plagiarism.

Read More

Data Room Risk Assessment Paper

891 Words | 4 Pages

An example would be prox card entry with security pin to unlock the doors. Along with electronic security access into the data room, a security staff will need to be formed that will be responsible for monitoring the data room and manage assigning access into the data room. Internal Server and Desktop Security Policies A risk assessment will need to be conducted in order to identify all locations where sensitive and classified information is

Read More

Legacy Technologies Policy Paper

841 Words | 4 Pages

Objective Our Company’s objective is to provide high speed and reliable resources that can be used throughout the world. 1. The objective of this policy is to state all guidelines of use for all employees that utilize and work with Legacy Technologies

Read More

Small Town Dental Clinic Case Study

728 Words | 3 Pages

This also incorporates rules to protect the employee and the company. This also protects the computer systems and the networks from virus attacks, compromise of network. In order to better protect the PHI, we should also have an ‘email policy’. This policy makes sure the email system is used properly and users are alerted of what

Read More

Anheuser-Busch Inbev Acceptable Use Of Information Technology Policy

1628 Words | 7 Pages

The user should recognize this when using the Internet, and understand that it is a public domain and he or she can come into contact with information, even inadvertently, that he or she may find offensive, sexually explicit, or inappropriate. The user must use the Internet at his or her own risk. The company is specifically not responsible for any information that the user views, reads, or downloads from the Internet. Personal Use. The company recognizes that the Internet can be a tool that is useful for both personal and professional purposes.

Read More

Xyz Credit Union Policy Statement

480 Words | 2 Pages

Policy Statement This policy is to guarantee that XYZ Credit Union is in consistence with GLBA and IT security best practices. By executing this AUP, alongside security mindfulness preparing to its representatives, XYZ Credit Union can alleviate chance and keep up a legitimately working business. Purpose/Objectives To provide guidelines that will be applied to provide information on acceptable use of the internet, the organizations own IT assets and systems, and the use of the e-mail system.

Read More

Overview Of The National Telecommunications And Information Administration

427 Words | 2 Pages

Communications professionals may need to consider these policies and initiatives when designing communication strategies that rely on internet services and broadband connectivity. Data Privacy and Security: The NTIA addresses privacy and security issues, especially in the Internet and emerging technologies. Communications professionals handling sensitive user data or engaging in online marketing and advertising must know NTIA's guidelines and recommendations to protect user privacy and ensure data security. Digital Inclusion: The NTIA works on initiatives to promote digital inclusion and bridge the digital divide by providing access to technology and digital skills training for underserved communities. Communications professionals involved in public outreach and community engagement may collaborate with NTIA-supported programs to address digital inclusion challenges.

Read More

Bio-Sport Social Media Policy

1942 Words | 8 Pages

Guidelines To The IT Department The vested upon the task of ensuring that the privacy of the company`s private documents is maintained and that these documents are not accessible by unauthorized persons. Due to the fact that employees are allowed to use the infrastructure of the company for social media purposes, the department should ensure that the necessary security measures are put in place to keep hackers at

Read More

More about Cis 4680 Assignment 1

Related Topics

Open Document