Term Paper on "Information Security and Assurance"
Term Paper 3 pages (1148 words) Sources: 6
[EXCERPT] . . . .
policy for accessing a system you can use a closed or open approach. Decide which policy you would select for a system that has access to confidential data (such as student records, not online). Explain why your policy will be effective and how it will minimize an attacker's access to the records.Policy is defined within the concept of information assurance as a written rule and principle used to guide the process of decision making (Blyth & Kovacich,2006.p.103).Policies are an important element of information assurance a field whose basic tenets are confidentially, integrity and availability (DoD,1999). In developing a policy for accessing a system, one can use a closed or open approach. The best system for designing system that has access to confidential data (such as student records, not online) is the closed access approach.
How the policy will be effective
The closed access policy is therefore the best solution to this scenario since it is the one that deliver the much needed service of dedicating all of the system resources to just a specific number of users who must be pre-registered to access the s system.
How it will minimize an attacker's access to the records.
This type of information access policy therefore effectively restricts the access to confidential data to just a handful of subscribers who must be pre-registered (Khanafer, Saa, Baser & Debbah,2012).The policy therefore minimizes a given attacker's access to the confidential information by the application of access control mechanisms such as usernames and passwords, key cards, public and private keys (encryption and decryption algo
download full paper ⤓
3. Explain Steganography and two circumstances where Steganography would be appropriate.
Johnson (1995) defined steganography as the art of effectively concealing information within carriers that are innocuous. The concept of steganography is closely related to that of cryptography. This is due to the fact that both techniques can be employed in the protection of information. The two can converge in usage but their objectives are completely different. This is because cryptography is used in the "scrambling" of messages so that in cases of interception of the communication, the message may not make any sense. Steganography on the other hand is used in "camouflaging " the message in order to effectively hid its existence altogether. Markus Kahn however defined steganography as the art as well as science of effectively communicating in a manner that hides the very existence of the communication.AS opposed to cryptography which can allow for the detection of the communication, steganography's aim is to hide the message or communication inside other forms of harmless messages in a manner that does not give the enemy a chance of detecting its presence as a second message. Both cryptography and steganography are excellent techniques of protecting information from the unwanted or unintended parties. The sad fact is that both can be broken easily. It is therefore advisable for both to be used concurrently in the addition of multiple layers of security (Dunbar,2002).The data formats that are popularly used in steganography are;.doc, .gif, bmp,.jpeg,.txt, .mp3, and .wav.
Circumstance where the use of steganography may be appropriate;
The circumstances where the use of steganography may be appropriate are;
In open system environments involving the covert channels as well as in digital watermarking.
Covert channels
Covert channels within the protocol of TCP/IP entails the masking of the actual identification information within the TCP/IP headers in order to hide… READ MORE
Quoted Instructions for "Information Security and Assurance" Assignment:
“This is an Information Security & Assurance term paper. When you read the questions below, keep in mind that your answer has to be from an information security and assurance perspective. All of the questions are related to information security and assurance even if it was not mentioned clearly.
Directions
-Answer any three (3) questions from Part A below.
-Each answer is expected to be concise, direct and to the point. It is anticipted to take approximately 3 to 4 paragraphs to answer (usually not more than a page). For each question, you must include at least two independent sources for your answer. In addition, You must answer your chosen questions in great details. Any reliable source is accepted, except *****'wikipedia-like*****' and newspaper sources. Please make sure to site when needed and to provide a high quality paper that answers every aspect of your chosen questions.
Part A
1. In developing a policy for accessing a system you can use a closed or open approach. Decide which policy you would select for a system that has access to confidential data (such as student records, not online). Explain why your policy will be effective and how it will minimize an attacker*****'s access to the records.
2. Explain which is more secure, Asymmetric or Symmetric Encryption, and provide two circumstances where each could be effective, one for Asymmetric and one for Symmetric. Each circumstance should be different from the other.
3. Explain Steganography and two circumstances where Steganography would be appropriate.
4. Name at least two different Information Assurance (IA) standards, each from a different standards organization. Summarize the standards and explain why they are important.
5. Summarize one major US technology law that has gone into effect in the last 10 years. Explain its impact, why it is helpful, and where it is a problem.
How to Reference "Information Security and Assurance" Term Paper in a Bibliography
“Information Security and Assurance.” A1-TermPaper.com, 2012, https://www.a1-termpaper.com/topics/essay/policy-accessing-system/9179102. Accessed 5 Oct 2024.
Related Term Papers:
Information Security and Assurance Research Paper
Metrics are tools designed to facilitate decision making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data. The purpose of measuring performance is to monitor… read more
Research Paper 4 pages (1223 words) Sources: 4 Topic: Fashion / Designers / Beauty
Information Security Legal and Ethical Implications Thesis
Security It
Security, Privacy and Ethics in it
The field of Information Technology is unique among professional disciplines due to its high-paced atmosphere. The quick change of technology, particularly within… read more
Thesis 5 pages (1471 words) Sources: 4 Style: APA Topic: Business / Corporations / E-commerce
Security Policy Dr. Fossett's Dental Office Term Paper
Security Policy of a Dental Office
Information Technology Security for XYZ's Dental Office will be achieved by implementing these controls, policies, procedures and standards. This approved Security policy reflects the… read more
Term Paper 3 pages (1254 words) Sources: 0 Topic: Computers / IT / Internet
Security Architecture and Design Models Article Review
Security Architecture & Design models: An appraisal
Security architecture refers to a cohesive security design that is used in addressing the requirements (such as authentication and authorization) and most importantly… read more
Article Review 2 pages (889 words) Sources: 2 Topic: Computers / IT / Internet
Models and Assessments Reduction of Information Risks Research Paper
Security breaches can occur either because of defective software designs, bad configurations of systems, defective communication protocols, lack of awareness of security procedures or recklessness, improper procedures, and so forth… read more
Research Paper 2 pages (623 words) Sources: 2 Topic: Business / Corporations / E-commerce
Sat, Oct 5, 2024
If you don't see the paper you need, we will write it for you!
We can write a new, 100% unique paper!