Homework Responses Wk 5
Please prepare a response to each of the attached documents for total of 4 responses. The responses need to be at least 150 words each. The responses should be as if you are talking directly to the person.
Due in 36 hrs.
Defense in Depth is a security system that employs a multiple number of layered controls and mechanisms. The general premise being that if one of the layers of control fails, there will be another one after it. This defense system has been used through out history by militaries. When used as a military strategy, the primary goal was to delay an attack and buy time in order to develop and employ a more successful counter strike. This defense in depth strategy was quickly applied to physical security and information technology security. IT systems incorporate numerous different controls to keep systems and information secure. In the IT worlds, the controls incorporated into a layer defense system include firewalls, intrusion prevention, endpoint detection and response, and network segmentation (2020). Utilizing this strategy can help make network and information security much more effective, increasing the amount of time and complexity involved in compromising a system (2020).
The importance of testing detection systems is due to the fact that they are generally very expensive and are can be protecting important assets. Since the most vital features of a detection system are not typically used everyday, it can be easy fail without being known. Power outages, internet failures, and criminals are some of the reasons that systems are become compromised. Testing information security systems can be broken into three different methods. Testing, which involves exercising one or more objects while creating certain conditions to compare real time with expected behaviors (Scarfone, 2008). Examination, which assesses and studies asset or control failures (Scarfone, 2008). Interviewing is the final method used to test and assess security systems, it is the process of discussions with groups within an organization to identify and understand evidence collected in the testing and examination process (Scarfone, 2008).
References:
Vacca, J. (2017). Computer and Information Security Handbook (Third ed.) [
Https://www.sciencedirect.com/book/9780128038437/computer-and-information-security-handbook
]. Elsevier.
Cybersecurity Spotlight – Defense in Depth (DiD). (2020). Retrieved December 03, 2020, from
https://www.cisecurity.org/spotlight/cybersecurity-spotlight-defense-in-depth-did/
Scarfone, K. (2008). Technical Guide to Information Security Testing and Assessment. Retrieved December 03, 2020, from
https://www.govinfo.gov/content/pkg/GOVPUB-C13-894df23cbad6ad74af7d49c17b081dd1/pdf/GOVPUB-C13-894df23cbad6ad74af7d49c17b081dd1 2
Defense-in-Depth (DiD)
The DiD strategy can be translated and utilized in all forms of security. This approach’s main objective is to implement a series of security controls and features that are layered to protect the integrity of a system or organization. DiD is widely used amongst IT professionals when implementing protocols to protect sensitive data. Detection systems employed, especially in the modern age, are heavily monitored by software systems and other technological equipment. DiD, if implemented correctly, can ensure that the technology that maintains the operational capabilities of the detection systems remains working and doing what its intended purpose was. Hackers may try to tap into a system to stop whatever piece of equipment is used actually to make the entry. If the proper defense-in-depth measures are implemented within the network system, then the intruders will not be able to or will have a hard time breaking through the IT security measures. Therefore, the detection systems will remain operational, thwarting any kind of intrusion or alerting to it. DiD promotes the safety and security of the system’s integrity.
Methods that ensure system performance in detection systems
Ensuring that a detection system an organization uses remains to the standard that is expected, quantitative testing must be done regularly. Certain detection systems, such as motion detection or camera systems, can be physically tested to document the detection rate and detection quality. If a motion sensor does not send a signal to the operator promptly, the intruder may swiftly move past the detector and to a new area making it hard to determine the exact location of the intruder. Utilizing software such as a Network Security Monitor to construct user-simulations can also help ensure the detection systems are working properly. Conducting simulated tests for a piece of equipment or software puts the technology through rigorous scenarios to push the capabilities to the brink. This is the best way to determine if the systems can meet the organization’s needs, expectations, and specifications deemed necessary. Simulations can also be run periodically to test the durability of a system by an organization. Durability should be a key element for conducting inspections and quality assurance. Otherwise, an organization possibly spending thousands to hundreds of thousands of dollars on a detection system could have a costly paperweight after a short period of time. Overall, incorporating testing and simulations based on best-known scenarios is the best option to ensure that the detection system in question can meet the organizations’ needs.
· Nick
References:
N. J. Puketza, K. Zhang, M. Chung, B. Mukherjee, and R. A. Olsson, “A methodology for testing intrusion detection systems,” in IEEE Transactions on Software Engineering, vol. 22, no. 10, pp. 719-729, Oct. 1996, DOI: 10.1109/32.544350.
Good afternoon class,
The abstract is a brief summary of your paper that is at the beginning of the paper. This allows the reader to decide if they want to spend the time reading your paper or not. The abstract is also used for indexing whenever the paper is published, this allows researchers to quickly sort through the masses of research available. The abstract should include the problem that your paper is addressing, the methods and designs that were used to collect data for your research, you must identify numbers and the populations in which your data came from, and the analytical process and implications of your research. The abstract should be limited to 150-250 words.
Following the abstract is your introduction. It is best to start your paper with a narrative hook. A narrative hook is what reels in the reader and what makes them want to read your paper. It is best that you word your introduction in a way that a non expert reader can understand what follows in the research. The introduction should be very specific and clearly written in a way that allows the reader to asses whether or not your research is pertinent to them. Due to the fact that you want your abstract and introduction very clear and direct, you want to avoid using rhetorical questions in these sections of the paper.
Sources:
Sources
Adapting to your audience. (2016). Retrieved from
http://writing.colostate.edu/guides/guide.cfm?guideid=19
.
Koopman, P. (1997). How to Write an Abstract. Carnegie Mellon University. Retrieved from
https://users.ece.cmu.edu/~koopman/essays/abstract.html
.
Lancaster, F.W. (2003). Indexing and abstracting in theory and practice. (3rd ed.). London, England: Facet.
Searching for academic research can be a challenge. Choosing a research paper based on the title is synonymous to judging a book by its cover. Luckily, the abstract helps to solve that problem. The abstract is the most read part of a research paper and is frequently used to determine if the research fits the criteria of the reader. It should be concise and contain a few key pieces of information.
A primary purpose of the abstract is to clearly state the purpose of the research. Usually this takes the form of describing a problem and stating how the research aims to provide insight. The author might also include the significance of the study and who would benefit from the lessons learned. Additionally, it should summarize the methodologies used to conduct the research. Finally, if the abstract is informative in nature, it will also include a synopsis of the findings and conclusions of the author.
It is also important to know that the abstract is used for indexing purposes. Essentially, the online catalogs allow the user to search by key word. This function searches the titles and abstracts of articles to help a user identify the most relevant material.
The introduction expands on the information provided in the abstract. It will generally discuss other scholarly works relevant to the research, as well as explaining how the proposed research aims to further clarify or correct the existing articles. The introduction is really the beginning of the paper. As such, it bears the responsibility of capturing the reader’s attention.
A common tool for enticing a reader is known as the narrative hook. A narrative hook is statement that generates thought with the reader and often contains a charging element that allows the reader to relate, or buy in, to the research. Current events, statistics, movie references, and other easily relatable topics are often the center of a narrative hook. Since narrative hooks are designed to generate emotion in the reader, consideration should be given to any bias it could generate. It is for this reason that questions should be avoided as a part of the narrative hook.
References:
American Military University. (n.d.). SSGS300 – Week 4: Abstract & Introduction Page. https://myclassroom.apus.edu/d2l/le/enhancedSequenceViewer/22284?url=https%3A%2F%2Ff54cbe36-23a9-4505-85fe-e251f80ec34d.sequences.api.brightspace.com%2F22284%2Factivity%2F1695938%3FfilterOnDatesAndDepth%3D1
Reply to Thread