Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Physical vulnerabilities, such as users who leave their systems running while still logged in can also create security concerns, even in the case of a secure system. While systems should have automatic log-outs after a specific period of time, it is impossible for a system to be totally secure if it is being used by an employee who does not follow proper security protocols.
Question 4: Identify five (5) important documentation types necessary for the assessment and explain why they are important.
Network-based testing tests "components of application vulnerability assessment, host vulnerability assessment, and security best practices" ("Security assessment questionnaire," CMU, 2011). It is used to "assess the ease with which any outsider could exploit publicly available information or social engineering to gain unauthorized access" from the internet or intranet due to weak encryption, authentication, and other vulnerabilities ("Security assessment questionnaire," CMU, 2011).
Host-based assessment evaluates the "the health and security of given workstation or server" ("Security assessment questionnaire," CMU, 2011). It assesses if security controls like anti-virus software are up-to-date and indentifies if unnecessary services are running. It also assesses how up-to-date and vulnerable security controls may be on a workstation; just like network testing does on a general level. Application assessment...
Compliance assessment audits systems for compliance with federal regulations such as HIPAA, FERPA, GLBA, and PCI. Physical security assessment interviews staff to ensure that they are knowledgeable in correct procedures (such as logging out when stepping away from a computer) and determines if all systems are physically secure and safe from human and environmental threats ("Security assessment questionnaire," CMU, 2011).
Works Cited
Brandt, Andrew. "How to stop operating system attacks." 2009. PC World. [1 Nov 2011]
http://www.pcworld.com/article/157821/how_to_stop_operatingsystem_attacks.html
"Security assessment questionnaire." Carnegie Mellon University. [1 Nov 2011]
Retrieved November 1, 2011 at http://www.cmu.edu/iso/service/sec-assess/Assessment%20Questionnaire.doc
"Top 9 IT security threats of 2009." Net Security. 2009. [1 Nov 2011]
http://www.net-security.org/secworld.php?id=6845
Works Cited
Brandt, Andrew. "How to stop operating system attacks." 2009. PC World. [1 Nov 2011]
http://www.pcworld.com/article/157821/how_to_stop_operatingsystem_attacks.html
"Security assessment questionnaire." Carnegie Mellon University. [1 Nov 2011]
Retrieved November 1, 2011 at http://www.cmu.edu/iso/service/sec-assess/Assessment%20Questionnaire.doc
http://www.net-security.org/secworld.php?id=6845
" (Vossekuil, Borum, Fein, and Reddy, 2008) Stated to be an example of inductive assessment strategy is that of profiling. Profiling involves a description of the 'typical perpetrator' being compiled through use of characteristics that previous perpetrators of that specific type of crime have met. This profile is then used as a template or prototype for comparison of individuals who are believed or suspected to be a potential perpetrator. In contrast,
Since access to the site is significantly restricted, the probability of external threat not highly likely. However, the fact that only two guards are stationed at the access gate, leaving the rest of the surrounding perimeter somewhat vulnerable, could provide more access to the site than is desirable. The building itself is, however protected by alarm systems, which contributes to a lower level of vulnerability. The vulnerability level is
Tactics and Strategies Used by Al-Qaeda Al-Qaeda has come to rely on the suicide attack as its major terror tactic, which is not only terrifyingly effective but also most difficult to prevent. The reason for the success of the strategy is simple: any targeted killing has traditionally been difficult to carry out due to a basic human instinct of self-preservation and any terrorist used to prefer to escape unharmed while carrying
Threat Assessment South America's very old, biggest, most competent, and well- equipped rebellion having Marxist origin is the Revolutionary Armed Forces of Colombia - FARC. The uproar and clashing in the 1950s involving liberal and conservative militias lead to the civil war that demolished Columbia and from here FARC came into existence. The murder of liberal party leader Jorge Eliecer by the representatives of the conservative government ignited the battle between
Threats of Violence in Counseling and Psychotherapy There is an urban legend about an incident at a mental hospital caught on video: a psychotic patient at a hospital, who has a history of threatening violent acts, manages to smuggle a screwdriver from a workman. This patient, armed with said screwdriver, barricades himself into a room, takes a nurse hostage, and does not respond well to the attempts made by psychiatrists and
Threats to Ownership and Copyright of Intellectual Property The intellectual property (IP) is defined as an original creative work, which may be tangible or intangible form legally protected by law. (Raman, 2004). The intellectual properties include the rights to scientific, artistic and literary works. Moreover, IP covers the invention of human endeavor, scientific discoveries, and industrial design. A current revolution of information technology has made IPs the greatest assets of assets.