Information Security Is The Assurance Intended In A Hostile Environment
Order ID |
53563633773 |
Type |
Essay |
Writer Level |
Masters |
Style |
APA |
Sources/References |
4 |
Perfect Number of Pages to Order |
5-10 Pages |
Description/Paper Instructions
Information Security Is The Assurance Intended In A Hostile Environment
Please reply one paragraph of your thoughts of the below research:
During my research, I came across a sentence that resounded with me. “Information security is the assurance and reality that information systems can operate as intended in a hostile environment” (Shostack, 2012, p.8). This now lends itself to the question, what means the most to me in Information Security? I could dive into how the early security protocols of computers back to the ARPANET was to secure the data at each end of the transmission. But that wouldn’t really sum up what Information Security means to me. Yes, information needs to be secured while in transit, but it only transitions at certain times. So there isn’t a constant ingress or egress of information across the network. But the information still exists. It spends most of the time in stasis on the systems that hold the information, whether it is Amazon, or my bank, or even at my doctor’s office.
While thinking about this, I read about a Paul Karger, and was astounded to realize he actually performed the first Penetration Testing on the Multics military Operating System in 1974. This was the most secure Operating System in the world, and he was able to exploit it very easily. He made some observations that the true weakness of security was at the Operating System (OS) level more than when the data was transmitted. Granted, this doesn’t mean that network security is not risky, it is simply observing that data at the OS level is more susceptible to attacks by malicious software such as Trojan Horses.
His efforts pioneered things like implementing mandatory access controls and a utilizing a secure kernel. Paul Karger’s paper Thirty Years Later: Lessons from the Multics Security Evaluation is a great read on how he was able to identify weaknesses on a Computer System that, even more 30 years later, are still causing issues with computing systems. His observations, in my honest opinion, are almost prophetic, and I am baffled how his recommendations have not been more closely followed.
Dealing with the multitude of systems and networks I have seen in my time, the division of power between roles in IT was imminent. It was dangerous to have someone that had access to accounts and roles, have access to network security as well. A division of power allowing one team to handle network health/data reliability in transit must be different than the team to handle roles and access-control to systems and services, which must also be different than the team to manage intrusion detection and emergency response. Segmenting the roles greatly improves the ability to mitigate the risk. This also allows the best use of least privilege. I personally was called in to counter a series of attacks on a network that originated from a computer system that had a weak password. In that instance, the person had administrative rights to the network with the exact same password used on a system. That allowed the intruder access to systems and network administrative rights. Dividing the roles makes everything easier, even though it requires the user to have two logins to perform two different roles.
While I am on the topic of weak passwords, the latest thing I dealt with in Information Security was the implementations of passphrases as a replacement for the password. It is hard to get people to deviate from the password requirements that have been used for so many years, but the use of a passphrase is exponentially more secure than a password. I say this for two reasons: 1.) People will always be the weakest link to Information Security. The purposefully use easily identifiable passwords to make their logins easier, which makes them easier to crack. and 2.) if a more strict password requirement is needed, people have a tendency to write them down and keep them in easily discovered location or right out in the open. I have even seen the more difficult passwords are given to others a s a way to mitigate “getting locked out” which now means passwords are shared to any number of people, thereby reducing the effectiveness of the password. In fact, just recently, the National Institute of Science and Technology (NIST) has agreed that passwords should be replaced. This can also be referenced in NIST Update: Passphrases In, Complex Passwords Out by Thu Pham. Having dealt with this personally, I can see this being one of the biggest changes in the Cybersecurity front in the foreseeable future.
RUBRIC
QUALITY OF RESPONSE |
NO RESPONSE |
POOR / UNSATISFACTORY |
SATISFACTORY |
GOOD |
EXCELLENT |
Content (worth a maximum of 50% of the total points) |
Zero points: Student failed to submit the final paper. |
20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. |
30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. |
40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. |
50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. |
Use of Sources (worth a maximum of 20% of the total points). |
Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. |
5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. |
10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. |
15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. |
20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. |
Grammar (worth maximum of 20% of total points) |
Zero points: Student failed to submit the final paper. |
5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors |
10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors |
15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. |
20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. |
Structure of the Paper (worth 10% of total points) |
Zero points: Student failed to submit the final paper. |
3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. |
5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper |
7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. |
10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper. |
|
|
GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
Also, you can place the order at www.collegepaper.us/orders/ordernow / www.phdwriters.us/orders/ordernow
|
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!! |
|
|
Information Security Is The Assurance Intended In A Hostile Environment
PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!