Sunteți pe pagina 1din 3

SEC 571 Principles of Information Security & Privacy DeVry

Visit: www.academicguider.com
SEC 571 Week 1 Quiz Solutions
SEC 571 Week 1 DQ 1 Vulnerabilities of Your Systems
SEC 571 Week 1 DQ 2 Threats against Your Systems
SEC 571 Week 2 DQ 1 Security Issues in Telecommunications
SEC 571 Week 2 DQ 2 What Access Controls Are in Use
SEC 571 Week 3 Course Project - Phase I (Part I)
SEC 571 Week 3 DQ 1 Cryptographic Products
SEC 571 Week 3 DQ 2 Cryptographic Standards
SEC 571 Week 4 Midterm Exam
SEC 571 Week 4 DQ 1 Network Services
SEC 571 Week 4 DQ 2 Security Architecture
SEC 571 Week 5 DQ 1 Case Study - Would you hire Goli
SEC 571 Week 5 DQ 2 Privacy - Right or Privilege
SEC 571 Week 6 DQ 1 BC and DR
SEC 571 Week 6 DQ 2 Meeting Regulations
SEC 571 Week 7 Course Project - Phase II (Part I and II)
SEC 571 Week 7 DQ 1 Personal - Group Ethics
SEC 571 Week 7 DQ 2 Security Skills
SEC 571 Week 8 Final Exam
Course Project: Security Assessment & Recommendations for Aircraft Solutions

Visit: www.academicguider.com

SEC 571 Entire Course Week 1 - 8


USD 88.00

SEC 571 Full Course Project Week 3, 7


USD 49.00

SEC 571 Full Course Project, Midterm, Final Exam Guide


USD 68.00

SEC 571 Week 3 Course Project - Phase I (Part I)


USD 25.00

SEC 571 Week 7 Course Project - Phase II (Part I and II)


USD 35.00

SEC 571 All Discussions Week 1 - 7

USD 29.00

SEC 571 Week 1 Quiz Solutions


USD 10.00
1. Question (TCO A) Describe an organizational information situation where data integrity
would be more important than data availability or confidentiality.
2. Question (TCO A) Which of the following is the strongest password?
3. Question (TCO A) While our focus in the course is on threats to information systems, this
question focuses on the concept of threats, vulnerabilities, and controls as applied to other kinds
of systems. Select two examples of threats to aircraft for which aviation manufactures and/or
regulators have instituted controls. Describe the vulnerabilities for which the controls were
created and assess the effectiveness of these controls giving the justification for your assessment.
Your answer does not need to address information security but you need to demonstrate your
understanding of the terms: threat, vulnerability, and control. (Note: specific answers to this
question are not in the assigned reading material.)
4. Question (TCO A) Network enumeration is used to

SEC 571 Week 4 Midterm Exam Solutions


USD 20.00
1. Question (TCO A) What are the three goals of security in computing? For each goal, list two
controls that can be implemented to help achieve that goal.
2. Question (TCO A) May a database contain two identical records without a negative effect on
the integrity of the database? Why or why not?
3. Question (TCO B) Its been said that firewalls are dead. Some think that, because of the
prevalence of application-layer attacks, packet filtering firewalls are of no real use in protecting
networks. Name three advantages of using packet filtering firewalls in modern networks.
4. Question (TCO C) Respond to each part of this question: a) Describe how a long number
(encryption key) can be shared between sender and receiver without using any source that is
obvious to outsiders and without directly sending the number from sender and receiver. b)
Describe how a long number (encryption key) can be shared between sender and receiver over an
unsecured network without loss of confidentiality.
5. Question (TCO B) Which of the following is a correct statement?

Visit: www.academicguider.com
SEC 571 Week 8 Final Exam
USD 29.00
1. (TCO A) You are responsible for developing a security evaluation process that can be used to
assess various operating systems both during and after development. List the five most desirable
qualities your evaluation process should have and explain why they are important. (Be sure to
address qualities of the evaluation process, not specific metrics for assessment of operating
systems.) (Points : 40)
2. (TCO B) The Open Systems Interconnection model is inherently inefficient. On the source
host, each layer must take the work of higher layers, add some result, and pass the work to lower
layers. On the destination host, each layer must process these results from lower layers and pass
the appropriate information to upper layers. Surely this wrapping and unwrapping process is
inefficient. Assess the security advantage of this layered approach. (Points : 40)
3. (TCO C) Why is a firewall usually a good place to terminate a Virtual Private Network (VPN)
connection from a remote user? Why not terminate the VPN connection at the actual servers
being accessed? Under what circumstances would VPN termination at the server be a good idea?
(Points : 40)

4. (TCO D) A computer programmer has been arraigned for a computer crime. She is suspected
of having accessed system files on a public Web server. The programmers attorney argues that
his client was only trying to determine if the website was secure and that no harm was done to
the Web server or its system files. The programmers attorney also argues that it is possible that
the log files that show that his client accessed system files were tampered with. The attorney
claims that the Web server was made accessible to the public anyway so that there was no
violation of the law and that the arraignment against her client should be thrown out. Youre the
judge. What is your analysis of these arguments?
5. (TCO E) After reading about attacks on servers similar to the ones used in one of your
companys departments, the CIO has asked you to come up with a report as to what, if any, steps
should be taken with your servers. List and describe the steps you would need to take in order to
complete a detailed report. (Points : 40)
6. (TCO F) In the U.S., laws are enforced by police agencies and the courts. What are ethics and
who enforces them? (Points : 40)
7. (TCO G) Which of the following statements is true? (Points : 20)
8. (TCO H) Some IT department policies are designed to prevent behaviors by IT staff. While
some depend upon the employee voluntarily complying with the policy (for example: do not
reveal technical information to outside parties), others are enforced technically (for example,
authentication required for system access). What is an example of a policy that technically
enforces ethical behavior by IT staff? Provide policy wording for your example. (Points : 40)

Visit: www.academicguider.com

S-ar putea să vă placă și