sec 280 devry complete week discussions package n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SEC 280 DEVRY COMPLETE WEEK DISCUSSIONS PACKAGE PowerPoint Presentation
Download Presentation
SEC 280 DEVRY COMPLETE WEEK DISCUSSIONS PACKAGE

Loading in 2 Seconds...

play fullscreen
1 / 5

SEC 280 DEVRY COMPLETE WEEK DISCUSSIONS PACKAGE - PowerPoint PPT Presentation


  • 0 Views
  • Uploaded on

Visit Below Link, To Download This Course:\n\nhttps://www.tutorialsservice.net/product/sec-280-devry-complete-week-discussions-package/\n\nOr \nEmail us on\nSUPPORT@TUTORIALSSERVICE.NET\n\nSEC 280 DeVry Complete Week Discussions Package\nSEC280\n \nSEC 280 DeVry Week 1 Discussion 1 Latest\nData Breaches (graded)\nUse one of your favorite search engines (preferably www.google.com) and search world’s biggest data breaches. Select at least two of the major data breaches from the list you found and complete the following.\n• Explain how they impacted you.\n• Many of the breached companies had standard security controls like firewalls and intrusion detection systems. Discuss what was missing in their designs and processes.\n• Add other items that you believe organizations should improve on to avoid breaches.\n

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SEC 280 DEVRY COMPLETE WEEK DISCUSSIONS PACKAGE' - tutorialsservicesnet


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sec 280 devry complete week discussions package

SEC 280 DEVRY COMPLETE WEEK DISCUSSIONS

PACKAGE

Visit Below Link, To Download This Course:

https://www.tutorialsservice.net/product/sec-280-devry-complete-week-discussions-package/

Or

Email us on

SUPPORT@TUTORIALSSERVICE.NET

SEC 280 DeVry Complete Week Discussions Package

SEC280

SEC 280 DeVry Week 1 Discussion 1 Latest

Data Breaches (graded)

Use one of your favorite search engines (preferably www.google.com) and search world’s biggest data

breaches. Select at least two of the major data breaches from the list you found and complete the

following.

Explain how they impacted you.

Many of the breached companies had standard security controls like firewalls and intrusion

detection systems. Discuss what was missing in their designs and processes.

Add other items that you believe organizations should improve on to avoid breaches.

SEC 280 DeVry Week 1 Discussion 2 Latest

Data Integrity as Part of CIA Triad (graded)

Data integrity verifies that data remains unaltered in transit from creation to reception.

Explain what would happen if we were to remove Integrity from the CIA triad.

Discuss how integrity helps with confidentiality and access control.

Discuss the overall impact to digital communication without data integrity.

SEC 280 DeVry Week 2 Discussion 1 Latest

Symmetric Encryption (graded)

the initial encryption standard developed by nist

The initial encryption standard developed by NIST was called data encryption standard (DES). DES is too

weak for modern applications since the key size is only 56-bit. It was replaced by advanced encryption

standard (AES). AES has variable key sizes and can require a key size of 256-bit.

Discuss if you think AES key size has a direct relationship with algorithm strength.

Do you think that AES-256 is necessarily better than AES-128?

How long do you think it would take to launch a brute force attack on AES-128 using a standard

computer?

SEC 280 DeVry Week 2 Discussion 2 Latest

Asymmetric Encryption (graded)

Asymmetric encryption is based on the concept of a private key to decrypt and a public key to encrypt.

RSA and Diffie-Hellman are two common algorithms used for asymmetric encryption, and they are

extremely slow and can be used in limited applications. The key sizes are much larger than symmetric

algorithms.

Explain why asymmetric algorithms, such as RSA and Duffie-Hellman, are relatively slow.

Discuss why asymmetric encryption algorithms require larger key sizes

SEC 280 DeVry Week 3 Discussion 1 Latest

Asymmetric Encryption—the RSA Algorithm (graded)

Asymmetrical encryption uses one key to encrypt and another key to decrypt. The most common

algorithm used in applications is the RSA algorithm. RSAis based on prime numbers.

Select two small prime numbers and compute Product = (p-1)(q-1)and select a number e

between 1 and Product. The ethat you computed is a simplified example of a public key. Post

your selection and computation.

The RSA algorithm and most asymmetric encryption are considered slow. Based on your

computation, explain why the algorithm is slow.

SEC 280 DeVry Week 3 Discussion 2 Latest

TLS/SSL (graded)

TLS/SSL is used to secure http traffic on networks. For this post, access a website requiring HTTPS.

Find and post all the protocols that the site is using (click on the lock on the right end side of your

browser menu for IE).

Find the public key and paste it in your post.

sec 280 devry week 4 discussion 1 latest

SEC 280 DeVry Week 4 Discussion 1 Latest

Hashing Algorithms (graded)

Secure Hash Algorithm is the current hashing standard established by the National Institute for Standard

and Technology. It uses a 160-bit hash but lately most organizations are moving toward a 256-bit hash.

Is a 128-bit hash no longer sufficient for integrity checks?

Explain the likelihood of a collision in a 128-bit hash. You do not need to explain the mathematics.

SEC 280 DeVry Week 4 Discussion 2 Latest

Digital Signatures (graded)

A digital signature is a technique to validate the integrity and authenticity of a message. The signature

provides assurance that the sender is the true sender, and the message has not been changed during

transmission.

What are the similarities between a digital signature and a handwritten signature?

Differentiate among the three different classes of digital signatures.

SEC 280 DeVry Week 5 Discussion 1 Latest

Access Controls (graded)

There are two basic ways to tell if a network or system is under attack. These are with intrusion-detection

systems (IDSs) and intrusion-protection systems (IPSs). Discuss how each of these approaches is

different. Do not forget to include how network-based and hosted-based systems come into play.

You work for a small bank that has only 11 branches, and you must design a system that gives notice of a

possible attack. Discuss what tools can be used, how they can be implemented to protect the bank, and

how they can notify the appropriate people when the network comes under attack.

SEC 280 DeVry Week 5 Discussion 2 Latest

Application Security (graded)

Testing for an unknown is a virtually impossible task. What makes it possible at all is the concept of

testing for categories of previously determined errors. The different categories of errors are

1. buffer overflows (most common);

2. code injections;

3 privilege errors and

3. privilege errors; and

4. cryptographic failures.

Please evaluate the software engineering, secure-code techniques, and the most important rule that

relates to defending against a denial-of-service attack. Here are two types of error categories: the failure

to include desired functionality and the inclusion of undesired behavior in the code. Testing for the first

type of error is relatively easy.

Other items we should understand for error opportunities in applications are related to design, coding,

and testing. How do we assure that these items are addressed in our software-application development

or acquisition?

SEC 280 DeVry Week 6 Discussion 1 Latest

Attacks and Malware (graded)

What are the different ways that malware can infect a computer?

What malware and spyware protection software do you think is the best and why?

There are many types of attacks described in the text. Describe the attack and what method you could do

to avoid such an attack.

Many attacks are carried out by groups of hackers. Describe the objectives of some of these groups.

What is the difference between white-hat and black-hat hackers?

SEC 280 DeVry Week 6 Discussion 2 Latest

Identity Theft (graded)

What steps would you take at your current or future job to ensure that personal information, such as

human resources or customer information, is not compromised?

Do companies have a responsibility to disclose identity-theft breaches that occur in their organizations?

Present a strategy for educating a user about avoiding e-mail risk without saying, “Do not open an e-mail

from someone you do not know.” This has been said many times and has failed. Take the time to think

outside of the box about how you can get people to think before they act with e-mail.

SEC 280 DeVry Week 7 Discussion 1 Latest

Mitigating Risk (graded)

top management asks you to present a review

Top management asks you to present a review of the security risks associated with the various servers in

the computing infrastructure. Take one of the servers and address three security risks from the least (low

risk or moderate risk) to the greatest (high risk) and the kind of risk presented. For instance, if a server is

closer to the network perimeter, it is at a higher risk of being compromised by a hacker. This is where it all

starts. How do you implement consistent security policies?

SEC 280 DeVry Week 7 Discussion 2 Latest

Incident Handling (graded)

Surprisingly, many of us may be unknowing victims of botnets. Because of the rising sophistication of

botnet schemes, your computer can become a zombie along with thousands of other computers that flood

a victim’s network and bring down servers. While the attack is going on, the botnet infects the network

with spam, viruses, and malware. What are the four simple rules of stopping botnets on your personal

PCs?

What are some of the symptoms that would make you suspicious that your computer has been

attacked?

What part of a security incident should be logged?

Download Now