John Moura
Chapter 2: Planning for Security
Review Questions
1. Describe the essential parts of planning. How does the existence of resource constraints affect the need for planning?
Answer: Organizational planning, described below, and Contingency planning, which focuses on planning or unforeseen events. Organizations must be able to forecast their needs relative to available resources as best they can to insure best decision making.
2. What are the three common layers of planning? How do they differ?
Answer: Strategic – lays out long term goals, Tactical – more short term focus, Operational – daily and on-going operation goals
3. Who are the stakeholders? Why is it important
…show more content…
3) Logical Design - team members create and develop a blueprint for security, and examine and implement key policies . 4) Physical Design - Team members evaluate the technology needed to support the security blueprint, generate alternative solutions, and agree upon a final design
5) Implementation - The security solutions are acquired, tested, implemented, and tested again
6) Maintenance - Once the information security program is implemented, it must be operated, properly managed, and kept up to date by means of established procedures
12. What is a threat in the context of information security? How many categories of threats exist as presented in this chapter?
Answer: Compromises in intellectual property. 12
13. What is the difference between a threat and an attack?
Answer: Threats are areas where there is potential for an attack An attack is an act or event that exploits those vulnerabilities.
14. How can vulnerability be converted into an attack? What label would we give to the entity that performs this transformation?
Answer: Threat agent. Back doors, brute force, buffer overflow etc..
15. What name is given to an attack that makes use of viruses and worms? What name is given to an attack that does not actually cause damage other than wasted time and resources?
Hazards are activities or events that cause loss of life, injury, property damage, social and economic disruption, or environmental degradation. These hazards can be natural or manmade, such as earthquakes, hurricanes, tornadoes, floods, wildfires, and terrorist attacks. Vulnerabilities can be described as the potential for hazards. Vulnerabilities can be such things as geographical locations, a community up north has a lower vulnerability for hurricanes, as compared to Florida communities. Risk is described as the level of protection a community or area will have if they are involved in a hazard, and the certain groups
A threat is defined as a potential cause of an incident that may cause harm of systems and organisation, or data. A potential and obvious threat is someone physically stealing hardware, or data. Physical threats are any incident that could result in the loss or physical damage to a computer system, there are threats that are pretty much unpreventable such as fire, floods, lightening, and earthquakes, and these are all physical threats that are uncontrollable. The humidity in rooms which computers are in does to an extent need to be controlled, if the room is too hot or cold if could have a negative effect on a computer system. There are also human threats such as; vandalism, theft, disruption, accidental or intentional errors.
The next step is to identify the risks, threats and vulnerabilities. Hackers attack from the Internet, failure of hardware or software systems, or network outages are the most common threats. And common vulnerabilities are absence of firewall and antivirus software, absence of update patches, not adequately trained associates etc.
2. Active Attack: Active attacks are those attacks where the attacker takes malicious action in addition to passively listening to ongoing traffic e.g. attacker might choose to modify packets, inject packets or even disrupt network service. The misbehaving node has to bear some energy costs in order to perform some harmful operation like changing the data. Active attacks cause damage and are malicious which often threaten integrity, availability of the network. These type of attacks can be internal or external [7].
6. Planning - It includes the five component parts of an operation which includes the situation, mission, execution, logistics, and the command and signal.
The risk of an attack
Vulnerability: a weakness or fault in a system or protection mechanism that opens it to attack or damage.
5. What is the next step the team members must take in order to complete their project plans?
Cyberterrorism is generally understood to refer to highly damaging computer-based attacks or threats of attack by non-state actors against
Vulnerability is a weakness is a system that leaves the system open to attacks. Exposure is the known vulnerabilities that make a system weak and open to attacks without protection.
Planning is considered to be a primary function of management. All organisations operate in a complex, dynamic and competitive business environment, and therefore, have to plan their actions without which they may not be able to survive.
Planning is a process of establishing a mission with clear goals as a means to achieve them. Good planning requires special skills and perspectives allowing decision-makers to understand the challenges they are facing and apply the most effective solution to a problem. In order to achieve success, one must plan accordingly. Planning can be short term or long term. Short term plans are done on daily basis and are easier to achieve than long term plans. Long term plans are also known as strategic plans and are used to achieve a long range vision or mission of a company. In both methods of planning, short term and long term, is necessary to achieve top notch results. Like in any other process, there are both benefits and pitfalls to a
The objective of this study was to develop a strategic contingency planning model to be used to fully incorporate emergency management and business continuity into organization structures. (For the purpose of this study, Emergency Management and Business Continuity were collectively referred to as “contingency planning.”) Presently, contingency planning is mainly done on an operational or tactical level. Current thinking suggests that contingency planning should be an active part of organizations’ overall strategic planning processes as well. Organizations will ultimately be better prepared for future disasters and crises.
As mentioned above the first threat in this threat modeling process is vulnerability and threat source identification. In this step it is job of the threat modeler to perform research to identify detailed sources of information about threats and vulnerabilities. When choosing sources about threat and vulnerabilities it is essential to ensure that the sources are up to date and credible. This often requires the threat modeler to look for published sources of information or even scholarly websites to ensure the integrity and accuracy of the information. One example of an excellent source for information about threats and vulnerabilities which are commonly used by threat modelers in the National Institute of Technology’s National Vulnerability Database. This is an up to date government repository of identify vulnerabilities
Chapter 4: How do you think planning in today’s organizations compares to planning in an organization 25 years ago? Do you think planning becomes more important or less important in a world where everything quickly changes and crises are a regular part of organizational life? Why?