DeVry SEC 571 Week 8 Final Exam Latest




DeVry SEC 571 Week 8 Final Exam Latest

Question 1. 1. (TCO A) You are responsible for developing a security evaluation process that can be used to assess various operating systems both during and after development. List the five most desirable qualities your evaluation process should have and explain why they are important. (Be sure to address qualities of the evaluation process, not specific metrics for assessment of operating systems.)

Question 2. 2. (TCO B) Acme Films produces advertisements for cable television stations. They have two locations in a large metropolitan area. Building 1 contains the administrative, sales, marketing, human resources, development, and graphics departments. Building 2 contains the sound stages, production and post production facilities, equipment, and mobile unit storage.The two buildings, five miles apart, are connected by a VPN using a T1 connection. Each location is protected by hardware firewalls and each location has a DMZ. Building 1’s DMZ includes Web, FTP, DNS, and e-mail servers. Building 2’s DMZ includes an FTP server from which clients can access work product. Network-based IDS systems are placed in the DMZs. There are 75 Windows XP workstations in each location. Workstation security is centrally managed and includes anti-virus, anti-spyware, and patch management. File, application, database, and print servers at each location are protected by anti-virus, anti-spyware, and patch management. Internet access is provided to users via a proxy server and NAT.

User authentication is controlled by Windows 2008 Active Directory and users must authenticate by using a smart card and entering a PIN. Discretionary access control methods are in use.

List and assess three security threats faced by the information technology systems and list and describe 1 security control needed that would be appropriate to address each threat. (Points : 40)

Question 3. 3. (TCO C) Why is a firewall usually a good place to terminate a Virtual Private Network (VPN) connection from a remote user? Why not terminate the VPN connection at the actual servers being accessed? Under what circumstances would VPN termination at the server be a good idea?

Question 4. 4. (TCO D) A computer programmer has been arraigned for a computer crime. She is suspected of having accessed system files on a public Web server. The programmer’s attorney argues that his client was only trying to determine if the website was secure and that no harm was done to the Web server or its system files. The programmer’s attorney also argues that it is possible that the log files that show that his client accessed system files were tampered with. The attorney claims that the Web server was made accessible to the public anyway so that there was no violation of the law and that the arraignment against her client should be thrown out. You’re the judge. What is your analysis of these arguments? (Points : 40)

Question 5. 5. (TCO E) After reading about attacks on servers similar to the ones used in one of your company’s departments, the CIO has asked you to come up with a report as to what, if any, steps should be taken with your servers. List and describe the steps you would need to take in order to complete a detailed report. (Points : 40)

Question 6. 6. (TCO F) Are ethics a matter of absolute right and wrong or are they changeable? Can an ethical person consider something to be wrong and then, later, consider that same thing to be right while still being ethical? Explain your reasoning. (Points : 40)

Question 7. 7. (TCO G) Which of the following statements is true? (Points : 20)

A patent is typically easier to obtain than a copyright.

Computer programs cannot be copyrighted.

The “fair use doctrine” prohibits reproduction of copyrighted material.

Copyright applies to ideas. Patents apply to things.

In order to assure patent rights, the holder need not oppose all infringement.

Question 8. 8. (TCO H) Some IT department policies are designed to prevent behaviors by IT staff. While some depend upon the employee voluntarily complying with the policy (for example: do not reveal technical information to outside parties), others are enforced technically (for example, authentication required for system access). What is an example of a policy that technically enforces ethical behavior by IT staff? Provide policy wording for your example. (Points : 40)

DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for DeVry SEC 571 Week 8 Final Exam Latest, then contact us through call or live chat.

DeVry SEC 571 Week 8 Final Exam Latest

Best DeVry SEC 571 Week 8 Final Exam Latest

DeVry SEC 571 Week 8 Final Exam Latest