DeVry SEC 591 All Discussions Latest




DeVry SEC 591 All Discussions Latest

DeVry SEC 591 Week 1 Discussions Latest

DQ1 Assessing risk using the TAM

What is a risk assessment? How does the threat assessment model (TAM) relate to Risk Assessment activities? Why do you believe it is useful to help define these terms for analytical evaluations?

DQ2 The rationale for contingency planning

What is the relationship between technology and competitive advantage in today’s economy? Why is it so important to consider IT risk management, disaster recovery, and contingency planning?

DeVry SEC 591 Week 2 Discussions Latest

DQ1 The Value of the BIA

In the context of Risk Assessment (RA), what is the value of a Business Impact Analysis (BIA)? How is the RA process related to the BIA process?

DQ2 The Contingency Plan Coordinator

What is the role of the Contingency Plan Coordinator (CPC) in the scope of preparing a BIA? Should the CPC develop the BIA on their own? What is the risk of not involving the business and IT stakeholders? Who should they involve and why?

DeVry SEC 591 Week 3 Discussions Latest

DQ1 Recovery Strategy

Recovery Strategies (RS) are used to respond to business impacts outlined in the BIA. What considerations should be in place in addition to the BIA? Should the CPC be factored in to the strategy? How does leadership reflect upon the Recovery Strategy?

DQ2 Data Backup Strategies

Data backups are critical to long-term business continuity. What would you consider to be core strategies related to data backup? How should backup, fault tolerance, and redundancy technologies be used in concert to guarantee the CIA of the information system?

DeVry SEC 591 Week 4 Discussions Latest

DQ1 Should We Disrupt Operations to Test?

Section 3.5 of the SP800-34-rev1 discusses the importance of testing, classroom, and functional exercises; this week in lecture we touched on the various types of testing that DRPs undergo. How much testing is appropriate? How is success measured?

DQ2 Auditing the DRP to Standards

Evaluate the following documents:

  1. 1.AIRMIC ERM & ISO31000 ( ERM ISO31000 ); note this site requires an e-mail address to obtain the document for personal use only.So this reference is optional.
  2. 2.ISO 17799 Security Standard (
  3. 3.NIST 800-34 rev1

How could a firm use each of these standards? Are they redundant? Do they serve separate purposes? Which would you be likely to deploy or use, and why? Are there other standards or sources of information that would be useful?

DeVry SEC 591 Week 5 Discussions Latest

DQ1 Scaling Storage

Let’s discuss some of the risks and advantages associated with virtualization, NAS, and SAN. Transitioning from client/server to data center architecture, these concepts are discussed in NIST SP800-34 Section 5, and may be easily found on the Web. Is there a barrier to entry? What is the difference between file-oriented storage and transaction-oriented storage? What are the pros and cons of each technology and where is their sweet spot? Is there a cost barrier? Within the scope of this discussion, we’ll also talk about encapsulating SCSI protocol in TCP/IP (iSCSI) and other forms of network storage. How does scaling our storage architecture relate to Risk Management/Contingency Planning?

DQ2 Scaling and Recovering the WAN

SONET, ISDN, Frame Relay, ATM – all of these are wide area protocol examples that are traditionally associated with leased circuits, which can include ISDN BRI/PRI; DS-x – T1, T2, and T3; or Optical Carrier circuits (OC). These concepts are explored briefly in the NIST SP800-34 Section 5, but you can easily find more information on the Web. In a disaster recovery situation, what is the benefit of a leased circuit over an open or virtual circuit? Can you exploit a connection to an ISP?

These days, some firms are forgoing the expense of a private leased WAN in favor of a public vWAN. What challenges do you foresee guaranteeing CIA over the WAN function with this approach? How does managing the WAN relate to contingency planning?

DeVry SEC 591 Week 6 Discussions Latest

DQ1 Crisis Communication of Giuliani & Nagin

Research Rudolph Giuliani and C. Ray Nagin in the context of both their disasters that happened while holding the Office of the Mayor for New York City and New Orleans, respectively: 9/11 and Hurricane Katrina. Compare and contrast these two subjects given their communication to the public both during and after the disaster. What was different? How does controlled crisis communication affect DRP execution?

DQ2 Crisis Communication Plan (graded)

What is the role of the Crisis Communication Plan (CCP) in the NIST SP800-34 Framework? Does a CCP differ from a press release? If so, how? Are shareholder or consumer or employee or public perceptions about your handling of a disaster important? What happens if the CCP is bad or does not exist at all?

DeVry SEC 591 Week 7 Discussions Latest

DQ1 Securing a crime scene

Examine the “five steps” to the evidentiary process if the incident caused a severe outage. How does this process grain against the impulse of the IT Manager or Contingency Plan Coordinator? How does the Cyber Incident Response Plan (CIRP, NIST SP800-34) address this problem?

DQ2 Understanding the exceptions

Review the U.S. Department of Justice document explaining the Fourth Amendment protections in context of preparing electronic evidence. What are some noteworthy issues, recommendations, observations, or comments you have regarding these exceptions?


DeVry Courses helps in providing the best essay writing service. If you need 100% original papers for DeVry SEC 591 All Discussions Latest, then contact us through call or live chat.

DeVry SEC 591 All Discussions Latest

Best DeVry SEC 591 All Discussions Latest

DeVry SEC 591 All Discussions Latest