Beruflich Dokumente
Kultur Dokumente
Class D: Combustible Metals, which can arise due to metals like Magnesium,
sodium and potassium.
Suppression method: Dry powder can suppress these fires.
According to Whitman and Mattford (2012), fire is a great threat when it
comes to physical security of any company, it is extremely important to know
what the types of fires are and how to suppress them. Fire can destroy the
physical data, injure employees, in a company hence it is important to
understand the counter preventive measures.
4) Finally, why is physical security so important when it comes to having a fullyfledged information security program and architecture?
A) According to Whitman and Mattford (2012), physical security is the basic any
company or organization should have. Physical security represents protection
of the building sites and hence protection of company data. Company data
has to be secured and hence physical security is utmost important.
If physical security is weak, intruder can attack from outside and can gain
control on the company equipment and hence will have access to the
company data. To prevent external attacks by intruders, company should be
well versed with other aspects of physical security as using nature for
physical security, using security guards, having alarm system, using CC TV
cameras for observation.
This will reduce the impact of external attack on the company and company
can focus more on the internal security.
References:
Whitman, M. E., & Mattord, H. J. (2012). Principles of Information
Security. Boston: Cengage Learning.
Zahm, D. (2007). Using Crime Prevention through Environmental Design in
Problem-Solving. US Department of Justice. Retrieved from
http://www.popcenter.org/tools/pdfs/cpted.pdf
1) Explain the difference in prosecuting computer crime. Why is law
seemingly two steps behind new technologies or new paradigms? For
example crime such as denial of service, ransom ware, identity theft that
occur or are initiated from different countries or different law systems.
How can these malicious attacks be prosecuted?
A) According to Whitman and Mattford (2012), the law are rules or a certain
set of behaviors which are drawn out from ethics or socially acceptable
behaviors. Law deals with Privacy, ethics, technology, copyright, export
and espionage, so when the technology is updated or a new technology
comes into picture, there has to be law which takes care of all the above
aspects of the new technology.
For example, if a company releases any new software in the market, there
has to be laws to safeguard its copyright, identity and privacy. So I feel
that statement law is not behind the new technology, it is in such a way
that technology has to be improved upon or updated first then only we
can safeguard it using laws. So creating laws for technology is subset
associated with technology modification (Whitman and Mattford, 2012).
safeguarding data and prevent the incident to occur twice. It also takes
care of damage assessment.
References:
Whitman, M. E., & Mattord, H. J. (2012). Principles of Information Security.
Boston: Cengage Learning.
Techopedia. (2014). Information Assurance. Retrieved from
http://www.techopedia.com/definition/5/information-assurance-ia
USEPA. (2012). Compliance. Retrieved from
http://www.epa.gov/compliance/basics/compliance.html
3) How and why must you design your organization to support a PKI?
A) According to Whitman and Mattford (2012), public key infrastructure has set
of programs, procedures and security policies which help ensure a secure and
trusted communication between sender and receiver.
It is standard which should be followed all over the organization in order to
enable safe transit during encryption for both the parties. If PKI is
implemented it can prevent third party invasion.
PKI uses the digital signatures to attest the public key of individual entities.
The Certification Authorities (CA) which play the central role in PKI, issue
certificates signing the public key of the individual entities with the digital
signatures created by encrypting the public key of the individual with its
private key.
4) What is the purpose of hashing and when it comes to hashing what is a
collision attack?
A) According to Rouse (2014), Hashing is the transformation of a string of
characters into a usually shorter fixed-length value or key that represents the
original string.
Hashing can be used to accomplish tasks such as generate new keys and
passwords for security.
In computer science, a collision or clash is a situation that occurs when two
distinct pieces of data have the same hash value, checksum, fingerprint, or
cryptographic digest.
Impact of collision depends on hash value.
References:
Princeton (2014). Hash collision. Retrieved from
https://www.princeton.edu/~achaney/tmve/wiki100k/docs/Hash_collision.html
The creation of one system for managing all the security, including a
streamlined workflow for creating, deleting and modifying user identities;
A unified network policy for both local network and remote access that
leverages location and status information from physical access systems;