saint com590 Assignment 3

saint com590 Assignment 3

Question # 00079722 Posted By: solutionshere Updated on: 07/05/2015 05:01 AM Due on: 07/05/2015
Subject General Questions Topic General General Questions Tutorials:
Question
Dot Image

COM 590

Assignment 3

Answer all Eight (8) questions.

· Submission Requirements

ü All sentences must be grammatically correct, and free from spelling errors.

ü Your answer for each question should not exceed 250 words.

ü Submit a Single Microsoft Word Document.

ü Font: Times New Roman, Size 12, Double-Space.

ü Cite all references used in APA format.

1. What is the purpose of defining a framework for IT security policies?

2. Why should an organization have a remote access policy even if it already has an acceptable use policy (AUP) for employees?

3. What security controls can be implemented on your e-mail system to help prevent rogue or malicious software disguised as URL links or e-mail attachments from attacking the workstation domain? What kind of policy definition should you use?

4. Why should an organization have annual security awareness training that includes an overview of the organization’s policies?

5. Consider the following real world situation:

A retired Japanese Coast Guard boat (Takachiho) was sold to a pro-North Korean organization without having assurances that navigational data was deleted. The decommissioned patrol boat could have had as many as 6,000 locations recorded over the 250 days of use. The boat was presumably sold to be turned into scrap. Weapons and radio equipment were removed, but no procedures were in place to ensure that navigational data was securely deleted. It is unknown if navigational data were recovered from vessels disposed of through past sales (Muncaster, 2013).

    1. Why was the navigational data on the Japanese Coast Guard vessel not securely deleted?
    2. How could the lost navigational data compromise national security?
    3. How could the Japanese Coast Guard write an effective data disposal policy?
    4. Is a self-assessment of effective security policy a good predictor of actual security? Why or why not?

6. What is meant by Governance Framework? Why is ISO 27000 certification more attractive to companies than COSO or COBIT certification?

7. Locate and read NIST SP 800-53 Revision 4. What are the key benefits of this standard?

8. In your opinion, is the COBIT framework superior to the other standards and frameworks such as the ISO 27000 and NIST? Why or Why not?

References

Muncaster, P. (2013, April). Japan forgot data wipe on ship sold to Pyongyang. Retrieved September 18,

2014, from http://www.theregister.co.uk/2013/04/29/japan_coast_guard_forgets_wipe_data_norks/

Dot Image
Report this Question as Inappropriate
Tutorials for this Question
  1. neil2103
    Tutorial # 00075128 Posted By: neil2103 Posted on: 07/07/2015 09:26 PM
    Puchased By: 3
    Tutorial Preview
    The solution of saint com590 Assignment 3...
      Get the Solution
    Attachments
    Com590_assignment_3.docx (34.1 KB)
    Recent Feedback
    Rated By Feedback Comments Rated On
    zo...57 Rating Fantastic tutorial service 04/26/2017
  Get the Solution

Great! We have found the solution of this question!

Related Questions and Answers

Whatsapp Lisa