Discuss two of the following statements.Respond to at least two of your classmates’ postings. Try to respond to students who pick different statements.Carefully review the for the criteria that will be used to evaluate this Discussion Thread.
Chapter 11. Distinguish between vulnerability, threat, and control.2. Theft usually results in some kind of harm. For example, if someone stealsyour car, you may suffer financial loss, inconvenience (by losing your mode oftransportation), and emotional upset (because of invasion of your personalproperty and space). List three kinds of harm a company might experience fromtheft of computer equipment.3. List at least three kinds of harm a company could experience from electronicespionage or unauthorized viewing of confidential company materials.4. List at least three kinds of damage a company could suffer when the integrityof a program or company data is compromised.5. List at least three kinds of harm a company could encounter from loss ofservice, that is, failure of availability. List the product or capability to whichaccess is lost, and explain how this loss hurts the company.6. Describe a situation in which you have experienced harm as a consequence ofa failure of computer security. Was the failure malicious or not? Did the attack target you specifically or was it general and you were the unfortunate victim? Chapter 2 1. Describe each of the following four kinds of access control mechanisms interms of (a) ease of determining authorized access during execution, (b) ease ofadding access for a new subject, (c) ease of deleting access by a subject, and (d)ease of creating a new object to which all subjects by default have access.• per-subject access control list (that is, one list for each subject tellsall the objects to which that subject has access)• per-object access control list (that is, one list for each object tells allthe subjects who have access to that object)• access control matrix• capability2. Suppose a per-subject access control list is used. Deleting an object in such asystem is inconvenient because all changes must be made to the control lists ofall subjects who did have access to the object. Suggest an alternative, less costlymeans of handling deletion.3. File access control relates largely to the secrecy dimension of security. Whatis the relationship between an access control matrix and the integrity of theobjects to which access is being controlled?4. One feature of a capability-based protection system is the ability of oneprocess to transfer a copy of a capability to another process. Describe a situationin which one process should be able to transfer a capability to another.5. Suggest an efficient scheme for maintaining a per-user protection scheme.That is, the system maintains one directory per user, and that directory lists allthe objects to which the user is allowed access. Your design should address theneeds of a system with 1000 users, of whom no more than 20 are active at anytime. Each user has an average of 200 permitted objects; there are 50,000 totalobjects in the system.6. Calculate the timing of password-guessing attacks:(a) If passwords are three uppercase alphabetic characters long, how muchtime would it take to determine a particular password, assuming that testingan individual password requires 5 seconds? How much time if testingrequires 0.001 seconds?(b) Argue for a particular amount of time as the starting point for “secure.”That is, suppose an attacker plans to use a brute-force attack to determine apassword. For what value of x (the total amount of time to try as manypasswords as necessary) would the attacker find this attack prohibitivelylong?(c) If the cutoff between “insecure” and “secure” were x amount of time,how long would a secure password have to be? State and justify yourassumptions regarding the character set from which the password isselected and the amount of time required to test a single password.7. Design a protocol by which two mutually suspicious parties can authenticateeach other. Your protocol should be usable the first time these parties try toauthenticate each other.8. List three reasons people might be reluctant to use biometrics forauthentication. Can you think of ways to counter those objections?9. False positive and false negative rates can be adjusted, and they are oftencomplementary: Lowering one raises the other. List two situations in which falsenegatives are significantly more serious than false positives.10. In a typical office, biometric authentication might be used to control access toemployees and registered visitors only. We know the system will have some falsenegatives, some employees falsely denied access, so we need a human override,someone who can examine the employee and allow access in spite of the failedauthentication. Thus, we need a human guard at the door to handle problems, as wellas the authentication device; without biometrics we would have had just the guard.Consequently, we have the same number of personnel with or without biometrics,plus we have the added cost to acquire and maintain the biometrics system. Explain the security advantage in this situation that justifies the extra expense.
Please critique the following article. Leow, M., B.Sc, Chan, Sally, PhD, MSc, BSc,R.N., F.A.A.N., & Chan, Moon Fai,PhD., C.Stat. (2015). A pilot randomized, controlled trial of the effectiveness of a psychoeducational intervention on family caregivers of patients with advanced cancer.(2), E63-E72. doi:http://dx.doi.org/10.1188/15.ONF.E63-E72 Tutorial: http://screencast.com/t/iV94iBCq1noN
Week 1 written business law and ethical behaviorIt is obvious that, objectively speaking, there is no ethical bright line test for society to follow. Whether dealing in Business, Law, Journalism, etc. no two realms have the same ethical guidelines. What is accepted in one faction of society is not always accepted and/or ethical in another faction. Moreover, what is accepted in one situation is not always then again accepted in a subsequent similar situation. What then is the bottom line? The bottom line is – there is no accepted bottom line. We all come to our own ethical make-up based on the positions we hold, the religions we hold ourselves out to be and the experiences we have live through. What is your ethical make up?In a 2-3 page paper, analyze how to ethically guide your life. Do so through determining a set of standards to live by. Furthermore, differentiate where those standards derived from. Finally, conclude how you know these standards are right and/or wrong.Please be sure to give at least five examples of ethical standards in which everyone should live by.
Discuss two of the following statements.Respond to at least two of your classmates’ postings. Try to respond to students who pick different statements.Carefully review the for the criteria that will be used to evaluate this Discussion Thread.
For this Lab please do make sure to include a word document to use called williamclementsSDEV300Lab9 attached. Please format it so it is a professional report including APA Style references for how you fix the 2 separate ZAP Reports attached which are the vulnerability reports I had already ran. So please be well-organized and include a table of contents, page numbers, figure and table numbers. The writing style should be paragraph style with bullets used very sparingly to emphasize specific findings. In other words, this should be a professional report and demonstrate mastery of writing.Those two reports are week7 local host website that was created last week and a local host site that was given to evaluate this week. After documenting all the issues and how you fixed them, send those two files two me as a zip file separately attached so I can run the files again and be sure there are no more vulnerability issues for any of the 2 different local lost websites. Below is what is required! Include your full name, class number and section and date in the document. UMUCTutorLamp.zip (supplied local host site by teacher). answer_2.0.zip (My website created).ZAP Scanning Report for week7 Lab.docx (should open in a word document with the vulnerability report for the site). williamclementsSDEV300Lab9.dox (Please use that for the report as mentioned above and send back along with the zip file edits).
Please critique the following article. Leow, M., B.Sc, Chan, Sally, PhD, MSc, BSc,R.N., F.A.A.N., & Chan, Moon Fai,PhD., C.Stat. (2015). A pilot randomized, controlled trial of the effectiveness of a psychoeducational intervention on family caregivers of patients with advanced cancer.(2), E63-E72. doi:http://dx.doi.org/10.1188/15.ONF.E63-E72 Tutorial: http://screencast.com/t/iV94iBCq1noN
For this Lab please do make sure to include a word document to use called williamclementsSDEV300Lab9 attached. Please format it so it is a professional report including APA Style references for how you fix the 2 separate ZAP Reports attached which are the vulnerability reports I had already ran. So please be well-organized and include a table of contents, page numbers, figure and table numbers. The writing style should be paragraph style with bullets used very sparingly to emphasize specific findings. In other words, this should be a professional report and demonstrate mastery of writing.Those two reports are week7 local host website that was created last week and a local host site that was given to evaluate this week. After documenting all the issues and how you fixed them, send those two files two me as a zip file separately attached so I can run the files again and be sure there are no more vulnerability issues for any of the 2 different local lost websites. Below is what is required! Include your full name, class number and section and date in the document. UMUCTutorLamp.zip (supplied local host site by teacher). answer_2.0.zip (My website created).ZAP Scanning Report for week7 Lab.docx (should open in a word document with the vulnerability report for the site). williamclementsSDEV300Lab9.dox (Please use that for the report as mentioned above and send back along with the zip file edits).