User Account

All Pages

Determiningt the it systems architecture

Assignment Help Basic Computer Science
Reference no: EM131406828

IT Systems Architecture

You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including proper citations.

Leadership is not familiar with the architecture of the IT systems, nor are they familiar with the types of threats that are likely or the security mechanisms in place to ward off those threats. You will provide this information in tabular format.

Before you begin, review some material on information security. These resources will help you complete the network security and vulnerability threat table.

  • LAN security

References

National Institute of Standards and Technology, US Department of Commerce.(1994). Specifications for guideline for the analysis local area network security (Federal Information Processing Standards Publication 191). Retrieved from https://www.nist.gov/itl/upload/fips191.pdf

Souppaya, M., &Scarfone, K., National Institute of Standards and Technology, US Department of Commerce. (2012). Computer security: Guidelines for securing wireless local area networks (WLANs): Recommendations of the National Institute of Standards and Technology (NIST Special Publication 800-153). Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-153.pdf

  • Availability

Reference

National Institute of Standards and Technology.(2004). Standards for security categorization of federal information and information systems. Retrieved from https://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf

Now you're ready to create your table. Include and define the following components of security in the architecture of your organization, and explain if threats to these components are likely, or unlikely:

  • LAN security
  • identity management
  • physical security
  • personal security
  • availability
  • privacy

Next, review the different types of cyberattacks described in the following resource:  cyberattacks. As you're reading take note of which attacks are most likely to affect your organization. Then list the security defenses you employ in your organization to mitigate these types of attacks. Include this information in your Network Security and Vulnerability Threat Table.   LINK below

Johnson, C., Badger, L., Waltermire, D., Snyder, J., &Skorupka, C. (2016). Computer security: Guide to cyber threat information sharing.(NIST Special Publication 800-150, 2nd draft). Retrieved from https://csrc.nist.gov/publications/drafts/800-150/sp800_150_second_draft.pdf

Plan of Protections

Describe and give your leadership a common picture of each.

OpenStego

QuickStego

OurSecret

VeraCrypt

AxCrypt

 GPG

Then, in your report, describe the cryptographic mechanisms available to your organization, and describe the benefits and risks of each. Also describe your file encryption tools, and provide the methods and results of encrypting files in your organization. Include this information in your deliverable to leadership.

Data Hiding Technologies

Provide your organization with a brief overview of each.

Encryption Technologies

1.Shift / Caesar cipher

2.Polyalphabetic cipher

3.One time pad cipher/Vernam cipher/perfect cipher

4.Block ciphers

5.triple DES

6.RSA

7.Advanced Encryption Standard (AES)

8.Symmetric encryption

9.Text block coding

Data Hiding Technologies

1.Information hiding and steganography

2.Digital watermarking

3.Masks and filtering

These descriptions will be included in the network security vulnerability and threat table for leadership.

 Creating the Network Security Vulnerability and Threat Table

Using the information you've gathered from the previous steps, prepare the network security vulnerability and threat table, in which you outline the following:

  • security architecture of the organization
  • the cryptographic means of protecting the assets of the organization
  • the types of known attacks against those types of protections
  • means to ward off the attacks

Create your Network Security Vulnerability and Threat Table, and include it in your submission to the organization. Please refer to this threat table template for guidance on creating this document.

https://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf

Access Control Based on Smart Card Strategies

Smart cards use encryption chips to identify the user, their identity, role, and sometimes use their personal identifiable information (PII). Two examples of smart cards are the federal government's use of common access cards (CACs), and the financial sector's use of encryption chips in credit cards.

You have completed your threat table, and you've decided that you want to modernize the access control methods for your organization. To that end, you read the following resources to gather some background information on access control and the various encryption schemas associated with the Common Access Card (CAC):

  • Access control
  • Common access Card (CAC)

Defense Human Resource Activity (DHRA).(n.d.). Common access card (CAC). Retrieved August 8, 2016, from https://www.cac.mil/common-access-card/

Defense Human Resource Activity (DHRA).(n.d.).Common access card (CAC) security. Retrieved August 8, 2016, from https://www.cac.mil/common-access-card/cac-security/

You plan to deploy CAC to the company and you are tasked with devising that CAC deployment strategy, which includes the cryptographic solutions used with the CAC.

In the Common Access Card Deployment Strategy final deliverable, describe how identity management would be a part of your overall security program and your CAC deployment plan:

Create your Common Access Card Deployment Strategy and include it in your submission to the organization.

The Email Security Strategy

After completing the CAC, your next step is to build the Secure Email Strategy for the organization. You will present this tool to your leadership.

Provide an overview of the types of public-private key pairing, and show how this provides authentication and nonrepudiation. You will also add hashing, and describe how this added security benefit ensures the integrity of messaging.

Begin preparing your strategy by reviewing the following resources that will aid you in becoming well informed on encryption technologies for e-mail:

  • Public Key Infrastructure (PKI)

Kuhn, D. R., Hu, V. C., Polk, W. T., & Chang, S., National Institute of Standards and Technology, U.S. Department of Commerce. (2001).  Introduction to public key technology and the federal PKI infrastructure (SP 800-32). Retrieved from https://csrc.nist.gov/publications/nistpubs/800-32/sp800-32.pdf

  • iOS encryption

Apple Inc. (2016). iOS security. Retrieved from https://www.apple.com/business/docs/iOS_Security_Guide.pdf

  • Blackberry encryption

BlackBerry.(2015). BBM security note. Retrieved from https://help.blackberry.com/en/bbm-security/latest/bbm-security-pdf/BBM-Security_Note-1336480397548-en.pdf

BlackBerry.(n.d.). BBM Protected: Enterprise grade encryption for BBM messages between iPhone, Android and BlackBerry smartphones.. Retrieved from https://us.blackberry.com/enterprise/products/bbm-protected.html

Then start developing your strategy.  Define these strong encryption technologies as general principles in secure email:

Pretty Good Policy (PGP algorithm)

  • GNU Privacy Guard (GPG)
  • Public Key Infrastructure (PKI)
  • Digital signature
  • Mobile device encryption (e.g., iOS encryption and Blackberry encryption)

In your report, also consider how the use of smart card readers tied to computer systems might be beneficial in the future enhancements to system and data access protection. This may help you define long-term solutions for your leadership.

Leadership does not know the costs and technical complexity of these email encryption strategies. To further their understanding, compare the complexities of each in relation to the security benefits, and then make a recommendation and a deployment plan.

The deliverables for this project are as follows:

1. Create a single report in Word document format. This report should be about 10 pages long, double-spaced, with citations in APA format*****IN TEXT CITATION IS A MUST. Page count does not include diagrams or tables. The report must cover the following:

?network security and threat table

?Common Access Card deployment strategy

?e-mail security strategy

Reference no: EM131406828

Questions Cloud

How can you use critical thinking in other areas : How does the process of critical thinking you used relate to or differ from the process you used to find content for your answer?How can you use critical thinking in other areas?What steps can you take to ensure that you continue to use critical th..
Find a 90% confidence interval for the mean distance : If the population standard deviation were later found to be 6.3 miles, what size sample would be needed in order to estimate the mean distance travelled by passengers for the error to be one mile with a 90% level of confidence?
Prepare literature review incorporate each of your reference : Create a literature review, incorporating each of your references (minimum of five), tying them to each other and to the thesis of your project in a single narrative.
Create a public service announcement : Create a public service announcement proposing the problems with enuresis. The proposal can use a form of multimedia, a video, a presentation, a radio announcement, or a flyer
Determiningt the it systems architecture : You are a senior-level employee and you must tailor your deliverables to suit your audience: the leadership of the organization. You may choose to use a fictitious organization, or model your organization on an existing organization, including pro..
Would you characterize your role as effective : Would you characterize your role as effective? How could you have been a better team member? What role(s) did you or the leader play in making the team effective? How could the leader have made the team more effective?
Determining the visual basic pseudocode : Design a program with a loop that asks the user to enter a series of positive numbers. The user should enter a negative number to signal the end of series. Once a user enters a negative number, your program should display sum of all positive numbe..
Screenshots of good and bad examples of websites : A document, correctly formatted, indexed and fully referenced of not more than 800 words illustrated with screenshots of good and bad examples of websites.
Insurers who can plan for changes can create their future : What are their strategies for pricing, marketing and distribution - What kind of value added services did they offered and what kind of product/services are they offering?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Describe the multics system project

In an overview, describe the Multics system project which was under at MIT in the 1960's. Identify any influences Multics has had on day trends in developing secure and trusted software.

  Demonstrate ascii code conversion

To demonstrate the use of subroutines, e.g. initialize the peripheral registers and to set the time delays, etc. To demonstrate ASCII code conversion. To demonstrate the use of indexed addressing to retrieve data from a table in memory.

  Develop the formats of information stored in the page table

Memory can be made read-only or execute-only, and four other levels of privileged access are provided (one for the user and three for routines within the operating system).

  A program in java that is written to conduct an election

Need a program in java that is written to conduct an election.

  Prompt the user to enter positive integers

Write an entire c++/java/c# program to prompt the user to enter positive integers, and 0 to stop. Store the integers in a vector. Then print out all the permutations of the sequence that come BEFORE the input sequence

  Find out why it is so and if some remedies exist

It is said that software project planning consists of tasks that are not elastic and their schedule cannot be stretched or shrunk. Find out why it is so and if some remedies exist.

  What is the role of the project manager

What other additional information would you like to share with the class?

  Change the number of parameters an operator takes

"You cannot change the number of parameters an operator takes." What does this really mean and what are implications of this when you use polymorphism in your programs? Try to provide specific examples and 600 words.

  Draw a diagram to show the use of a proxy server

Show the transactions between the client, proxy server, and the target server when the response is not stored in the proxy server.

  Sql queries using mysql

Query1 Write a SQL statement to display the course numbers of classes taught by Hammett Glenn. Query2 Write a SQL statement to display the course names of the courses taught by an instructor whose id is 415. Query3 Write a query to display the name ..

  Three basic categories of physical equipment

Microcomputer hardware consists of three basic categories of physical equipment. Name them.

  What needs to be changed to add new filter to image viewer

Add a mirror filter that flips the image horizontally. The pixel at the top left corner will move to the top right, and vice versa, producing the effect of viewing the image in a mirror.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd