READING MATERIAL
Joseph Migga Kizza, Guide to Computer Network Security (4th Edition):
o Chapter 23: Mobile Systems and Corresponding Security Issues
o Chapter 24: Conquering the Last Frontier: The Home Front
ARTICLE
Android Security Concerns That Scare IT
https://www.informationweek.com/mobile/8-android-security-concerns-that-should-scare-it/d/d-id/1319412?image_number=8
ASSIGNMENT 1 – Enterprise Mobile Security Policy(1 – page)
Use this weeks reading material and article along with the Web, to find an organizations security policy for its mobile devices. Suggest what you might change in the policy to enhance security.
ASSIGNMENT 2 – Home LAN Security (1 – page)
Using this weeks reading material. In your experience at home, school, or work, what types of weak security practices have you seen on networks?
ASSIGNMENT 3 – Cumulative Essay Questions (3 – pages)
In a typed, double-spaced document. Each answer should be preceded by its corresponding question and number. Answers should be about 2 to 3 paragraphs long. APA formatting will NOT apply but be sure to spell-check before submitting your work. Each submitted answer will be worth 20 points.
The focus of this exam is on the content and thought in your answers. You may use the book or outside sources as PART of your answer, but the expectation is for you to cite your sources, while also including your own thoughts and ideas. I’m looking for your critical thinking skills as they emerge from what you’ve read and contemplated.
QUESTIONS (Choose 5 questions):
1. A colleague asks for your assistance to further secure a department wireless network. Which of the following wireless security measures would you configure (WPA2-Enterprise, WEP, WPA-Personal, WPA2-Personal, WPA-Enterprise) and why? Describe in detail the security configuration settings you would use. Also describe why you did NOT choose the others.
2. You have recently become the system administrator of a new database server. The requirements for the server are as follows: 7 x 24 operational access, an annual 99.99% system uptime, and data not being at risk of being viewed by unauthorized individuals. Describe in detail which of the following security design goals ensure these requirements are met: confidentiality, integrity, availability, accountability?
3. If you are an enterprise security director, how would you go about choosing security best practices? How might any of the standards you wrote about in Week 1’s paper specifically help in this area? Is it good security policy to always use a best practice? What are the advantages (or disadvantages) of using a best practice?
4. The rapid growth of the Internet is a contributing factor to the security threat of cyberspace. Discuss other contributing factors to the overall security threat of cyberspace.
5. Your organization has just recovered from an intrusion, and as a proactive measure your CISO has mandated all vulnerabilities be located and remediated in the network. Describe in detail how you would go about doing this, ie, software, procedures, policies? Is it even possible?
6. Your enterprise security director has recently mandated two-factor authentication for your critical network systems. Describe in detail all the factors of authentication and how you would implement a two-factor system. What factors would you choose? What do you think about the privacy (personal intrusiveness) implications of some authentication factors?
7. You have been tasked with evaluating firewalls in order to upgrade the platform currently in place. What types of features and services would you consider necessary to maximally reduce the likelihood of intrusions into your network while also managing outbound traffic from users on your network?
8. Virtualization and cloud computing are rapidly expanding into the enterprise as viable solutions. Discuss the connections between these two technologies and the security implications of a virtual network infrastructure in the cloud vs. a physical network infrastructure onsite.