computer science major questions.
Chapter 9
1 Write about a half page, single-spaced, response (no more than 400 words long), discussing this case below, with particular attention to the questions below the scenario.
Scoring rubric for this question: Spelling and Grammar errors (one obvious spelling error may be a typo, two of the same is an error), 3 pts out of the 20. Content, 17 pts out of the 20
Formatting: again, single-spaced; separate paragraphs by 12 pts (= to double space); no first-line indent on paragraphs (even if you like to do that, don’t); fully justify your paragraphs (see the case itself below for an example of full justification).
The case:
Jane Smith is responsible for security at the ABC Company. She has a moderate budget with which to purchase security solutions. To date, she has installed a router-based firewall between the network and the outside world. She also has a commercial virus scanner on every machine on the network.
What other actions might you recommend to her? Would you recommend a different firewall? Why or why not? Would you recommend an Intrusion Detection System, and if so, where would you recommend she place it?
Write your answer below this line.
Chapter 9
2 Using the guidelines provided in this chapter (and other resources as needed), create a step-by-step IT security policy to implement a new user account for a student.
The policy should define what resources the student has access to, what she does not have access to, and for how long access is granted. See the format at the end of this document for what should be included in your answer – what it must look like.
This question is worth 20 points.
3 Go to www.sans.org/resources/policies Under the General category, find the Password Construction Policy and the Password Protection Policy. Use these as your guidelines. Compare the Georgia Southern University password policies to these (find them on the https://its.georgiasouthern.edu/infosec/ site – you will have to do a little more digging on your own to find them). Are Georgia Southern’s standards stronger or weaker than what is suggested by SANS? Don’t just answer “stronger” or “weaker” without giving examples to back up your analysis. Doing so without any examples will result in a zero on this question. This question is worth 20 points.
Content requirements for your answer to #2 – you must have answers for each 1 – 5. Include each major (1 – 5) topic in your answer. You may bullet point your sub-topics (basically, the answers to each question) below each major topic. Each “question” below each major topic functions as a “sub-topic”, and you must include all in your answer.
1 Scope and applicability
Who does this apply to?
2 Authorized usage and access
What is expected in terms of fair and responsible use? Of hardware? Of software? Of any other resources? What is the expectation of privacy? (don’t just say they don’t have any – explain what the expectation is)
3 Prohibited use of equipment
Here you must think in terms of what students cannot do with university equipment or software. You must come up with a minimum of three prohibitions and a maximum of five.
4 Violations of policy
Recommendations for violations
5 Policy review and modification
How often should this policy be reviewed? Who is in charge of reviewing and modifying this policy?
1