CYB 405 All Discussion

0 items
CYB 405 All Discussion
CYB 405 All Discussion
$12.00
Go to the store page
  • Description

CYB 405 All Discussions

The Latest Version A+ Study Guide

 

**********************************************

CYB 405 All Discussions Link

https://hwsell.com/category/cyb-405/

**********************************************

 

CYB 405 Wk 1 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Option 1

Why does a CISO need to be able to differentiate the drivers of corporate governance and IT governance?

Compare and contrast corporate and IT governance from the standpoint of someone trying to explain the difference to IT personnel who may not know the corporate drivers.

 

Option 2

Explain how corporate and IT initiatives may have similar goals and objectives. In your opinion, can IT governance be effective if IT goals and objectives differ from those of the corporation? Why or why not? Provide an example to support your view.

 

Due Monday

Post 2 replies to classmates or your faculty member. Be constructive and professional.

CYB 405 Wk 2 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Option 1

As a CISO, you are responsible for developing an information security program based on using a supporting framework. Discuss what you see as some major components of an information security program.

 

Option 2

A CISO interacts with many different functional areas across the company, including marketing, sales, finance, and software engineering.

Research a management team job description you may not be familiar with, such as the head of marketing or the chief software engineer.

Describe the potential conflicts or difference of focus between the information security team and other teams, such as application development, networking, marketing, or finance, and how you would address those conflicts.

 

Due Monday

Post 2 replies to classmates or your faculty member. Be constructive and professional.

 

CYB 405 Wk 3 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Option 1

The Department of Defense Directive (DoDD) 8140 (formerly 8570) provides guidance and procedures for training, certification, and management of all government employees who conduct information assurance functions in assigned duty positions. In some career positions, DoDD 8140 impacts those with access to DoD information system performing assurance (security) functions.

 

As an independent contractor considering a move into the DoD contract arena, discuss additional considerations you would add to your compliance plan to meet DoD requirements. Assess the pros and cons of adding DoD contracts to your portfolio.

 

Option 2

Research the NIST Special Publications website and provide a list of 800-series publications that address the following regulatory and compliance requirements:

  • PCI DSS Compliance

  • HIPAA Compliance

  • Cloud Security Compliance

 

 

CYB 405 Wk 4 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

  • Choose one of the control families described in FIPS 200 and describe how a security policy would be written to address that control family.

  • Discuss the primary components of the security policy with respect to the security requirements described within the control family.

 

Due Monday

Post 2 replies to classmates or your faculty member. Be constructive and professional.

 

CYB 405 Wk 5 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Option 1

NIST SP 800-30 and ISO 27005, which you read about this week, both offer versions of a risk assessment model.

Describe the process a CISO would use to help the company decide which risk assessment model to use considering the February 2013 Executive Order 13636, Improving Critical Infrastructure Cybersecurity.

 

Option 2

A plan of action and milestones (POA&M) is a living, historical document that identifies tasks that need to be created to remediate security vulnerabilities. The goal of a POA&M should be to reduce the risk of the vulnerability identified.

Describe some of the common challenges with developing and maintaining a POA&M from the standpoint of a CISO versus a CIO.

 

Due Monday

Post 2 replies to classmates or your faculty member. Be constructive and professional.