CYB 407 All Discussions

0 items
CYB 407 All Discussions
CYB 407 All Discussions
$12.00
Go to the store page
  • Description

CYB 407 Wk 1 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

Due Thursday

Respond to the following in a minimum of 175 words:

  • For an industry or organization with which you are familiar, think of a framework that would best fit the organization.

  • From the standpoint of a Chief Information Security Officer for that organization, explain what important requirements CC, ISO/IEC. NIST, and COBIT imparts on your operational choices.

Provide proof of your research to support your position.

Due Monday

Post 2 replies to classmates or your faculty member in a minimum of 100 words each. Be constructive and professional.

 

CYB 407 Wk 2 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

Due Thursday

Appendices D and E of the NIST SP 800-37 Revision 1, “Guide for Applying the Risk Management Framework to Federal Information Systems,” provide a detailed description of the roles and responsibilities of the key security players. Throughout the risk management process, it can clearly be seen that close collaboration and support are required among all the functional roles

Respond to the following in a minimum of 175 words:

  • Choose two of the functional roles of the key security players in an organization and think of the role they play in creating a security plan.

  • Compare and contrast the outlooks of the roles you have chosen.

  • Explain how the two outlooks differ when creating a plan to mitigate a zero-day attack.

Provide proof of your research to support your position.

Due Monday

Post 2 replies to classmates or your faculty member in a minimum of 100 words each. Be constructive and professional.

 

CYB 407 Wk 3 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

Due Thursday

Respond to the following in a minimum of 175 words:

  • Select an asset, process, or organizational structure from your organization or past organization.

  • Using your selection, analyze a risk scenario that would inform a security assessment plan, accounting for threat agent, threat, vulnerability, and possible event characteristics, such as possible time, location, and other circumstances.

  • Explain how the stakeholders (e.g., the Information Owner/Steward, Information System Security Officer, or Information System Security Engineer) would use the risk scenario to inform the security assessment plan.

  • Include your risk scenario in your explanation.

 

Reference 

  • 3, “Identifying and Managing Risk Scenarios” of CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide.

Provide proof of your research to support your position.

Due Monday

Post 2 replies to classmates or your faculty member in a minimum of 100 words each. Be constructive and professional.

 

CYB 407 Wk 4 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

Due Thursday

Respond to the following in a minimum of 175 words:

  • Research the role of a Security Control Assessor (SCA) as it relates to the Veterans’ Administration.

  • Imagine that the Veterans’ Administration has hired you as a Security Control Assessor (SCA) in which your primary responsibility is to conduct risk assessments on the VA’s IT systems.

  • As an SCA, explain how you would communicate the assessment results to senior leadership (e.g. as the results relate to applicable standards and regulations.)

  • Provide examples of what you would say if your assessment identified a new risk that would impact compliance to government standards and regulations.

Provide proof of your research to support your position.

Due Monday

Post 2 replies to classmates or your faculty member in a minimum of 100 words each. Be constructive and professional.

 

CYB 407 Wk 5 Discussion

Post a total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to classmates or your faculty member.

 

Due Thursday

The definition of Authorizing Official can be found in NIST SP 800-37, which you examined in Wk 2. The authorizing official is a senior/executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, and other organizations. The Authorizing Official is a role versus a job position. In large companies, there may be more than one individual fulfilling the role of the authorizing official.

Respond to the following in a minimum of 175 words:

  • Discuss when a company would have multiple authorizing officials.

  • Provide an example from within a healthcare organization.

Provide proof of your research to support your position.

Due Monday

Post 2 replies to classmates or your faculty member in a minimum of 100 words each. Be constructive and professional.