CMGT 431 All Discussions

0 items
CMGT 431 All Discussions
CMGT 431 All Discussions
$12.00
  • Description

CMGT 431 All Discussions

INFORMATION SYSTEMS SECURITY

The Latest Version A+ Study Guide

 

**********************************************

CMGT 431 All Discussions Link

https://hwsell.com/category/cmgt-431/

**********************************************

 

CMGT 431 Wk 1 Discussion: Sensitive Data Classification

Post a minimum total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to other students. For more information on what is considered a substantive response, please review the announcement on this topic.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

Organizations need to know the value of their data to find the best way to protect it. The data must be categorized according to the organization’s level of concern for confidentiality, integrity, and availability. The potential impact on assets and operations should be known in case data, systems, and/or networks are compromised (through unauthorized access, use, disclosure, disruption, modification, or destruction).

 

Choose an organization that you are familiar with from the Manufacturing, Retail, Health Care, Finance, or Education sectors to study throughout this course. You can use your own employer or another organization. I do encourage you to choose one that you have some experience with as there are significant differences and requirements between the different vertical markets.

 

Based on your chosen organization, ensure you:

Discuss the organization’s data. What types of data does it have? Is any of the data subject to regulatory security requirements (FERPA, HIPPA, GDPR, etc.) Is some of the data used or generated outside of the US?

Discuss the organization’s categorization of the data based on the Standards for Security Categorization of Federal Information and Information Systems.

 

Note: You will use information from this discussion in this week’s assignment Encryption Methodologies to Protect an Organization’s Data.

 

 

 

CMGT 431 Wk 2 Discussion: Secure Network Architecture

Post a minimum total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to other students. For more information on what is considered a substantive response, please review the announcement on this topic.

 

Due Thursday

Respond to the following in a minimum of 175 words:

 

It has been stated that an organization’s success securing its assets builds on top of an infrastructure, which includes the appropriate policies, procedures, and processes. Typically this would include business and operational processes, physical and virtual security components and last but by no means least, a secure systems and network infrastructure. Pick one of these elements and share with the class some of your research.

 

Describe how the component works in an overall cybersecurity architecture. Take care to describe how it provides defense to protect the organization’s data, network, and assets.

 

Explain how the component is secured and how its security interacts with the other elements in the overall infrastructure and how it protects the organization.

 

 

 

 

 

CMGT 431 Wk 3 Discussion: Authentication Methodologies

Post a minimum total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to other students. For more information on what is considered a substantive response, please review the announcement on this topic.

Due Thursday

Respond to the following in a minimum of 175 words:

 

Authentication ensures only authorized users are allowed into an organization’s network. As threats become more sophisticated, it is critical to have strong authentication in place from the policy, process, and technology perspective. Research identification and authorization, comparing and contrasting their strengths and weaknesses.

 

Describe the various mechanisms for implementing authentication to access a network. Why is single factor authentication not enough protection in today’s network environment? What are some of the newer methods that address this deficiency?

 

Discuss how integration of Identity-as-a-Service (IDaaS) can improve authentication capabilities in your chosen organization.

 

 

 

CMGT 431 Wk 4 Discussion: Audit Process 

Post a minimum total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to other students. For more information on what is considered a substantive response, please review the announcement on this topic.

Due Thursday

Respond to the following in a minimum of 175 words:

 

Organizations contract or hire individuals or consulting companies with specific skills to conduct internal audits. This is done to ensure their organizations are following their documented policies, procedures, and processes. In addition, federal mandates placed on organizations require continuous audits, leading organizations to contract outside auditors to work with their internal auditors and determine the health of the organization.

 

Identify the internal and external processes used by auditors for the organization you researched in Week 1.

 

 

 

CMGT 431 Wk 5 Discussion: Incident Response Plan

Post a minimum total of 3 substantive responses over 2 separate days for full participation. This includes your initial post and 2 replies to other students. For more information on what is considered a substantive response, please review the announcement on this topic.

Due Thursday

Respond to the following in a minimum of 175 words:

An incident response plan (IRP) is a set of procedures to help an organization detect, respond to, and recover from security incidents.

List the roles and responsibilities that are included in an IRP. Pick one that you think is critical to the successful response for your chosen organization to a security incident?

Discuss how your organization (from Week 1) may respond to at least one cyberattack. The organization should have a response in accordance with the IRP.