IT 279 Unit 6 Assignment 1, Assignments of Computer Science

Download IT 279 Unit 6 Assignment 1 and more Assignments Computer Science in PDF only on Docsity! Running head: IT 279 UNIT 6 ASSIGNMENT 1 Unit 6 Assignment Casey Poschinger Purdue University Global IT279 CISSP II IT 279 UNIT 6 ASSIGNMENT 2 1. Which OSI function ensures that the identity of the remote host is verified, and that the data received is authentic? A. Routing B. Authentication C. Encryption “The Session layer (layer 5) is responsible for establishing, maintaining, and terminating communication sessions between two computers. It manages dialogue discipline or dialogue control (simplex, half-duplex, full duplex), establishes checkpoints for grouping and recovery, and retransmits PDUs that have failed or been lost since the last verified checkpoint” (Chapple, Stewart, & Gibson, 2018, p. 449). 2. Which layer of the TCP/IP model corresponds to the Transport layer of the OSI model? A. Network access B. Internet C. Host-to-host “The Transport layer establishes a logical connection between two devices and provides end-to- end transport services to ensure data delivery. This layer includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction, multiplexing, and network service optimization” (Chapple, Stewart, & Gibson, 2018, p. 449). 3. Which OSI process ensures that each OSI layer at the sender adds its own information to the packet and each OSI layer at the receiver strips off its corresponding information? A. Negotiation B. Encapsulation C. Compression “Encapsulation is the addition of a header, and possibly a footer, to the data received by each layer from the layer above before it’s handed off to the layer below. As the message is encapsulated at each layer, the previous layer’s header and payload combine to become the payload of the current layer” (Chapple, Stewart, & Gibson, 2018, p. 442). 4. Which function does the Session layer of the OSI model provide? A. Data synchronization B. Logical network addressing C. Physical network addressing IT 279 UNIT 6 ASSIGNMENT 5 9. Which of the following process of risk management is the process of selecting strategies to deal with identified risk, according to business risk appetite? A. Risk treatment B. Risk assessment C. Acceptance of residual risk “The next element in risk management is risk analysis (or treatment) – a methodical examination that brings together all the elements of risk management (identification, analysis, and control) and is critical to an organization for developing an effective risk management strategy” (Miller & Gregory, 2016, p. 105). 10. Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data? A. Enforcing regular password changes B. Job rotation of operations personnel C. Asset value x loss expectancy “Job rotation (or rotation of duties) is another effective security control that gives many benefits to an organization. Similar to the concept of separation of duties and responsibilities, job rotations involve regularly (or randomly) transferring key personnel into different positions or departments within an organization, with or without notice” (Miller & Gregory, 2016, p. 355). 11. When you were leaving work for the day, you inadvertently leave the secure facility with classified documents. What kind of incident is this? A. This is a breach of confidentiality. B. This is an availability issue. C. This is a classic case of corporate espionage. “By design, the Bell-LaPadula model prevents the leaking or transfer of classified information to less secure clearance levels. This is accomplished by blocking lower-classified subjects from access higher-classified objects. With these restrictions, the Bell-LaPadula model is focused on maintaining the confidentiality of objects. Thus, the complexities involved in ensuring the confidentiality of documents are addressed in the Bell-LaPadula model” (Chapple, Stewart, & Gibson, 2018, p. 288). IT 279 UNIT 6 ASSIGNMENT 6 12. Which one of the following represents an ALE calculation? A. Gross loss expectancy x loss frequency B. Single Loss Expectancy x Annualized Rate of Occurrence C. Asset value x loss expectance “The ALE is calculated using the following formula: ALE = single loss expectancy (SLE) * annualized rate of occurrence (ARO) or more simply: ALE = SLE * ARO” (Chapple, Stewart, & Gibson, 2018, p. 70). IT 279 UNIT 6 ASSIGNMENT 7 References Berg, E. (2005, May 23). Notes: Networks, Subnets, and CIDR. Retrieved from erikberg.com: https://erikberg.com/notes/networks.html Chapple, M., Stewart, J. M., & Gibson, D. (2018). CISSP: Certified Information Systems Security Professional Official Study Guide (8th Edition). Indianapolis: John Wiley & Sons, Inc. Miller, L. C., & Gregory, P. H. (2016). CISSP For Dummies 5th Edition. Hoboken: John Wiley & Sons, Inc.