Information Science

Imagine that you work for an organization that has no Internet use policy; employees use the Internet in whatever way they want using company-owned personal computers (PCs). Could this cause a problem for the organization? Explain the importance of information security policies and the role they play in ensuring sound and secure business information. Discuss the following IT security policies and the level of protection each policy provides in the context of the scenario: Internet use policy, External device use policy, Employee identity (ID) policy, Computer use policy. How would each policy help the situation described in the scenario? How might each policy hinder the situation described in your assigned scenario? Include your rationale for whether each policy helps or hinders the situation in your assigned scenario.

You are the webmaster of a college website. You share a server with other school departments such as accounting and HR. Based on this chapter, create at least five security-related rules for staff members who are adding web pages being added to your site. Include a justification and explanation for each rule. Rules should relate to college, staff and student, and system information security.

Need for a national framework for protecting critical infrastructure. Overview of https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/. Please explain how DHS should handle the below situation from the above link & need for a national framework for protecting critical infrastructure. The United States will be hit by a large-scale, coordinated cyber-attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited, and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit.

Provide (2) 150 words response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet the deadline. RESPONSE 1: Which one of the following statements is most correct about data encryption as a method of protecting data? For this week’s forum we had to review or examine statements that were provided to us. To answer the above question, I chose to discuss is number 4: it requires key management. Key management refers to the process of managing cryptographic keys for a system. The management involves the creation, exchanges, and protection of these keys. Key management is also involved in monitoring and accesses made by individuals in the system. Encrypted messages can be read by authorized users, but not by those who do not have permission. One good way to practice good key management practices is to physically make sure hardware and all systems being used are store properly, and securely from anyone who can easily access them physically. Another great practice to make sure that all of the systems is up to date. It is also important to have a key life cycle, as we learned in our labs for last week. To also make sure that they are properly stored somewhere other than the systems in which they are used in to make sure that there is a back up if something bad were to happen. Performing audits can prevent from cryptic keys to get hacked or stolen. Audits can also ensure. RESPONSE 2: I hope everyone is having a good week so far. This week we are talking about public key infrastructure and data encryption as a method of protecting data. Out of the options we were given I would say that careful key management is the most correct. We as humans lose things all the time. I know I always misplace my phone and the tv controller. When looking at key management there are 3 different types of protocols with the main goal being centralized. You want the key to be able to move through the department. To implement centralized protocols you need the proper equipment, policies in place to handle the keys and processes to implement the activities.”Centralized key management enables proper key governance, even when data and people move from department to department throughout an organization” (Kazarian, 2019). “If your key server capabilities don’t mesh well with the key governance requirements, implementing centralized key management becomes very difficult” (Kazarian, 2019).Resources: Kazarian, J. (2019, January 22). An essential guide to encryption key management in the enterprise. Retrieved June 30, 2020, from https://techbeacon.com/security/centralized-encryption-key-management-why-you-need-it-how-deploy-it

Need for a national framework for protecting critical infrastructure. Overview of https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/. Please explain how DHS should handle the below situation from the above link & need for a national framework for protecting critical infrastructure. The United States will be hit by a large-scale, coordinated cyber-attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited, and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit.

Provide (2) 150 words response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet the deadline. RESPONSE 1: Which one of the following statements is most correct about data encryption as a method of protecting data? For this week’s forum we had to review or examine statements that were provided to us. To answer the above question, I chose to discuss is number 4: it requires key management. Key management refers to the process of managing cryptographic keys for a system. The management involves the creation, exchanges, and protection of these keys. Key management is also involved in monitoring and accesses made by individuals in the system. Encrypted messages can be read by authorized users, but not by those who do not have permission. One good way to practice good key management practices is to physically make sure hardware and all systems being used are store properly, and securely from anyone who can easily access them physically. Another great practice to make sure that all of the systems is up to date. It is also important to have a key life cycle, as we learned in our labs for last week. To also make sure that they are properly stored somewhere other than the systems in which they are used in to make sure that there is a back up if something bad were to happen. Performing audits can prevent from cryptic keys to get hacked or stolen. Audits can also ensure. RESPONSE 2: I hope everyone is having a good week so far. This week we are talking about public key infrastructure and data encryption as a method of protecting data. Out of the options we were given I would say that careful key management is the most correct. We as humans lose things all the time. I know I always misplace my phone and the tv controller. When looking at key management there are 3 different types of protocols with the main goal being centralized. You want the key to be able to move through the department. To implement centralized protocols you need the proper equipment, policies in place to handle the keys and processes to implement the activities.”Centralized key management enables proper key governance, even when data and people move from department to department throughout an organization” (Kazarian, 2019). “If your key server capabilities don’t mesh well with the key governance requirements, implementing centralized key management becomes very difficult” (Kazarian, 2019).Resources: Kazarian, J. (2019, January 22). An essential guide to encryption key management in the enterprise. Retrieved June 30, 2020, from https://techbeacon.com/security/centralized-encryption-key-management-why-you-need-it-how-deploy-it

Imagine that you work for an organization that has no Internet use policy; employees use the Internet in whatever way they want using company-owned personal computers (PCs). Could this cause a problem for the organization? Explain the importance of information security policies and the role they play in ensuring sound and secure business information. Discuss the following IT security policies and the level of protection each policy provides in the context of the scenario: Internet use policy, External device use policy, Employee identity (ID) policy, Computer use policy. How would each policy help the situation described in the scenario? How might each policy hinder the situation described in your assigned scenario? Include your rationale for whether each policy helps or hinders the situation in your assigned scenario.

You are the webmaster of a college website. You share a server with other school departments such as accounting and HR. Based on this chapter, create at least five security-related rules for staff members who are adding web pages being added to your site. Include a justification and explanation for each rule. Rules should relate to college, staff and student, and system information security.

Need for a national framework for protecting critical infrastructure. Overview of https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/. Please explain how DHS should handle the below situation from the above link & need for a national framework for protecting critical infrastructure. The United States will be hit by a large-scale, coordinated cyber-attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited, and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit.

Provide (2) 150 words response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet the deadline. RESPONSE 1: Which one of the following statements is most correct about data encryption as a method of protecting data? For this week’s forum we had to review or examine statements that were provided to us. To answer the above question, I chose to discuss is number 4: it requires key management. Key management refers to the process of managing cryptographic keys for a system. The management involves the creation, exchanges, and protection of these keys. Key management is also involved in monitoring and accesses made by individuals in the system. Encrypted messages can be read by authorized users, but not by those who do not have permission. One good way to practice good key management practices is to physically make sure hardware and all systems being used are store properly, and securely from anyone who can easily access them physically. Another great practice to make sure that all of the systems is up to date. It is also important to have a key life cycle, as we learned in our labs for last week. To also make sure that they are properly stored somewhere other than the systems in which they are used in to make sure that there is a back up if something bad were to happen. Performing audits can prevent from cryptic keys to get hacked or stolen. Audits can also ensure. RESPONSE 2: I hope everyone is having a good week so far. This week we are talking about public key infrastructure and data encryption as a method of protecting data. Out of the options we were given I would say that careful key management is the most correct. We as humans lose things all the time. I know I always misplace my phone and the tv controller. When looking at key management there are 3 different types of protocols with the main goal being centralized. You want the key to be able to move through the department. To implement centralized protocols you need the proper equipment, policies in place to handle the keys and processes to implement the activities.”Centralized key management enables proper key governance, even when data and people move from department to department throughout an organization” (Kazarian, 2019). “If your key server capabilities don’t mesh well with the key governance requirements, implementing centralized key management becomes very difficult” (Kazarian, 2019).Resources: Kazarian, J. (2019, January 22). An essential guide to encryption key management in the enterprise. Retrieved June 30, 2020, from https://techbeacon.com/security/centralized-encryption-key-management-why-you-need-it-how-deploy-it