USF IT Security Policies Questions

Question Description

I’m working on a cyber security multi-part question and need support to help me learn.

1. What is the purpose of defining a framework for IT security policies?

2. Why should an organization have a remote access policy even if it already has an acceptable use policy (AUP) for employees?

3. What security controls can be implemented on your e-mail system to help prevent rogue or malicious software disguised as URL links or e-mail attachments from attacking the workstation domain? What kind of policy definition should you use?

4. Why should an organization have annual security awareness training that includes an overview of the organization’s policies?

5. Consider the following real world situation:

A retired Japanese Coast Guard boat (Takachiho) was sold to a pro-North Korean organization without having assurances that navigational data was deleted. The decommissioned patrol boat could have had as many as 6,000 locations recorded over the 250 days of use. The boat was presumably sold to be turned into scrap. Weapons and radio equipment were removed, but no procedures were in place to ensure that navigational data was securely deleted. It is unknown if navigational data were recovered from vessels disposed of through past sales (Muncaster, 2013).

a. Why was the navigational data on the Japanese Coast Guard vessel not securely deleted?

b. How could the lost navigational data compromise national security?

c. How could the Japanese Coast Guard write an effective data disposal policy?

d. Is a self-assessment of effective security policy a good predictor of actual security? Why or why not?

6. What is meant by Governance Framework? Why is ISO 27000 certification more attractive to companies than COSO or COBIT certification?

7. Locate and read NIST SP 800-53 Revision 4. What are the key benefits of this standard?

8. In your opinion, is the COBIT framework superior to the other standards and frameworks such as the ISO 27000 and NIST? Why or Why not?

References

Muncaster, P. (2013, April). Japan forgot data wipe on ship sold to Pyongyang. Retrieved September 18,

2014, from http://www.theregister.co.uk/2013/04/29/japan_coas…



^{Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."}

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.