Ayesha Rajbhandari
CH1



1.     Look up “the paper that started the study of computer security”. Prepare a summary of the key points. What in this paper specifically addresses security in areas previously unexamined?

 

à  The scope of computer security improves the safety and security in the following ways:

·      Securing the data: providing the security to the data will increases the security in the physical location

·      Limiting random and unauthorized access to the data: security can be improved by limiting the access to the unauthorized documents and accounts.

·      Involving personnel from multiple levels of the organization

 

 

2.     Assume that a security model is needed for the protection of information in your class. Using the CNSS model, examine each of the cells and write a brief statement on how you would address the three components of each cells.

 

à I would address the  three components of each cells by  integrity, availability, storage, processing, transmission, policy, education and technology.

·      Confidentiality: the students grade and class information should be secure. The information should not be accessible by unauthorized people.

·      Integrity: the students data must be maintained and should not be able the modify intentionally or accidentally.

·      Availability: the data should be easily accessible when needed.

·      Storage: the data of the students should be stored carefully.

·      Transmission: the correct data must be received by the end user.

·      Policy: there should be confidentiality about the information of the student.

·      Education: training must be given to the people about all the information and make them sign the paper about the confidentiality.

·      Technology: it should be specified to protect the software and hardware used to develop the system.

 

3.     Using the Web, identify the chief information officer(CIO), chief information security officer(CISO), and systems administrator for your school. Which of these people represents the data owner? Which represents the data custodian?

 

à The chief information officer(CIO) is the head of information technology of the organization. They report to the chief financial officer and in the IT organization to the chief executive officer.

 

The chief information security officer(CISO) focuses on information security in the organization. The responsibilities include security policy development and management, security training and awareness development, supervision or management of ethical hackers.

 

The system administrator is a person employed to maintain and operate a computer system or network. System administrator’s job is to install supporting and maintaining servers, supervising computer operators and being consultant for computer problems beyond the knowledge of technical support staff.

 

The system administrator represents the data custodian in school organization.

 

4.     Using the web, find out more about Kevin Mitnick. What did he do? Who caught him? Write a short summary of his activities and explain why he is infamous.

 

à Kevin Mitnick also known as condor is the famous computer hacker. He was one of the FBI’s most wanted criminal. He was caught may times but in 1995 he made national attention. It tok 2 years to track him down. Tsotomu a computer security expert played a major role to track him down after Mitnick hacked his computer. Mitnick was after jailed for 5 years without the trail. He was out of the prison in 2002 but as the probation he was not allowed to use any electronic device.

 

5.     Using the web, explore the technique known as “iterative and incremental development”. Then, investigate “agile development”. How are they related?

 

à The iterative and incremental model is a model used in developing the software. In the process of development, the system is divided into smaller portions known as increments and running each increment through cycles known as iterations.

 

Agile development is a traditional software project management. It helps in promoting development iterations throughout all the phases of software life cycle. It also helps in finding the flaws and reducing them. The advantage of agile development is short development cycles for every iterations and customer satisfaction for the useful software.

 

They are related because the agile development follows the increment and iterative model for software development. These models help in minimizing the risk of stakeholder satisfaction and results in faster delivery of product.