Bailey Johnson

ITS 370

CH4

 

1.       Using a graphics program, design several security awareness posters on the following themes: updating antivirus signatures, protecting sensitive information, watching out for email viruses, prohibiting the personal use of company equipment, changing and protecting passwords, avoiding social engineering and protecting software copyrights. What other themes can you imagine?

 

Image result for Internet security posters       Image result for Internet security posters

Image result for Internet security posters copyrights 

 

2.       Search the web for security education and training programs in your area. Keep a list and see which category has the most examples. See if you can determine the costs associated with each example. Which do you think would be more cost-effective in terms of both time and money?

A Computer support technician program costs about $1139 and takes 12 months

Online computer programming languages certificate costs about $460 and takes three months

An Online Business Management Essentials Certificate costs about $880 and lasts about 4 months

An Undergraduate Certificate in Business Management Courses costs about $2520 and lasts 12 months

I believe the most cost-effective option would be the Online Business Management Essentials Certificate.

 

3.       Search the Web for examples of issue-specific security policies. What types of policies can you find? Using the format provided in this chapter, draft a simple issue specific policy that outlines fair and responsible use of computers at your college, based on the rules and regulations of your institution. Does your school have a similar policy? Does it contain all the elements in the text?

 

Example: Fair and Responsible Use of Wireless LAN Technology in an Organization

 

This addresses fair and responsible use of Acmes WLAN technologies. It is only for authorized users within the Acme enterprise. Laptop users are permitted with prior approval. The WLAN should only be used when a wired network solution is unavailable or inappropriate for a particular situation. All wireless transmission must be secured utilizing strong mutual authentication and encryption. Use of non-standard hardware, software and protocols is strictly prohibited.

 

Policy Statement: This policy has been adopted to outline the acceptable use of all campus computers. Strong adherence to this policy is a must and any student not doing so will be considered to be in violation of campus policy. Violators are subject to disciplinary actions established by administration and the IT department.

User Responsibility: The following guidelines are to be followed by all authorized users accessing university owned computers.

 

General Computer Usage: As a registered student, you are responsible for the protection of all information and data that you have access to. Whether directly or indirectly. It is also the responsibility of the student to recognize what, if any, of that data or information is sensitive and take the necessary measures to keep it that way.

 

Yes our campus has a similar policy for computers/ mobile devices that are accessing the network and it does have most of the elements listed in the text.

 

4.       Use your library or the Web to find a reported natural disaster that occurred at least six months ago. From the news accounts, determine whether local or national officials had prepared disaster plans and if the plans were used. See if you can determine how the plans helped officials improve disaster response. How do the plans help recovery?

 

Starting back in 2012 flooding has caused over 377 million in federal disaster assistance in Minnesota. During the first real flood in 2012 Duluth was completely unprepared as their sewage system overflowed and basements flooded. Most people didn’t even have flood insurance because when you live on a hill, flooding is the last thing you’d expect. Luckily federal aid has repaired roads and the Association of Minnesota Emergency Managers are calling for more flood awareness programs.

5.       Classify each of the following occurrences as incident or disaster. If an occurrence is a disaster determine where business continuity plans would be called into play.

a)       Incident, yes law enforcement should be involved.

b)      Incident, law enforcement might want to be involved to investigate arson.

c)       Disaster, a BC plan should be used here in order to restore operations. No law enforcement should not be involved.

d)      Incident, maybe law enforcement should be involved. It depends on the actions of those on strike.

e)      Disaster, BC plan should be called into play to re-route network traffic and a backup server would be needed. Law enforcement is needed to get back the company’s assets and to investigate if the employee took the server home in an attempt to disrupt the organization in a malicious way.