Chapter 1 Exercises
1. The paper that started the study of computer security: “Rand Report R-609”
Summary of the key points:
- Any program or user on the network computers can access any other program or subsystem connected in the network without changing the program.
- To create techniques and develop experience on interconnecting computers.
- To improve and increase computer research productivity by sharing resources.
Security areas that were previously unexamined:
- Authorization to systems
- Lack of safety for dial-up users
- Safeguard data from unauthorized users
- Vulnerability of password structure and format
- User identification was non-existent
3. The CIO (chief information security officer) and CISO (systems administrator) are both vacant positions at UWS. The systems administrator is Ross Eaton. The CISO is typically the data owner because they have primary responsibility for the assessment, management, and implementation of information security in the organization. The CIO is the data custodian because they oversee the organization’s computing technology and are responsible for the design and evolution of an enterprise’s technology and tools, therefore are the obvious custodian of data.
4. The company I chose was Amazon. The CEO is Jeff Bezos. The CIO is Richard L. Dalzell. The CISO is Stephen Schmidt. These were all very easy to find since the company is very large and well-known.
5. Kevin Mitnick is known as “the world’ most famous hacker”. He hacked 40 major corporations and was caught by the FBI after hiding for a little over 2 years. He served 5 years in prison and is now a trusted security consultant to the Fortune 500 and governments worldwide.
6. Iterative and incremental development and agile development are related because agile development needs to be both iterative and incremental. Iterative and Incremental development is any combination of both iterative design or iterative method and incremental build model for software development and agile development needs both of these characteristics to be a successful software.