Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Question 1: An Ethical Challenge You are a security consultant with the VIU Co.

ID: 3820301 • Letter: Q

Question

Question 1: An Ethical Challenge

You are a security consultant with the VIU Co. and have been asked to help investigate a recent security incident that took place at the law firm, Frank, Charles and Champion. In your assignment you have been assigned to work with the vice president of IT.

The security incident that you are investigating appears to be a case of an intruder who broke into a company computer to remove and destroy information on an upcoming legal case. A forensic examination revealed that the incident was actually an inside job that was perpetrated by one of the new programmers, who is a relative of the VP of IT. When you wrote your findings and presented then to your client, the VP of IT has asked you to change the findings in your report to show that the perpetrator could not be found. The VP has promised future work for your company and a good recommendation for your work if you comply.

What will you do next? And explain your reason based on Ethic.

Question 2: Data Replication Products Survey

As a consultant with the VIU Risk Analysis Consulting Co., you have been asked to research data replication products for a manufacturing company, ABC Plastics.

ABC Plastics has decided to build its backup application servers in a distant city. In its headquarters and in the other location, the servers run Solaris (operating system) and Oracle (database), and the database series on a SAN system. ABC Plastics would like transactions on its headquarters servers to be transmitted over a wide-area connection to the Storage Area Network (NAS) in the other city.

Find some reviews and information from Internet about replication products. Some possible sources of information include:

Searchstorage.techtarget.com

Computerworld.com

Sun.com

Oracle.com

Make a comparison of all four replication products you have identified. Discuss the differences and similarities among the products and discuss their business value.

Question 3: Research Biometric Access controls

As a consultant with the VIU Risk Analysis Consulting Co., you have been asked to research biometric access controls for a Water treatment Plant.

A number of security incidents in the past year has prompted Water treatment Plant to consider using biometrics for its building access control system. Using online research, identify at least four biometric access control products that could be used. Consider systems that are based on behavior, fingerprint, iris scan, and handprint.

Question 4: Security Tools

As a consultant with the Waterfall Consulting Co., you have been assigned to a consulting project at the VIU Company, a small manufacturing company.

VIU is considering enacting a policy that will forbid all but security analysts to posses and use security tools such as scanning tools, password crackers, disassemblers, sniffers, and code analyzers.

Explain whether this policy a good idea?

Explain on how it can be enforced?

Create a report that includes your five recommendations.

Question 5: Wireless Network Survey

As a consultant with the VIU Consulting Co., you have been asked to perform a wireless access point survey at the local Software Company offices. Software Company is concerned that there may be rogue (unauthorized) Wi-Fi access points in use in their company.

Check on Internet and find at least three tools you will use to look for a rogue access points?

List at least two pros and two cons of using these tools?

Explanation / Answer

Question 1: An Ethical Challenge

With regards to the issue of not disclosing the intruder's identity on the request or saying of VP of IT, I would not listen to the VP of IT because according to ethics it is not legal or correct on my part to give false reports related to the security incident of my client and it's my responsibility and duty to be honest and truthful in my work.

Question 3: Research Biometric Access controls

The different Biometric products that can be used are as follows:

1.Iris Scanner: Iris Scanners are biometric devices that capture the pattern present in the iris of the eyes of an individual which is unique to that particular person. This can be effectively used to identify indviduals and accordingly provide access.

2.Personal signature based verification system : This biometric device is a behavioural based biometrics system that stores and identifies an individual based on his or her signature.

3.USB Fingerprint Scanner: This is fingerprint based biometric device that differentiates persons based on their fingerprint pattern.

4.Hand geometry readers: These are hand pattern based biometric tools that stores the shaapes and dimensions of a person's hand that helps them to uniquely identity individuals.

Question 4: Security Tools

As given in the problem, It would be a great idea to allow Security Analysts to use different devices because it will assist them in their work of handling and recognising any issues related to security breach in the organization.

This can be enforced by making sure that only Security Analysts have access to such devices and tools by implementing strict authorization mechanisms and by forbiding others from this access.

These security tools that can be recommended for installation and use are described as follows:

1.Sniffers: Sniffers can be used for legitimate purpose in any company to check the packets of data coming over to the internal network of the company and thus it can be checked as to the data is coming from any insecure location and whether it will affect the security of the company's data.

2.Password crackers: Password crackers can be used by security analysts to check whether the passwords used by employees in the oragnization meets the company's policies or not. It helps them to check whether the passwords are weak or strong in order to ensure security of the company's data. Also, in cases of forgotten passwords they can be recovered using Password crackers.

3.Disassemblers: A disassembler can be used for security purposes as it translates machine code into assembly language which is low level language and thus it provides access to parse the code and thus detect any malware or a piece of code that can compromise the security of the data of the organization.

4.Scanning tools: Scanning tools are mostly used by security analysts in prganizations to check any vulnerabilities in the company's network by scanning. This helps to reveal any weakness with regard to security mechanisms and thus helps to improve security measures to prevent any security attack on company's data nad network.

5.Code Analyzers: Code analyzers are used to check security at application level of an application. Security Analysts can use Code analyzers at the time of buying or developing a software to check for any hard coded data such as usernames or passwords or limitation in any functionalities that could possibly lead to security breach.

Question 5: Wireless Network Survey:

Three tools that can be used to look for rogue access points are:

1.IBM Distributed Wireless Security Auditor:

It's al linux based program that sniffs out access points and sends this information to a database and thus helps to find out rogues or intruders by matching them to list in the database.

2.AirDefense Security Appliance:

This tool monitors wireless traffic to find out rogued access points or intruders around an organization's network.

3.NetStumbler:

NetStumbler or network stumbler is a Windows based sniffing tool that can be used to detect Wireless LAN's and to locate different network configurations and thus can detect rogue access points.

Advantages of using these tools are:

1.It helps to find out unauthorized accessors to the company's network and thus preventssecurity threats .

2.Using such tools helps to prevent intrusion attacks and thus provides intrusion detection and prevention.

Disadvantages of using such tools:

1.They can be costly and difficult to implement.

2.Sometimes due Distances issues, complete surveilence cannot be achieved using these tools.

Related Questions

Question 1: A certain type of sandwich has caused severe indigestion in those wh
Question #51361
Question 1: A certain type of sandwich has caused severe indigestion in those wh
Question #51363
Question 1: A class object can be _____. That is, it can be created once, when t
Question #3557696
Question 1: A company enters into long futures contracts to buy 1,000 barrels of
Question #2629186
Question 1: A company enters into long futures contracts to buy 1,000 barrels of
Question #2629201
Question 1: A company is considering replacing an existing machine with a new on
Question #2428835
Question 1: A criminal justice researcher wants to examine whether the judges in
Question #3243798
Question 1: A criminal justice researcher wants to examine whether the judges in
Question #3258514
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Question 1: An Ethical Challenge You are a security consultant with the VIU Co.
Next
Question 1: An accounting professor wants to know the average GPA of the student

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.