Discussion 1

What is the defining difference between computer security and information security?  Why can we argue that information security is really an application of social science?

Computer Security and Information security both have there differences. Computer security is hardware. Computer security protects hardware and the software from viruses and things that are not authorized. Information Security is to protect the information from the hackers such as credit card numbers, bank numbers, and passwords. Information security is an application of social science because of us people. Information security is definitely something that is important because with this term you are helping people protect their personal information that is being stolen. 

Discussion 2

In your opinion, what are the biggest IoT security risks and challenges?  Cite resources and references that back up your assertions.

The biggest IoT security risk I think there is, is setting up weak passwords. Many devices that are shipped to us people that we use have default and easy passwords. When people get the devices, they forget to change the passwords, and this is a very risky and dangerous thing that happens. You should never have a weak or easy password to anything on any device or any accounts of your own. Hackers can get easy access to these passwords of ours and then we can lose our personal information or even our personal information can be published to the public. This is one risk I think there is 

Discussion 3

What is the difference between a threat and an attack?  How do exploits relate to vulnerabilities?  Is there an ethically acceptable reason to study and use the various attack methods described in this module?

There are many differences between a threat and an attack. A threat is an action that is a harmful asset that can be an unintentional or intentional. An attack is a harmful decision that is straight up just intentional, and it is usually considered malicious as well. An exploit is a technique designed to take advantage of vulnerabilities by a hacker. There is a reason to study these methods and that is to stop the bad guys or hackers from doing any damage with attacks. When you study the major cyber security and pursue a degree in it like I am doing, you have to know what to do for any sort of thing that can occur so it is important to learn all of this stuff. 

Discussion 4

The decision to escalate incidents to law enforcement is an area fraught with conflict. In your opinion, what are the pros and cons of law enforcement involvement?  What resources and references can you cite to back up your assertions?

Escalating incidents to law enforcement is never a bad choice to do but there are cons to it. When you have to escalate an issue to law enforcement it means there that the incident is very serious. There are definitely pros of involving law enforcement and that is the help and support they can provide in a cybercrime. Another pro of having law enforcement involved is they being able to investigate and get further information in whatever was reported. Some cons is once you have notified them there is no backing out and investigations could take time even if it involves information or money that was stolen.

Discussion 5

What are the benefits and risks of the use of SSO?  Specify measures that can be taken to better secure an SSO system.

SSO is something that is used. It stands for single sign on. The benefits of using SSO is you do not have to memorize many passwords. You also do not have to worry about having to reset the passwords either since SSO doesn’t have you memorizing passwords. One of the risks that SSO’s have is that if someone gets a hold of your log in then they will get a hold of all the passwords that you have which is very dangerous. 

Discussion 6

Imagine you are a manager responsible for implementing a significant cybersecurity-related technology change within an organization. What are the potential reactions to this change?  Indicate one way in which you would minimize the impact of adverse reactions within the change management process. Provide support for your recommendation.

If I had to make a change to significant cybersecurity related technology, I would make an announcement to the workers and let them know when the change is coming into effect. Letting the workers know would give good and bad feedback. The reason it would be good because some workers would like the change and be happy with the new technology coming out into effect and be excited to learn about something new. Some workers may get frustrated that the system is changing, and they have to learn something completely new and have to go through trainings. I would help those employees who would not like the change and implement a plan with them and make things easier for them.

Discussion 7

System monitoring and the use of network traffic log files are extremely important for gauging baseline performance and observing events.  Why does identifying abnormal behavior first require having a baseline?  What can a log file show that lends insight into abnormal behavior?

Having a baseline is basically very important because a baseline tells you whether you are in the right direction or not. Log files is basically like the database. What that means is a log file is a place you can go to review what is going on in the system in detail and look at things very clearly and closely. It can also show when things go wrong and show where something is going wrong incase something did go wrong. 

Discussion 8

What is the best value that should be assessed when evaluating the worth of an information asset to the organization – replacement cost or lost income while repairing or replacing?  What is the likelihood value of a vulnerability that no longer requires consideration? Cite resources and references that can support your assertions.

The best value that should be assessed when evaluating the worth of an information asset to the organization is how good the employees are in my opinion. If an employee is good at a job that they are doing then there is nothing to evaluate. If the employee is not good and is not giving or helping the company in anyway shape or form. If a company has to replace employees it will definitely be a cost in my opinion which will cost a lot because you have to find a good replacement. The likelihood of a vulnerability is neutral it all depends on the company and how the company is running. 

Discussion 9

PKI is used extensively in the U.S. federal government. However, it has not caught on in the business and commercial sectors.  Why is this the case?  In your opinion, what is the future of PKI?  Do alternate methods such as those proposed by the FIDO Alliance (URL: https://fidoalliance.orgLinks to an external site.) offer a viable alternative to PKI?

PKI stands for Public Key Infrastructure. It is a tool that is used in the IT world. This tool is used for encryption. Encryption is something you use to protect certain information. PKI is used to create and manage public keys. PKI also is used to make messages private. However, it has not caught on in the business and commercial sectors. I think PKI will be used where it needs to be used at. It will be used for big companies. 

Discussion 10

Internet Protocol Version 6 (IPv6) was designed to address the limitations of Version 4 (IPv4).  What cybersecurity-related enhancements have been incorporated into IPv6?  The adoption of IPv6 has been pretty slow across both the public and private sectors.  What reasons can you attribute to this?  Cite resources and references that support your assertions.

IPv4 is Internet Protocol version 4. It is a technology piece that is used to connect the devices to the internet. IPv4 could not hold many connected devices so IPv6 was invented. IPv6 can hold more devices than IPv4 can. IPv6 is a more secure technology piece as well and does not slow down compared to IPv4. IPv6 can also handle more packets more efficiently than IPv4 could. IPv6 also has more better features and is advanced compared to IPv4.

Discussion 11

Describe some actions or techniques that can be used to mitigate or stop the impacts of malicious applications.  Are some of these methods more effective than others?  Provide an example of a cyber attack that resulted from the execution of malicious code.  There are plenty of examples that can be queried from the Internet.

One action that can be used to stop impacts of malicious applications is multi-factor authentication. Multi factor authentication is very common and most people use it. Multi factor authentication is when you use a second device or way to verify it is you who is logging in and using the device that you are logging in. To usually verify it is you a code gets sent to a phone or an email to put in to make sure it is you. Another thing you can use to protect yourself against the malicious activity is anti virus softwares. Anti virus softwares are very helpful because they protect against viruses and suspicious activity. 

Discussion 12

The NIST CSF (URL: https://www.nist.gov/cyberframeworkLinks to an external site.) was developed to provide “a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses.” Do businesses and government agencies need to utilize such a framework to maintain a proper cybersecurity posture?  Can an organization mitigate cybersecurity risks without incorporating such a framework? Cite resources and references that back up your assertions.

Businesses and government agencies do not need to utilize a framework to maintain a proper cyber security posture. It is something that is not required for the businesses and government agencies to do. Businesses and government agencies can have their own ways to keep a proper posture in cyber security. The meaning of this is to keep businesses to protect information which is confidential information. When I talk about confidential information I am talking about personal information that businesses keep protected.

Discussion 13

The Health Insurance Portability and Accountability Act (HIPAA) Security Rule establishes a national set of minimum security standards for protecting all electronic private health information (ePHI) that a Covered Entity (CE) and Business Associate (BA) create, receive, maintain, or transmit. The Security Rule contains the administrative, physical, and technical safeguards that CEs and BAs must put in place to secure ePHI. With that in mind, what types of information system components need to be heavily scrutinized to help protect the confidentiality and integrity of ePHI?  What types of controls would you recommend implementing to safeguard ePHI?  Cite resources and references that back up your assertions.

Have you ever wondered what HIPPA is. HIPPA stands for Health Insurance Portability and Accountability Act. HIPPA. In technology terms Health Insurance Portability and Accountability Act is where it shares storage space and provides data to the devices. One thing I would think that can help keep things confidential is the term AAA. AAA is Authorization, authentication, and Accounting. Authorization is basically where someone in specific has access to something. Authentication is where you verify that it is you who is logging into something. Accounting keeps track of the activity. 

Discussion 14

What avenues should an aspiring information security professional use in acquiring professional credentials?  Cite resources and references that back up your recommendations.  You can watch the following videos to help answer this topic:

There is one route that someone needs to go through. This route that someone needs to go through is to take the CompTIA Security + or Network + certification. Security + is needed to get a job in the IT field. The security + certification is a certification that teaches you the basics of the security functions and then gets you ready for an IT job to pursue. The security + certification is one of the best certifications that is available. 

Discussion 15

Cybersecurity education and training are provided in a variety of ways.  These include online/face-to-face courses, online self-study (e.g., Skillsoft Skillport), reading textbooks/periodicals, and video presentations.  Of the various approaches, which do you feel is the most effective?  Are there any recommendations you could provide to help improve the ways that cybersecurity knowledge is conveyed?

So the approach that I think is effective for cyber security education is complete online courses. The reason is you don’t have to worry about having work due in 2-3 days. You get work Sunday and you have a whole week to get the work done and you can do the work at your own pace. I find this much better than having an online zoom class or an in person class. Teaching yourself is also useful because you can learn at your own speed instead of always having to move quickly.