PKI is used extensively in the U.S. federal government. However, it has not caught on in the business and commercial sectors.  Why is this the case?  In your opinion, what is the future of PKI?  Do alternate methods such as those proposed by the FIDO Alliance (URL: https://fidoalliance.org) offer a viable alternative to PKI? PKI…

What is the best value that should be assessed when evaluating the worth of an information asset to the organization – replacement cost or lost income while repairing or replacing?  What is the likelihood value of a vulnerability that no longer requires consideration? Cite resources and references that can support your assertions. I actually think…

System monitoring and the use of network traffic log files are extremely important for gauging baseline performance and observing events.  Why does identifying abnormal behavior first require having a baseline?  What can a log file show that lends insight into abnormal behavior? Having a baseline is important because it gives you a guide to go…

Imagine that you are a manager responsible for implementing a significant cybersecurity-related technology change within an organization. What are the potential reactions to this change?  Indicate one way in which you would minimize the impact of adverse reactions within the change management process. Provide support for your recommendation. If I was the manager of a…

What are the benefits and risks of the use of SSO?  Specify measures that can be taken to better secure an SSO system. Single sign on (SSO) is a security login feature that many online platforms use to authenticate people, and allow them access to their platform. It’s easy to manage, and provides a basic…

The decision to escalate incidents to law enforcement is an area fraught with conflict. In your opinion, what are the pros and cons of law enforcement involvement?  What resources and references can you cite to backup your assertions? While escalating a situation to law enforcement is a touchy subject in a business setting, especially around…

What is the difference between a threat and an attack?  How do exploits relate to vulnerabilities?  Is there an ethically acceptable reason to study and use the various attack methods described in this module? A threat is the risk that a potential attack can happen on a system, or a network, while an a threat…

In your opinion, what are the biggest IoT security risks and challenges?  Cite resources and references that back up your assertions. The biggest risk in the evolving world of IoT has to be near parallel development of hacking and malware, with a close and related second being lack of user awareness around security. With increased…

What is the defining difference between computer security and information security?  Why can we argue that information security is really an application of social science? Computer security generally has to deal with mitigating and preventing cyber attacks, and the damage they can cause to a system’s software, as well as dealing with the physical aspects…