DISCUSSION: Information Systems Security and Assurance
1. What phase of designing an IT system should security be addressed? What security technologies should be built into a system?
2. Do you think SIEM tools should be mandatory for IT systems rated moderate or above?
3. On page 105, in your own words, explain how you would use the Risk Calculation: "Credible Attack Vector *Impact=Risk Rating."
4. Explain the flow of ATASM (page 133) in detail and provide examples.
5. Compare and contrast the different architectural layers: Presentation, Application, and Data
6. Explain the importance of enterprise component flows and provide of examples of when these types of diagrams would be utilized.
7. Explain the architecture for mobile security. Provide a detailed example.
8. Explain the different cloud services and provide examples when each would be utilized.
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.
REQUIRED READING
Title: Securing Systems Applied Security Architecture and Threat Models by Brook S.E. Schoenfield. Edition/Copyright: 1st, 2015. ISBN: 9781482233971.