1) What is crime prevention through environmental design?A) According to Whitman and Mattford (2012), crime prevention through environmental design

(CPTED) is an outline with regards how one can properly build and use the physical environment to prevent or lower the incidence of crime in that area.

According to Zahm (2007), CPTED considers environmental conditions and modify or use them in order to reduce the crime or undesirable behaviors. CPTED is important for any organization with regards to physical security because it is preventative in nature.

Further explained by Zahm (2007), CPTED eliminates the undesirable opportunities by providing control access like putting fences, tree lines, sidewalks near the facility of the building. It provides modification in the organization site so that there can be opportunities to see from one part of site to other part. For example parking, walkways can be seen from office windows. Providing proper lighting and landscaping near the facilities allows the intruder to be seen.

2) How can you use nature to help secure an organization’s physical security? Give some examples.A) According to Whitman & Mattford (2012), natural environment plays a huge role in protecting

organization with regards to crime protection. Natural environment plays a huge role in terms of the natural light and visibility coming through, also it should have an open area so that the sound can travel easily in case of emergency.Further explained by Whitman & Mattford (2012), the open area plays a huge role in terms of spotting the intruder with the help of CCTV cameras. Also clearly defined public and private zones will play a huge role in terms of physical security.Trees can play huge role in security, as they can provide space to mitigate the external attacks.

3) Describe the different type of fire classes and their suppression methods and why these are important when it comes to physical security?

A) According to Whitman and Mattford (2012), there are 4 types of Fires in today’s business.

Class A: Regards to common combustibles which can arise from wood products, paperSuppression method: Water and foam can suppress these fires.

Class B: Liquid, this is with regards to petroleum products and coolants.Suppression method: Gas, CO2, dry powders can suppress these fires. Class C: Electrical, in relation with electrical equipment and wires.Suppression method: Gas, CO2, foam and dry powders.Class D: Combustible Metals, which can arise due to metals like Magnesium, sodium and potassium.Suppression method: Dry powder can suppress these fires.

According to Whitman and Mattford (2012), fire is a great threat when it comes to physical security of any company, it is extremely important to know what the types of fires are and how

to suppress them. Fire can destroy the physical data, injure employees, in a company hence it is important to understand the counter preventive measures.

4) Finally, why is physical security so important when it comes to having a fully-fledged information security program and architecture?

A) According to Whitman and Mattford (2012), physical security is the basic any company or organization should have. Physical security represents protection of the building sites and hence protection of company data. Company data has to be secured and hence physical security is utmost important.If physical security is weak, intruder can attack from outside and can gain control on the company equipment and hence will have access to the company data. To prevent external attacks by intruders, company should be well versed with other aspects of physical security as using nature for physical security, using security guards, having alarm system, using CC TV cameras for observation. This will reduce the impact of external attack on the company and company can focus more on the internal security.

References:

Whitman, M. E., & Mattord, H. J. (2012). Principles of Information Security. Boston: Cengage Learning.

Zahm, D. (2007). Using Crime Prevention through Environmental Design in Problem-Solving. US Department of Justice. Retrieved from http://www.popcenter.org/tools/pdfs/cpted.pdf

1) Explain the difference in prosecuting computer crime. Why is law seemingly two steps behind new technologies or new paradigms? For example crime such as denial of service, ransom ware, identity theft that occur or are initiated from different countries or different law systems. How can these malicious attacks be prosecuted?

A) According to Whitman and Mattford (2012), the law are rules or a certain set of behaviors which are drawn out from ethics or socially acceptable behaviors. Law deals with Privacy, ethics, technology, copyright, export and espionage, so when the technology is updated or a new technology comes into picture, there has to be law which takes care of all the above aspects of the new technology. For example, if a company releases any new software in the market, there has to be laws to safeguard its copyright, identity and privacy. So I feel that statement law is not behind the new technology, it is in such a way that technology has to be improved upon or updated first then only we can safeguard it using laws. So creating laws for technology is subset associated with technology modification (Whitman and Mattford, 2012).

2) What is the purpose of information assurance? How does information assurance and compliance work with each other?

A) According to Techopedia (2014), Information assurance (IA) is used to protect computer information and network systems. It protects information based on 5 qualities of system mainly Integrity, Availability, Authentication, Confidentiality, Nonrepudiation.Purpose of IA is to protect against the threats in the IT world such as phishing, worms, viruses, social engineering and identity theft.According to US EPA (2012), compliance means conformity of the laws and regulations. Compliance makes sure that the qualities of IA while protecting the data are followed to the core. It gives assurity that IA methods are implemented correctly.

3) Furthermore, what is HIPAA and PCI DSS? Finally what is the purpose of computer forensics? A) According to Whitman and Mattford (2012), HIPAA is Health Insurance Portability and

Accountability Act of 1986. Primary purpose of HIPAA is to protect the confidentiality and security of health care data. Further according Whitman and Mattford (2012), HIPAA enforces the standards and security for the electronic data interchange.HIPAA is effective in all health care organizations and can heavily penalize if some organizations fail to comply with the law.

According to Whitman and Mattford (2012), PCI DSS- Payment Card Industry- Data Security Standards requires one to encrypt a credit card account number stored in one’s database and ensure that the data remains secured when transferring outside a company.It helps to protect the data through encryption keys.

Computer forensics, according to Whitman and Mattford (2012), determines how the incident occurred and goes into the depth of the matter. It records the facts emerged from reconstruction of data. Purpose of computer forensics is to address any further vulnerabilities, safeguarding data and prevent the incident to occur twice. It also takes care of damage assessment.

References:

Whitman, M. E., & Mattord, H. J. (2012). Principles of Information Security. Boston: Cengage Learning.

Techopedia. (2014). Information Assurance. Retrieved from http://www.techopedia.com/definition/5/information-assurance-ia

USEPA. (2012). Compliance. Retrieved from http://www.epa.gov/compliance/basics/compliance.html

1) Explain the difference between asymmetric and symmetric encryptionA) According to Whitman & Mattford (2012), Encryption can be Symmetric and Asymmetric. In

symmetric encryption methods, the sender and receiver have the same encryption key. They use mathematical operations to perform encryption and decryption. Problem with symmetric encryption methods is that as the number of users grow more, the calculation of number of keys needed becomes un-scalable.

As per Whitman & Mattford (2012), Asymmetric encryption methods, the sender and receiver has 2 different keys, public and private keys. A public key is key which is known to everyone. And private key should be only known to sender or receiver.

2) What is PKI?A) According to Whitman and Mattford (2012), public key infrastructure (PKI) is the combination of

software, encryption technologies, processes, and services that enable an organization to secure its communications and business transactions. The ability of a PKI to secure communications and business transactions is based on the exchange of digital certificates between authenticated users and trusted resources.According to SSLShopper (2014), PKI does the following

- Authenticate users more securely than standard usernames and passwords- Encrypt sensitive information- Electronically sign documents more efficiently

3) How and why must you design your organization to support a PKI?A) According to Whitman and Mattford (2012), public key infrastructure has set of programs,

procedures and security policies which help ensure a secure and trusted communication between sender and receiver.It is standard which should be followed all over the organization in order to enable safe transit during encryption for both the parties. If PKI is implemented it can prevent third party invasion. PKI uses the digital signatures to attest the public key of individual entities. The Certification Authorities (CA) which play the central role in PKI, issue certificates signing the public key of the individual entities with the digital signatures created by encrypting the public key of the individual with its private key.

4) What is the purpose of hashing and when it comes to hashing what is a collision attack?A) According to Rouse (2014), Hashing is the transformation of a string of characters into a usually

shorter fixed-length value or key that represents the original string.Hashing can be used to accomplish tasks such as generate new keys and passwords for security. In computer science, a collision or clash is a situation that occurs when two distinct pieces of data have the same hash value, checksum, fingerprint, or cryptographic digest.Impact of collision depends on hash value.

References:

Princeton (2014). Hash collision. Retrieved from https://www.princeton.edu/~achaney/tmve/wiki100k/docs/Hash_collision.html

1) Should your information technology department and information security department report to the same department head? Or should your IT, IS department work separately? Why or why not?

Information technology department and information security department must report to the same department head. The information technology (IT) department can be considered as the parent department with the information security (IS) department as the child department. The IT department cannot develop a program that is in line with security policies and procedures without coordinating with the IS department. Information security department is responsible for providing protection of the information assets of the organization through its policies. It would be irresponsible for the IT department not to work the IS department as the IT department develops new programs based on the requirement of the IS department.

Below are some of the advantages of IT and IS department working together:• The creation of one system for managing all the security, including a streamlined workflow for creating, deleting and modifying user identities;• A unified network policy for both local network and remote access that leverages location and status information from physical access systems;• Improves user access and helps solve privacy concerns;• A practical and affordable second authentication factor; Greater from existing infrastructure;• Better coordination of security resources in critical and emergency situations;• An identity-based reporting system for use in forensic investigations; and• Assists with company-wide compliance efforts.

2. What is Split Knowledge, Separation of duties and Mandatory Vacation and why should these administrative countermeasures be part of your normal security operational procedures?

Split knowledge- It prevents any one person from knowing the complete value of an encryption key or passcode. Two or more people should know parts of the value, and all must be present to create or re-create the encryption key or passcode. It is required for the creation of the master keys which are in turn needed to protect data encryption keys. Any encryption keys that are accessed or handled in the clear in any way should be protected using split knowledge.

Separation of Duties- It means that different people control different procedures so that no one person controls multiple procedures. In case of encryption key management, there should be two different persons who manage the encryption keys and encrypted data. It prevents fraud and other mishandling of information.

Mandatory Vacation- Mandatory vacation policy requires employees to use their vacations at specific times of the year or use all of their vacation days allotted for a single year. Individuals who are stealing from the organization or otherwise misusing information or systems are, in general, reluctant to take vacations, for fear that their actions will be detected. This policy helps detect security issues with employees, such as fraud or other internal hacking activities, because the anomalies might surface while the user is away.

These practices should be part of any organization in order to avoid major data breach. Introducing these counter measures mitigates the chances of fraud or malfeasance caused by the mishandling of data or a data loss which is caused due to hackers, employees or stolen or lost hardware.