IT Risk Management / security
1. For this question you are required to make at least two (2) forum postings concerning the following topic: Do you think the ”fear factor”, or FUD, is an appropriate strategy for increasing investment in security? You will be assessed on what you contribute to the debate in terms of quality not quantity (though your posting should at a minimum be a few sentences long). You may either create a new thread or reply to a previous posting. All new threads should contain the subject line ‘FUD Debate’
2. Answer the following questions with reference to the case study below, which details the security layout of an airport (note: you only need to consider the departure process for this question, not the arrival process):
a.Use a diagram (with symbols like those in Inside the Security Mind, Fig.5.2) to describe the security layout below using a thinking in zones approach. The areas you need to classify as untrusted, semi-trusted or trusted are the main terminal area, the sterile area, and the apron. You should also indicate whether any filtering occurs between these zones, and the types of communication allowed. In doing so, you may have to extend the meaning of the communication symbols in Fig.5.2 so that they fit a human traffic scenario.
b.In each case, explain why you classified each area (the main terminal area, the sterile area, and the apron) as you did.
c.From your answers above, identify which area(s), if any, are high exposure, medium exposure, medium-low exposure, and low exposure.
d.Do you think the ”Thinking in Zones” approach is equally applicable to an airport scenario as it is to a computer networking scenario? Why or why not?
- Anyone is permitted both to enter and leave the airport terminal at their discretion.
- Once inside the terminal, passengers check-in at the airport counter to receive a boarding pass.
- To board a flight, passengers must first enter the airport’s sterile area. To enter the sterile area, it is necessary to go through a security check. Once inside the sterile area, passengers are free to go back to the main terminal area (but they will need to undergo another security check to re-enter the sterile area).
- Passengers must move onto the airport apron to board their flight. In order to do this, it is necessary to have a boarding pass. A check is made at the flight gate to ensure passengers have a boarding pass.
- Once on the airport apron, passengers must board the plane. They are not permitted to re-enter any other part of the airport.
3. Explain what the author of Inside the Security Mind means by the following statement: ‘As zoning functionality increases, exposure increases’ (Day 2003, p.77). In addition, offer two practical examples in support of this statement.
4. When acquiring software from an external source (such as a web site), it is good practice to install and run it on a test machine that is isolated from any internal network. Use the “Thinking in Zones” approach described in the Day text to explain why this practice is recommended.
5. You are asked to do a presentation on the topic of failing securely. Research the following concepts to be used as examples in your presentation. For each concept, prepare a brief description (no more than a paragraph) showing how it supports the concept of failing securely:
- The air-brake system on a railway carriage
- The TTL count in a TCP/IP packet
- A firewall access control list
- A Java byte code file that contains an arbitrary jump in the code that has been added by an attacker, and which points to a piece of viral code appended to the end of the file.
6.You download a piece of software (signed with a digital signature) from the Internet, and run it using the administrator account on your computer. Using Day’s theory of chained trusts explains why this is dangerous.
7. Explain the difference between the concepts of risk and uncertainty.
8. A risk manager evaluates whether or not to apply a countermeasure to control risk. The countermeasure may involve risk reduction, risk assignment, or risk acceptance. Briefly summarise these different approaches.