What is the relation between change and configuration management as a general systems administration process, and an organization’s IT security risk management process?
computer science
Description
Write a 3-4 page paper in APA format (not including the cover page and reference page) responding to the prompts below. Please click here to view the criteria by which you will be assessed for the achievement of the CLO for this unit. Please use the APA Sample provided in the Student Resources to complete your assignment. Remember to cite to your sources.
1. Compare and contrast the Bell-LaPadula model, the Clark Wilson model and the Chinese Wall model for computer security.
2. As part of a formal risk assessment of desktop systems in a small accounting firm with limited IT support, you have identified the asset “integrity of customer and financial data files on desktop systems” and the threat “corruption of these files due to import of a worm/virus onto system.” Suggest reasonable values for the items in the risk register for this asset and threat, and provide justifications for your choices.
3. Explain the checks the organizational security officer needs to perform as the plan is being implemented.
4. What is the relation between change and configuration management as a general systems administration process, and an organization’s IT security risk management process?
5. Fill in the entries in the following table by providing brief descriptions.
| IT Security | Physical Security |
Boundary type (what constitutes the perimeter?) |
|
|
Standards |
|
|
Maturity |
|
|
Frequency of Attacks |
|
|
Attach Responses (types of responses) |
|
|
Risk to Attackers |
|
|
Evidence of Compromise |
|
|
6. Describe a PIV system and how it integrates with the physical access control system.
