CSEC 610 Final Exam Questions With Sample Answers

Question 1: Corporate Espionage

Firms can accomplish advantageous strategic effects in addition to cost savings in a spying country through the use of corporate espionage. The spying firm or country characteristically expands through counter-espionage maneuvers which consequently enhances technology surrogating and consequently becomes beneficial to consumers.  Corporations, individuals, as well as countries make use of any available ethical, and at times unethical, approaches in a bid to acquire information aimed at giving them a competitive advantage over their competitors. There is various technologies and techniques employed by corporate spies and spooks in obtaining other people’s data that can easily be integrated in information technology and network gadgets. Integrating the faithful Ghost key-logger technology software into a device or a network allows one to send keystroke emails to predefined email address (Mano, 2011). For instance, this can be employed in online reseller as well as value added reseller that allow one to ship the systems using key-logger that is already preconfigured and preloaded. Consequently, this allows a provision of receiving confidential corporate information from all over the globe (Gopalakrishnan, 2014).

The Ghost key-logger has a password that safeguards its settings which makes it instrumental in encrypting the keystroke log files while ensuring the confidentiality of the collected data. Incorporating Netgear XE1027 technology in gadgets and network systems can allow a user to transform a construction’s electrical cabling into a 56-bit DES encrypted network which cannot be detected and when coupled with an EoP device one can search retrieve data incognito. Other techniques include; SCI-EAR 2000 which is a minute device that allows one to eavesdrop discussion in the proximity, and parabolic dish microphone with the capability of sifting out unnecessary background sounds. Network users’ accounts ought to be configured using well-built encryption with the aim of ensuring that confidential and sensitive data broadcasted through the LAN from all users are secure. In configuring strong encryptions there is need to install make use of trusted and reliable encryption software which include VPN, SSL, and IPSec to enhance network security at the application layer(Mano, 2011).

Measures must be put in place in provision of adequate security with an aim to control the remote access of users through the use of vigorous authentication, encryption, and identification procedures. It is thus instrumental in testing networks to ensure that none of the denial of service attacks, in singular or singly or in amalgamation, is capable of disabling the device. In formulating an secure access control plan the following concerns should be addressed which are; restricting excessive systems privileges in ensuring authorized and unauthorized users do not alter or corrupt configuration of the operating as well as the application software setting that might precipitate severe results. Lack of access limitations could permit authorized users and third parties to adjust data and system configurations which may expose the network to loss of privacy and integrity (Mano, 2011).

Developing viable and strong password policies is crucial in enhancing the security of network data and resources. The use of two-factor authentication methods, which calls for two forms of evidence in verifying the identity of the user prior to access to the network, is more secure compares to the conventional authentication methods of static passwords. It is authoritative to note that passwords can be compromised through various means such as brute-force attacks, IP spoofing, Trojan horse malicious programs, and packet sniffers (Gopalakrishnan, 2014).

 

Question 2: Windows XP Migration and Security Issues

Released my Microsoft in October 2001, Windows XP Professional operating system was designed and engineered to integrate the strengths of Windows 2000 which included manageability, reliability, as well as security with the desirable features of the previous version, Windows 98 and Windows Millennium. Windows XP do not only combine the corporate and consumer aspects of operating system modules but also introduced new functionalities that encircled new security features that proved robust with security features improvement including internet connection firewall, software restriction policies, controlled network access, secure online data storage and retrieval, Microsoft Passport, , encryption file system, and credential management. In addition, Windows XP offered thousands of security-related settings that can be executed individually besides over 200 new policy settings as well as 421 policy settings that came with Windows 2000 (Goktepe, 2002).

Following the Microsoft’s announcement that the extended support of Windows XP would end on the 8th of April 2014, corporations, organizations are compelled to migrate to supported versions of windows failure to which they will be confronted by increased security support challenges and risks. Failure to migrate to more secure and supported Windows versions implies that organizations will have to tackle enhanced security risks and support challenges that in turn results in more consumption of IT budgets and resources. Supporting the older Windows XP system installation is considered to take up more IT labor while obatianing typical support for Windows XP becomes more costly since it comes with an added cost of charge per deployment for every PC machine. Furthermore, there is an increase in compatability setbacks for Windows XP in the event that an organization does not migrate following the fact that a huge portion of ISVs will proceed to offer software not supported by Windows XP.

There are various vulnerabilities that come with migration from Windows XP that include hardware compatibility and application concerns, software deficiencies, as well as outdated and missing drivers. These problems result in the risk of loss of user productivity, declined perception of IT, missing applications, as well as malfunctions of hardware and applications following considerable resources and time during migration (Goktepe, 2002).

Conducting a scrupulous inventory as well as a cautious assessment of all software and hardware prior and during migration is essential in a bid to detect and handle the impediments ahead of time. Subject  to time and resource constraints, numerous organizations are tempted to assume that the migration process is a one-time event however, the resolutions formulated at the onset of migration are the primary determinant of the successful occurrence of the support and maintenance of the new Windows environment. Selection of the proper tools in comprehending the current system landscape enhances a solid base for the management of the new operating system environment (Goktepe, 2002). To have an effective migration process that is both achievable and manageable, an organization needs to consider issues of planning, effective migration project, application, deployment, and maintenance and support. Planning involves catalog evaluation, analysis, as well as rationalization. The application phase puts into account the issues of testing, repackaging, and remediation. The deployment stage involves movement of systems as well as users’ data and content.

Download all CSEC 610 Final Exam Questions With Sample Answers Or order unique answers at an affordable price. 

Share with your friends
Order Unique Answer Now

Add a Comment