Professional Documents
Culture Documents
Anonymous IA Assignment 1
Anonymous IA Assignment 1
223604
Assignment 1:
Information Assurance
Question no 1:
The report was published in 1979 and provides recommendations for improving the security of com-
puter systems used by the Department of Defense (DoD) and other government agencies. The main
points covered in the report include the following:
The need for a comprehensive security program: The report emphasizes the importance of establish-
ing a comprehensive security program that includes both technical and non-technical security mea-
sures.
The importance of access controls: The report stresses the importance of access controls to prevent
unauthorized access to sensitive information.
The need for secure communication protocols: The report recommends the use of secure communi-
cation protocols to protect information as it is transmitted across networks.
The importance of monitoring and auditing: The report highlights the importance of monitoring and
auditing computer systems to detect and respond to security incidents.
The need for training and awareness: The report recommends training and awareness programs to
educate users about security risks and best practices.
The importance of physical security: The report emphasizes the need for physical security measures,
such as secure facilities and access controls, to protect computer systems from physical attacks.
Overall, the report highlights the need for a comprehensive approach to computer security that in-
cludes technical and non-technical measures to protect computer systems and the information they
contain.
Question no 2:
following security technologies work (preferably
with diagrams)
Collection: This involves gathering information from a wide range of sources, in-
cluding open-source intelligence, internal data sources, and third-party feeds.
Processing: The collected information is processed to remove irrelevant or re-
dundant data and to categorize the remaining data into various threat cate-
gories.
Analysis: The processed information is analyzed to identify trends, patterns, and
potential threats. Analysts use a range of techniques, including statistical analysis
and machine learning algorithms, to identify potential attacks.
Dissemination: The analyzed information is disseminated to relevant stakehold-
ers, including security teams, executives, and other decision-makers.
(B)
SIEM is a security technology that provides real-time analysis of security alerts gener-
ated by network hardware and applications. SIEM collects security-related data from
various sources, including log files, network devices, and applications. SIEM aggre-
gates and correlates this data to identify security incidents, threats, and vulnerabili-
ties.
SIEM systems typically consist of three main components: data collection, analysis,
and reporting.
Data Collection: SIEM systems collect security-related data from various sources, in-
cluding log files, network devices, and applications. This data is normalized and cate-
gorized to facilitate analysis.
Analysis: SIEM systems analyze the collected data to identify patterns, trends, and po-
tential threats. This includes detecting anomalies, identifying suspicious behavior, and
correlating events to identify potential attacks.
Reporting: SIEM systems generate reports that summarize security incidents, threats,
and vulnerabilities. These reports can be used by security teams to identify and re-
spond to potential threats.
(C)
Trusted Platform Module (TPM): TPM is a hardware component that provides secure
storage and processing of cryptographic keys and other sensitive information.
Trusted Boot Process: Trusted boot process ensures that only trusted software is
loaded during the boot process. This involves verifying the integrity of the boot
loader, operating system, and other software components.
Trusted Execution Environments (TEEs): TEEs provide a secure environment for run-
ning sensitive applications. This involves isolating the application from the rest of the
system and providing a secure communication channel between the application
------------------------------------------------------------------------