ALEENA KHALID

223603
INFORMATION ASSURANCE
QUESTION # 01
MAKING THE SUMMARY OF RAND REPORT

 The report was published in 1979 and provides recommendations

for improving the security of computer systems used by the
Department of Defense (DoD) and other government agencies.

 The need for a comprehensive security program: The report

emphasizes the importance of establishing a comprehensive
security program that includes both technical and non-technical
security measures.
 The need for secure communication protocols: The report
recommends the use of secure communication protocols to
protect information as it is transmitted across networks.
 The importance of monitoring and auditing: The report highlights
the importance of monitoring and auditing computer systems to
detect and respond to security incidents.
 The need for training and awareness: The report recommends
training and awareness programs to educate users about security
risks and best practices.
 The importance of physical security: The report emphasizes the
need for physical security measures, such as secure facilities and

Information Assurance
 access controls, to protect computer systems from physical
attacks.
 Overall, the report highlights the need for a comprehensive
approach to computer security that includes technical and non-
technical measures to protect computer systems and the
information they contain.

QUESTION # 02
Study of security technologies
Cyber threat intelligence
Cyber Threat Intelligence (CTI) is the practice of collecting and
analyzing information about cyber threats and vulnerabilities to
better understand and predict potential attacks. CTI can help
organizations identify and mitigate potential threats before
they can cause harm. The CTI process involves four stages:
Collection, Processing, Analysis, and Dissemination.
o Collection
o Processing
o Analysis
o Dissemination

Information Assurance
Security Informtion Event Management
SIEM is a security technology that provides real-time analysis of
security alerts generated by network hardware and
applications. SIEM collects security-related data from various
sources, including log files, network devices, and applications.
SIEM aggregates and correlates this data to identify security
incidents, threats, and vulnerabilities.

Components of information Management

o Data collection
o Analysis
o Reporting

Information Assurance
Security Operation Center(SOC)
Trusted Computing is a security technology that aims to provide
a secure and trusted computing environment. It involves the
use of hardware and software components that work together
to ensure the integrity and security of the computing
environment.

Components of SOC
o Trusted Platform Module (TPM)
o Trusted boot process
o Trusted execution environments (TEEs).

Information Assurance
Information Assurance