Computer Systems Security Foundations Academic Essay –conent– The OMB Circular A-130 initially written in 1985 and revised in 1992, 1993, 1996, 2000 and again in 2002; U.S. Computer Fraud and Abuse Act written in 1986, amended in 1996; and U.S. Economic Espionage Act of 1996, are three significant pieces of computer security legislation. What is the significance of each of these measures and what do they provide? What is an Information System Security Policy and why is it important? Describe the Waterfall development process and the impact of adding validation and verification to the process. What are the three factors of Authentication and give an example of each? Define: Availability, Integrity, and Confidentiality and their relationship to Information Security. What is a Virus, what is a Worm, and how are they different? Define Threat, Vulnerability, and Risk and discuss their relationship to each other. Define Discretionary Access Controls (DAC) and Mandatory Access Control (MAC). Discuss the significance of each. What is the difference between the Initial Risk Factor and Residual Risk and how do they apply to Risk Management? Define Trusted Computing Base (TCB). Identify and contrast it’s elements and why it is important? Define and contrast the differences between Symmetric and Asymmetric Key Cryptosystems. What are the advantages/disadvantages of each? (15) What is Key Management and why is it important? What are the problems with each Asymmetric and Symmetric? What is a Firewall? Contrast Packet Filtering, Application Level/Proxy, Stateful Inspection, and Dynamic Packet Filtering Firewalls. Define and contrast signature (knowledge) based and behavior based Intrusion Detection Systems (IDS). Denial of Service (DOS) Attacks compromise which of the element of the CIA Triad?) What is the difference between End-to-End encryption and Link encryption,? Describe both of them. Define and contrast the differences of Hot Site, Warm Site, and Cold Site disaster recovery subscription services What is the difference between the Business Continuity Plan (BCP) and the Disaster Recovery Plan (DRP)? What is the Number One Priority of Disaster Planning? Describe how digital signatures work and what is the function of the hash process in the digital signature process? Define least privilege and need to know. What is their importance and how do they relate to Information System Security? Define and contrast aggregation and inference, what is their importance and how do they relate to Information Systems Security?