“Risk Management and Malicious Attacks”
1-With regards to risk-response planning, there are four (4) responses to negative risks that an organization may pursue: avoid, transfer, mitigate, and accept. Develop an original and unique scenario to describe and contrast each of these responses.
2-From the selected e-Activity article, describe in detail the way in which the malware was utilized to steal data or gain privileged remote access to a computer or network. Suppose you were an IT Security professional working at the attacked business, and detail the security controls that you would consider putting into practice that would help to prevent this and similar types of malware attacks moving forward.
“Choosing the Appropriate Server Monitoring Tools”
1-From the e-Activity, choose the two (2) performance counters you consider most important to monitor regularly, and predict two (2) critical issues that can occur for each if they aren’t. Provide support for each of your predictions.
2-Differentiate between the conditions that would be appropriate for implementing agent monitoring and the conditions under which agentless monitoring would be a better choice. Provide at least two (2) specific examples that illustrate the major differences between the two (2).
“BitLocker Encryption and the Encrypted Hard Drive Feature”
1-To offset the drawbacks commonly found in BitLocker encryption, Windows 8 and Windows Server 2012 include an Encrypted Hard Drive (EHD) feature to enhance BitLocker’s functionality. Choose the EHD benefit you believe provides the biggest improvement over basic BitLocker encryption and management. Provide justification for your response.
2-Give your opinion of whether or not there is any possible downside, other than greater cost, to using the EHD feature to enhance BitLocker functionality. Justify whether the enhancement can be worth the extra cost, regardless of any possible downsides you may have noted. Support your opinion with at least one (1) specific example that demonstrates EHD’s worth or lack thereof.
“Security Administration and Access Control”
1-From the e-Activity, summarize the ethical dilemma, and develop a plan in which you would mitigate the vulnerability.
2-Compare and contrast physical access controls and logical access controls. Further explain in what ways both physical and logical access controls are related to implementing a security policy.
