BOTH QUESTIONS NEEDS TO BE ANSWERED IN 600 WORDS ATLEAST WITH REFERENCES AND IN apa FORMAT
1) What happens when we place the authentication system in our demilitarized zone (DMZ)—that is, in the layer closest to the Internet? What do we have to do to protect the authentication system? Does this placement facilitate authentication in some way? How about if we move the authentication system to a tier behind the DMZ, thus, a more trusted zone? What are the implications of doing so for authentication performance? For security?
2) Faced with the need to deliver risk ratings for your organization, you will have to substitute the organization’s risk preferences for your own. For, indeed, it is the organization’s risk tolerance that the assessment is trying to achieve, not each assessor’s personal risk preferences.
1. What is the risk posture for each particular system as it contributes to the overall risk posture of the organization?
2. How does each attack surface – its protections if any, in the presence (or absence) of active threat agents and their capabilities, methods, and goals through each situation—add up to a system’s particular risk posture?
3. In addition, how do all the systems’ risks sum up to an organization’s computer security risk posture?
0 comments