Security Threats and Vulnerabilities, computer science homework help
- Write an 8–12-page article that addresses the following:
- Explain how security threat and vulnerability assessment can contribute to an effective disaster-recovery planning process.
- Describe the challenges of BYOD and the use of mobile devices.
- Analyze methods of identifying threats to organizational information assets.
- Describe the characteristics or signatures of attacks specific to malicious software, including the following:
- Backdoors.
- Trojans.
- Viruses.
- Wireless attacks.
- MAC spoofing.
- Web app attacks.
- 0-day exploits.
- Describe the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software, including the following:
- Backdoors.
- Trojans.
- Viruses.
- Wireless attacks.
- MAC spoofing.
- Web app attacks.
- 0-day exploits.
- Describe specific adversaries and motivations to threaten information assets.
- Describe vulnerabilities related to the failure to harden networks and network operating systems.
- Describe the components and methods used to engage in denial of service and distributed denial of service attacks.
- Describe the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks.
Note: The bullet points above outline the topics that are to be addressed in this assessment, and the 4th and 5th points include subsets of the topic that must be covered in order to meet the requirements of that assessment item. The scoring rubric informs that level of detail that is required at each of the competency levels covered in the rubric.
Additional Requirements
- Written communication: Written communication is free of errors that detract from the overall message.
- APA formatting: Resources and citations are formatted according to APA (sixth edition) style and formatting.
- Page length: 8–12 double-spaced pages, not including the references page.
- Font and font size: Times New Roman, 12 point.
| Criteria | Non-performance | Basic | Proficient | Distinguished |
|---|---|---|---|---|
| Explain how security threat and vulnerability assessment can contribute to an effective disaster recovery planning process. |
Does not explain how security threat and vulnerability assessment can contribute to an effective disaster recovery planning process. | Explains incompletely or inaccurately how security threat and vulnerability assessment can contribute to an effective disaster recovery planning process. | Explains how security threat and vulnerability assessment can contribute to an effective disaster recovery planning process. | Explains how security threat and vulnerability assessment can contribute to an effective disaster recovery planning process, including the use of supporting examples. |
| Describe the challenges of BYOD and the use of mobile devices. |
Does not describe the challenges of BYOD and the use of mobile devices. | Describes incompletely or inaccurately the challenges of BYOD and the use of mobile devices. | Describes the challenges of BYOD and the use of mobile devices. | Describes the challenges of BYOD and the use of mobile devices, including the use of supporting examples. |
| Analyze methods of identifying threats to organizational information assets. |
Does not analyze methods of identifying threats to organizational information assets. | Analyzes incompletely or inaccurately methods of identifying threats to organizational information assets. | Analyzes methods of identifying threats to organizational information assets. | Analyzes methods of identifying threats to organizational information assets, including the use of supporting examples. |
| Describe the characteristics or signatures of attacks specific to malicious software. |
Does not describe the characteristics or signatures of attacks specific to malicious software. | Describes incompletely or inaccurately the characteristics or signatures of attacks specific to malicious software. | Describes the characteristics or signatures of attacks specific to malicious software. | Describes the characteristics or signatures of attacks specific to malicious software, including the use of supporting examples. |
| Describe the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software. |
Does not describe the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software. | Describes incompletely or inaccurately the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software. | Describes the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software. | Describes the system vulnerabilities that attackers exploit in order to carry out attacks specific to malicious software, including the use of supporting examples. |
| Describe vulnerabilities related to the failure to harden networks and network operating systems. |
Does not describe vulnerabilities related to the failure to harden networks and network operating systems. | Describes incompletely or inaccurately vulnerabilities related to the failure to harden networks and network operating systems. | Describes vulnerabilities related to the failure to harden networks and network operating systems. | Describes vulnerabilities related to the failure to harden networks and network operating systems, including the use of supporting examples. |
| Describe specific adversaries and motivations to threaten the information assets of the project organization. |
Does not describe specific adversaries and motivations to threaten enterprise information assets. | Describes incompletely or inaccurately specific adversaries and motivations to threaten enterprise information assets. | Describes specific adversaries and motivations to threaten enterprise information assets. | Describes specific adversaries and motivations to threaten enterprise information assets, including the use of supporting examples. |
| Describe the components and methods used to engage in denial of service and distributed denial of service attacks. |
Does not describe the components and methods used to engage in denial of service and distributed denial of service attacks. | Describes incompletely or inaccurately the components and methods used to engage in denial of service and distributed denial of service attacks. | Describes the components and methods used to engage in denial of service and distributed denial of service attacks. | Describes the components and methods used to engage in denial of service and distributed denial of service attacks, including the use of supporting examples. |
| Describe the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks |
Does not describe the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks. | Describes incompletely or inaccurately the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks. | Describes the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks. | Describes the concept of bots and botnets and how they contribute to the overall security profile of both public and private networks, including the use of supporting examples |
"Looking for a Similar Assignment? Order now and Get 10% Discount! Use Code "GET10" in your order"
