[Kelly Crooks]

What a great passage from the book of Mark. Satan is always out to do whatever he can to get those who Believe in Christ to turn away from Him and go his way. I saw this happen in a church I attended for thirty years. Satan got into the church leadership and some of the congregation and tore the church in half. Satan is powerful and he has his ways to get his dirty work done, but Christ is stronger and more powerful to bring people together and unite them. While Satan can divide those in the world, God has the ability and strength to unite those families, co-workers, churches, and nations again. We must be strong, trust in Christ, and have faith that He will unite us all again. With this unity will come peace and love that He wants for all of us. We can’t give up hope and we must continue to fight and pray that that unity comes soon. In my thirty-six years of being a Christian and trusting in God, He has never let me down a single time and I have never been disappointed by hIm.

[Kelly Crooks]

I choose a compromise from within. This kind of threat happens when users with certain privileges misuse those permissions. A compromise form within is the unauthorized disclosure, modification, substitution, or use of sensitive data, or the unauthorized modification of a security-related system, device, or process to gain unauthorized access.

I chose this kind of system threat because I feel that having unauthorized access to data can not only harm the organization it was stolen from, but other people, nations, and the ones who stole the information. Take the leaked or stolen information from the Pentagon that the young serviceman took. He had access and security clearance to that information. He was not only trusted by the Pentagon but by top military officials as well. Whatever his reasons were he decided to steal that information, take it home and copy it and then share it on the internet. I think this kind of threat can harm an organization because it comes from trusted individuals that are working for the organization. Unless that individual shows signs of strange behavior or is asking a lot of questions, an organization might never see the threat coming, let alone expect it.

As a security officer would need to have the right security measures and protocols in place and make sure that they are implemented in the best possible way. Measures such as firewalls, making it so you can’t download or print sensitive material, no personal devices while at work on the job, security cameras, and security training. I would even go as far as checking people’s backpacks, coats, briefcases, etc when leaving a particular organization or government facility.

[Kelly Crooks]

The first cybersecurity threat I choose is password theft. Password theft was the number two threat on the list I found. Password theft is so common because people tend to use simple passwords so they can remember them. Users use the same password for multiple sites making it easy to access their data. Third parties manage to steal or guess your password. There are several ways to prevent password theft. One uses a stronger password that consists of numbers, letters, and special characters. Another way is by not having your username and password automatically stored on a device. I know this makes it easier when logging into a site but if the device is lost, stolen, or compromised the intruder has free reign of your information. You can implement the use of two-step verification or use a biometric reader. Making sure that passwords are safe and secure and not easily accessible are especially important to company and security officer because some companies have hundreds of users and they all have access to the companies’ data. Making sure that data stays safe is vital, especially because so much data is stored on devices or in the cloud. It is a security officer’s job to keep that data safe and make sure the right protocols are in place.

The second attack I choose is the Trojan Virus. This kind of cyberattack happens by disguising malware as legitimate software. One of the most common ways the Trojan Virus was implemented into a computer or network was by displaying an “Alert” on the screen when you visited a website. The “Alert” recommended scanning your computer for harmful viruses. When you performed the scan the malware was delivered through that scan. As a security officer making sure that people are trained and informed on how to recognize these kinds of scams and malware can save the company time, money, and the loss of data. By being able to recognize it as a virus or scam you can avoid any harmful outcomes of the data or the company. Having the correct security protocols and training in place will help to deter these kinds of attacks.

The third type of attack I choose is the Drive-By Attack. This kind of cyber attack happens when malicious code is delivered onto a system or device. This kind of attack requires no action by the end user. There is no need to install anything or click on a link. The harm is done automatically because it is done through the code. Making sure you have the correct firewall, and other security software on your device will help to avoid this kind of attack. Since there is no action required by the end user, knowing how to recognize and defend against this kind of attack is important for both the company and the security officer because this kind of attack makes it easy to steal data and information. The proper training and protocols in place will help to defend against this kind of attack. Also avoiding questionable or compromised websites will help.

[Kelly Crooks]

According to Lesson 10 in the CIS SO- volume 2 firewalls are used block traffic as per security rules, provide transparent protection to internal users, and provide different functionalities and protection levels. In simple terms, a firewall is a security system designed to prevent unauthorized access into or out of a computer network. Firewalls are often used in making sure that internet users who do not have access to private networks can’t get in. A firewall is the first line of defense and provides access control. Firewalls are usually used in conjunction with other perimeter defenses.

There are many types of firewalls on the market today. One is Generation One or packet filtering, which screens routers with a set of Access Control Lists. Packet Filtering is the simplest and least expensive type of firewall. Access decisions are based on network and transport layer header information. Packet Filtering is best used in low-risk environments.

Generation Two or Proxy firewalls act as an “agent” between trusted and untrusted entities. With Proxy firewalls there is no direct communication taking place between the client and the server. A proxy firewall converts public addresses to internal addresses and internal addresses to a public addresses. A proxy firewall’s IP address is exposed to the outside of the network. There are two versions of a proxy firewall, Application-Layer Proxy, and Circuit-Level Proxy.

Generation Three or stateful firewalls make access decisions based on IP addresses, protocol commands, historical comparisons with previously sent packets, and the condition and content of packets. Stateful firewalls use a state engine and create and maintain a state table. Stateful firewalls can monitor the connection between connection-oriented and connectionless protocols.

Generation Four or Dynamic Packet-Filtering firewalls use a combination of application fixes and stateful inspection firewalls. They dynamically change filtering rules based on several different factors.

Generation Five or Kernal Proxy firewall software run on kernels (protected ring) of a system. Kernal Proxy firewalls have direct integration with the operating system and are faster than application-level proxies because the processing is taking place at the core of the operating system.

Understanding how firewalls work, the different kinds, implementation, and how to manage them are vital to a security officer’s job. Understanding how they work and how to use them will help the security officer keep the data safe, mitigate loss and be more informed about what a firewall does. Understanding how a firewall works and what its purpose is will help to maintain the integrity of the network and make sure that things run smoothly and safely. Along with the understanding and knowledge of firewalls, making sure that the correct protocols are in place should there be data loss or a breach will benefit not only the security officer but the data and usage of the organization that they are working for.

[Kelly Crooks]

.
When star topology is used all the computers are connected to a central device which provides more resilience to the network. Star topology is the most common form of network topology. Star topology is common and convenient because all the terminals on the network are connected by one central device. This makes it easy to add terminals or make changes to existing terminals because the entire network doesn’t have to be shut down. If changes are needed on one terminal the remaining terminals on the system can function normally. One main downside of using star topology is that if the main hub goes down the rest of the network cant function. A security officer can mitigate downtime, data loss, and breach by making sure the proper backup systems and protocols are in place and tested regularly. Another way to help mitigate data loss if the main hub goes down is to make sure that only those individuals who are authorized and with the correct credentials are working on restoring the system and making the repairs.

In a ring topology, all the computers are connected in a circular format. Each computer will have two “neighbors” that they share data with. The computers are all connected by a unidirectional transmission link and the cable is in a closed loop. One downside of using a ring topology is that if one computer experiences a problem, all the other computers on the ring can be affected negatively. A security officer can help to mitigate data loss by making sure the correct backup devices and protocols are in place. The backup devices can be on-site, off-site, or even cloud-based devices. Another way that a security officer can help to mitigate loss is by using dual concentric rings. By using dual rings one terminal can fail while allowing the rest of the terminals to function properly.

[Kelly Crooks]

Marcena, I enjoyed reading your explanation of both symmetric and asymmetric cryptography. I found the whole cryptography subject pretty interesting. I did have to read more information on my own because it was interesting to me. I also took your advice and looked more into both the AES system and the RSA algorithm, both I found would be very useful. Symmetric and asymmetric both have some good features and like you said it would depend on the needs of the specific user on how to decide which one to choose.

[Kelly Crooks]

Marcena, nice job explaining what a concealment cipher is and what it does. It was well written for those none “technical” people to understand. I think you did an excellent job of explaining the basic features of the cipher.

One thing that I found interesting about symmetric ciphers is how many there are and that they have been used for such a long period of time. I guess people have always had a need to keep information and data safe and encrypted.

[Kelly Crooks]

Marcena, awesome job on the Operations Security Manager job listing. Your listing was very well written and easy to follow. It looked very professional. liked how you listed the key responsibilities of the position as well as the applicant requirements.

I liked how you listed one of the requirements that the applicant must have a strong understanding of security frameworks and standards. I didn’t think of listing any educational background in my post. Very well done! I would definitely apply for the position.

[Kelly Crooks]

Marcena, nice job on the framework discussion. It was interesting to me how many frameworks there are and which ones are used the most. Your reference to the NIST website was extremely helpful to me. It has great information on the framework as well as some history about the program. It helped me understand the NIST framework better.

I also found the ISO website helpful as well. Thanks for sharing those references, especially for someone like me who isn’t that knowledgeable about frameworks.

[Kelly Crooks]

The sad reality of this devotion is that both of my brothers have fallen into this “carnal Christianity”. It is sad to see them profess to be a Christian and claim to have Christ in their hearts but to live the way of the world and no different to those who are not Christians. I continually pray that they will both find their way back to the Great Physician to be healed spiritually and to give their lives back to Him. God is here for us and he wants us to come to Him when we are in need or suffering. I have always had the belief that if a non-believer sees us during the week doing and living the way of the world, why on earth would they want to be a Christian and give their lives to Christ? I have attended several churches where this was preached from the pulpit, but not lived out in the congregation or the minister. You can’t preach about changing your ways and giving up your sins, accepting Jesus as your savior, and being born again and still continuing to do the things of the world. You cant play church on Sundays, continue to sin during the week, and then ask for forgiveness again on Sunday. Yes God will forgive you, but He knows you aren’t sincere in your repenting and asking for forgiveness. I am not sure if there will come a time when HE will stop forgiving those people but you have to know you aren’t a true Christian and that your chances of going to heaven are slim. I believe that it is time that our nation turns back to God and trusts in Him to make things right. We all need to give ourselves to the Great Physician.

[Kelly Crooks]

One of the differences between symmetric cryptography uses the same key to encrypt and decrypt data. Asymmetric cryptography uses a pair of keys, one public and one private to decrypt the data
Another difference is that symmetric cryptography uses complex and faster algorithms than asymmetric. Asymmetric cryptography uses a more complex and much slower algorithm. As the number of users grows with symmetric cryptography so does the number of keys. Asymmetric does not grow uncontrollably and has one pair of keys per user. Symmetric cryptography key exchange is out-of-bound and possibly insecure. Asymmetric cryptography key exchange is a public key that is safely distributed widely.

Symmetric Cryptography pros:
Fast and convenient to use
the method is easy and simple to understand

Symmetric Cryptography cons:
The receiver must get the secret key from the sender

Asymmetric Cryptography pros:
Easily Scaled
Only one pair of keys for each user
Does not require out-of-band delivery of key
Provides added functionality for commercial use
Authentication
Access control
Confidentiality
Integrity
Non-repudiation

Asymmetric Cryptography cons:
Slower than Symmetric by up to 1000 times
Requires validation of key pair ownership
Exposure, destruction, or loss of private keys destroys the integrity of the system

[Kelly Crooks]

The Advanced Encryption Standard or AES is a symmetric block cipher chosen by the U.S. government to protect classified information. A block cipher is a method of encrypting data in blocks to produce ciphertext. A block cipher encrypts bits or the smallest unit of computational (relating to the process of mathematical calculation) in blocks. Block ciphers are most commonly used to encrypt large amounts of data into blocks.

A block cipher uses a fixed key to encrypt groups of data in order to maintain maximum security and confidentiality. When using a block cipher, each block consists of 128 bits. When a block cipher is used it encrypts the data and changes it from plaintext to ciphertext. A cipher block then creates two different algorithms, one for encryption and one for decryption.

There are advantages and disadvantages to using a block cipher. One advantage is that they go undetected and boast a strong resistance to tampering. A disadvantage is that the speed at which it is encrypted isn’t as fast as some of the other methods. This happens because the data is encrypted in blocks instead of individual pieces. Another disadvantage is that any mistake even a small symbol can jeopardize the entire block.

[Kelly Crooks]

We are looking to add an experienced Operations Security Officer to our organization to organize and oversee all security operations. Applicants must have experience in security management as well as risk assessment.

As the Operations Security Manager, your responsibilities will include the following:

 Ensuring that all systems are operated according to policy and procedure
 Ensure that backups and other essential tasks are performed
 Develop and support an effective incident response plan
 Change management, patch, and configuration management plans
 Fix hardware and software issues
 Maintain security mechanisms
 Controlling and maintaining remote access
 Maintaining input/output controls
 Vendor software licensing issues
 Variance detection
 Contingency planning

Applicant requirements:
 At least five years of professional experience
 Familiarity with security frameworks and how to implement them
 Great communication skills
 Ability to work under deadlines or pressure
 Willingness to work long hours on occasion
 Ability to work with other team members or individually
 Great management skills
 Ability to focus and stay on task
 Ability to complete tasks promptly
We offer competitive wages, paid training, paid vacation, paid time off, 401k, and dental, health, and vision insurance for individuals or families. If this sounds like the career for you please click on the link below to apply today and get your future started.

[Kelly Crooks]

The first framework I chose is the John Zachman Framework, a two-dimensional scheme identifying levels of architecture and interest. The Zachman Framework is an enterprise architecture ontology that uses a schema for organizing architectural artifacts. The Zachman Framework considers and synergizes both the artifact targets and particular issues being addressed.

The John Zachman Framework was introduced in the 1980s by John Zachman. Zachman introduced six descriptive areas of focus. Data, function, network, people, time, and motivation were included. Zachman also proposed six perspectives, also known as players. They are planners, owners, designers, builders, subcontractors, and enterprises.

Zachman developed his framework because he believed that systems were bringing about complex data that needed to be mapped in a clearer classification and interfaces. John Zachman Framework creates a “blueprint” of IT components across an enterprise.

Reference GmbH, L. I. X. (n.d.). The Zachman Framework – a definitive guide. LeanIX. http://www.leanix.net/en/wiki/ea/zachman-framework?

The second framework is the SABSA or Sherwood Applied Business Security Architecture. The SABSA Framework focuses on a similar building block approach but is more related to the ESA concept. The SABSA focuses on contextual security architecture, conceptual security architecture, logical security architecture, physical security architecture, and component security architecture.

The SABSA Framework is used for developing risk-driven enterprise information security and information assurance architecture. SABSA also aids in delivering security infrastructure solutions that support critical business initiatives.

Key facts about SABSA are:
SABSA is Open standard, generic, and vendor-neutral.
SABSA is owned, governed, protected, and maintained by the SABSA Institute.
SABSAs framework is scalable and can be used by any industry or organization.
SABSA was designed for the development of security architectures and solutions.
SABSA integrates with TOGAF, ITIL, and COBIT, as well as other governance, compliance, and audit frameworks.

Reference What is SABSA?: Orbus Software. Orbus 2021 Website. (n.d.). https://www.orbussoftware.com/solutions/governance-risk-and-compliance/sabsa/what-is-sabsa.

[Kelly Crooks]

I agree that information classification helps organizations determine what level of protection and access control is required for their various types of information. I have seen this used firsthand both in my organization and the underground lab my brother works for. While my customer’s information and the organization’s financial information are important and require a more secure level of protection the information that the underground lab needs protected are much more critical and requires a much higher level of protection. My brother had to apply for a top-secret security clearance with the Department of Homeland Security. They want to make sure those who are protecting their assets can be trusted and are reliable.

[Author]

Posts