Isabelle Tubbs
Forum Replies Created
-
Posts
-
From the many cybersecurity issues that can arise on a system, a few are denial of service, SQL injecting, and malicious software.
Denial of Service takes the resources on a computer and makes the computer not respond to requests given to it by the user. A larger type of Denial of Service is Distributed Denial of Service, which uses the system it has affected to create the attack on other systems. Because this can be very damaging to a system, a security officer should prevent this by implementing measures that filter the packets that come in or out, depending on their source address.
SQL injecting is a way to insert code into a system to attack it. Security officers must maintain the system by using the tools that check and adjust what is entered into it so that the device does not accept malicious code.
Finally, malicious software can create some damage to a system’s resources and files, which is why security officers must run regular scans and put other security measures in place to prevent this.The enemy has tried to create so much division in the world even since the beginning with the Fall with Adam and Eve. The enemy tried to hurt relationships between people and God, people and nature, and people with each other. However, God made a way despite this division. Jesus came to make atonement for sin so that His people could have a close relationship with Him. This healing should heal some of our relationships with others too. Although not all wrong types of division in areas like marriage, families, church, etc. will be fixed completely on earth, following in God’s path can heal a person’s soul and bring them closer to God.
Hi, Mjulius. I like that you mentioned the different features of firewalls. The use of packet filtering or stateful inspection are identifying factors for firewalls. Also, I liked reading about NGFWs. They can be a great way to combine those features for added security that a security officer needs to protect a system.
Firewalls are vital for a system because they give the means for a security officer to implement defense mechanisms and access control on a system. They are also important because they maintain the integrity of the data (Palo Alto Networks, 2025). Where they are placed depends on how the system needs this defense. They can vary a lot depending on what they will be used for, what levels of protection they need, and how they pertain to certain security rules.
There are several different types of firewalls for a security officer to know. Packet filtering firewalls are the simplest and cheapest, and they use access control lists. Proxy firewalls mediate communication between trusted and untrusted entities so that it can provide some protection. Stateful firewalls determines access decisions using a state engine and a state table, and dynamic packet-filtering use application proxies and filtering rules. Finally, kernel proxies run specifically on the system’s kernel to provide protection.
References
Palo Alto Networks. (2025). What Are the Benefits of a Firewall? https://www.paloaltonetworks.com/cyberpedia/what-are-the-benefits-of-a-firewall#:~:text=When%20regulators%20or%20internal%20auditors,ensuring%20continued%20trust%20from%20stakeholders.Hi, Carlos. Your overview of protecting systems with bus or star topologies shows just how important it is to keep them secure. These topologies can be efficient, but each topology is only as strong as its weakest point. Thus, a security officer’s job is to make it strong by protecting those weak points.
Ring topologies allow computers to connect with a transmission link headed in one direction, allowing the cable to operate in a closed loop. The problem with ring topologies is that if one of the stations experiences an issue, it could affect the rest of the computers that are on the ring in a negative way. To take action against this problem, a security officer can implement a dual concentric ring, which leaves some room open for one terminal to fail without hurting the system too much.
Star topologies involve connection all the computers to a central device. This feature provides resiliency to the system. However, the central device is also the single point of failure. If it is affected, the rest of the system will be too. A security officer should place special importance on maintaining the security of this central device by using the right controls/measures so that the system does not fail as easily.Hi, Carlos. I like your overview of the advantages and disadvantages of symmetric and asymmetric encryption. Those are very important, but another difference between the two is what they are used for. Symmetric encryption can be used for certain bulk encryptions, while asymmetric encryption can be used for distribution.
Symmetric cryptography uses one key that must be shared between two or more users, and it typically is used for bulk encryption like paths and files. It has many advantages, including the fact that the number of keys it creates can grow with the number of users. Also, it can be much faster and provide confidentiality with some amount of access control. However, its fast speeds are partially due to its algorithm being less complex. Another disadvantage is that its key exchange is out of band, making it a potentially insecure exchange.
Asymmetric cryptography, on the other hand, creates a pair of keys (both public and private) for each user. It provides a great way to ensure confidentiality, authentication, and non-repudiation, which are vital components for the safety of a system. It also distributes its public key safely and does not grow uncontrollably. One disadvantage though is that its complex algorithm does make it slower.
Hi, Mjulius. I like your example of DES being used with messaging someone on social media. With the amount of messaging used today, this is a great analogy to show how protecting data works with DES and why it is important. We expect our conversations to be mainly private between the sender and receiver, so encryption like DES must be used.
Triple Data Encryption Standard (3DES) is a type of symmetric block cipher. A block cipher means the data is being encrypted in blocks, similar to picking up stacks of boxes at a time rather than picking up each individual box.
The term symmetric is referring to it using a symmetric key, which is essentially like having a shared key to a house. A house key involves using the same type of key to lock and unlock the house. Symmetric keys are used for both hiding the message of data from others (locking the house) and showing the data (unlocking the house). Triple DES uses two or three different keys to implement three rounds of encryption. This is similar to having a few locks on a door that must require a different key for each lock, but each key can both lock and unlock the door regardless. With the technology of 3DES, there are different modes, but they all essentially add that increased level of encryption to better protect the data just like someone might want more protection for their door.
Hi, Mjulius. An operations system manager will need to supervise a lot of tasks and take care of a great deal of responsibility. They must oversee change control, access rights, and patch management. At the heart of these tasks, as you mentioned, is that the main focus is the security of a system.
Job posting: Operations Security Management position.
For this position, one must be able to be responsible for overseeing general tasks that need to be done to do regular maintenance on the system, like patches, backups, and changes. These must be approved and tested to make sure they are done correctly.
Additionally, creating plans for different aspects of the system controls is necessary. An incident response plan, budget, and rules for change management will be involved. When creating these controls, an Operations Security Manager must be concerned about making them in a timely manner, observing clipping levels, and making space for potential growth. These clipping levels are related to monitoring logs because they allow for a specific focus. All logs must be reviewed properly and protected.
Another task involved is making sure records are managed properly. They must be protected and kept for a specified amount of time. Finally, this position requires control over who has access to what. Profiles must be specified so that access controls tools limit each user’s access.
I think this week’s devotional relates to how we present ourselves. Many of us, in an attempt to be a better person, present ourselves to others with as perfect of an image as we can. However, we all have problems. I am not perfect, nor do I live without any issues, and neither do most people. Even with all of this, God is still with me and helps me in the midst of it. This is the hope we as Christians can share with others. We are not living perfect lives. We are living lives in a way that follows after Jesus. I know I will certainly not be perfect at this, but acknowledging that I need Jesus’ help is a great start. Like Mark 2:17 mentioned, we need help from Jesus, but we must realize that we are not perfectly righteous on our own without Him. We need his help and healing to live a life with Him.
Hi, Mjulius. I like your description of administrative control and the RADIUS protocol. Although RADIUS is an important tool, its cons have led to some people using DIAMETER. DIAMETER can support capability negotiation, new defined commands, and Stream Control Transmission Protocol. However, what is ultimately important is what the organization needs and is able to get for their system.
Hi, Mjulius. Nice summary of identity management, authentication techniques, SSO, and access control monitoring and how they provide confidentiality and integrity. Using these different concepts can help ensure the information has not been shown to just anyone, but rather anyone who tries the access the data must be identified first. Using identifiers is key for implementing these controls.
