Assignment:
Question 1: You have just been promoted to Corporate Information Security Officer (CISO) for a mid-level company that specializes in Point-of-Sale (PoS) technology. The primary responsibility of this role is to develop plans, policies, and physical control requirements and specifications for the company that specifically address the security posture facing this sector. With highly publicized breaches of clients using your PoS technologies, including Target, Delta, Best Buy, and many others, the company is looking to you to specifically do the following:
a) Develop policies, standards, guidelines and procedures to detail what users and administrators can do to maintain the security of the business systems and network. Write one example of each (policy, standard, guideline, procedure) that specifically protects a PoS network.
This example should be written so that any client using your PoS technology can adapt the verbiage to their operations.
b) Explain how the growing use of wireless cellular technology has impacted data transmission and how factors, such as location, affect your company's ability to protect confidential data. Provide examples of how this technology can be used to jam and hack PoS technology.
Remember to cite your sources and provide a reference list at the end of your response to this question.
Question 2: The United States Air Force (USAF) recently announced that it will outsource "low-hanging" IT operations so that airmen are focused on Cyber Mission Defense teams.
You work as a Security Analyst for defense contractor and have been asked to write a briefing on how your company can provide the IT products and services needed by the USAF that provide a layered, or Defense-in-depth, security architecture. Detail how your recommendations will meet the national strategy to deny, deter, deflect, delay and detect cyber-attacks.
Remember to cite your sources and provide a reference list at the end of your response to this question.
Question 3: Identify and discuss the legal, ethical and privacy aspects associated with Artificial Intelligence (AI) and Information Systems. Specifically, your response must describe how the field of AI is being used to build or enhance information systems and what legal, ethical, and privacy issues are associated with usage of AI in the following sectors:
1) Healthcare
2) Military drones
3) Social media and online entertainment (e.g., Spotify, Amazon Alexa)
4) Travel
Remember to cite your sources and provide a reference list at the end of your response to this question.
Question 4: You are a technologist working for an international manufacturer of private label over-the-counter pharmaceuticals. You have been asked to evaluate online data storage solutions, including the Cloud, and enhanced productivity tools, including Virtual Machine software, as cost effective tools.
Identify, describe, and discuss 3 or more conflicting Information Security requirements for online data storage (focusing on Confidentiality, Integrity, and Availability). Then identify and discuss potential options for outsourcing data storage and virtualization which satisfy your identified requirements. Include recommendations for access control tools and techniques that will enhance or improve CIA-related solutions (e.g. security controls) for each technology.
Remember to cite your sources and include a reference list at the end of your response to this question.