New

Learn smart - Learn online. Upto 88% off on courses for a limited time. View Courses

# ITNET202A Enterprise Security

• Course Code: ITNET202A
• University: Tafe NSW
• Country: Australia

## Questions:

1. Explain, in your own words, based on what we have learned thus far in the course, what Stuxnet does. (Focus on Application/Software, Operation/Incident Management and Physical Security). Explain why regular antivirus solution failed, and how the virus jumped the “Air-Gap

2. While your boss is happy with your effort on the overall Qualitative Risk analysis you presented in Assignment 1, you are now asked to focused on Physical Security (one aspect only) using Quantitative Risk Analysis technique. Use the following table:
Total Cost of the Nuclear Programme (Asset Value) 1000 Million, \$
In case of a successful Air Strike, expected loss: 500 Million, \$
Successful air strike happens once in 20 Years
By installing S300 Missiles, the Exposure factor is reduced by a factor of 10
By installing S300 Missiles, the occurrence of successful air strike would reduce by 50%
The S300 yearly cost is (ACS, Annual Cost of Safeguard) 15 Million, \$
The Chinese HQ18 yearly cost is (ACS, Annual Cost of Safeguard) 7.5 Million, \$
Find out:
1. What is the Exposure Factor (EF, in %)
2. What is the Single Loss Expectancy (SLE, in \$)
3. What is the Annualised Rate of Occurrence (ARO)
4. What is the Annualised Loss Expectancy (ALE)
5. What is the Exposure Factor with S300 in place? (EF_S300)
6. What is the Single Loss Expectancy with S300 in place? (SLE_S300)
7. What is the Annualised Rate of Occurrence with S300 in place? (ARO_S300)
8. What is the Annualised Loss Expectancy with S300 in place? (ALE_S300)
9. What is the Value of the Russian Safeguard (S300)?
10. What is the Value of the Chinese Safeguard (HQ18)?
11. Should the programme implement the S300 or HQ18? Why?

3. Upon listening to the presentation by Machines for Business, International (MBI) and Mensies Corporation, as well as your analysis, the authority decided that they will implement TOGAF, since the C4ISTAR is primarily a NATO standard, and that TOGAF is more open. (Later on, a more security focused SABSA will also be implemented, for now, they need an overall Enterprise Architecture first)
Which one of the following best describes the TOGAF standard?
A. A framework and method for architecture development
B. An architecture pattern
D. A method for developing Technology Architectures
E. A method for IT Governance
What does ADM stand for in TOGAF.
What are the basic structure of the ADM cycle?
TOGAF which is primarily focused on commercial implementation. With a bank, for example, the requirements could look something like:
1. Compliance with federal and state legislation,
2. Public confidence in your enterprise by providing confidentiality, availability and integrity of customer data,
3. Privacy of customer data,
4. Interoperation with other financial institutions, both nationally and internationally,
5. Compliance with international standards,
6. Security of all bank assets,
7. Current trends in customer engagement via the internet What are the likely requirements in OUR scenario?

4. In the movie “Contact”, S.R. Hadden said, “First rule in government spending: why build one when you can have two at twice the price? Only, this one can be kept secret. Controlled by Americans, built by the Japanese subcontractors.” Would this “have two, for twice the price” option be a valid HA/DR option in a case? Under what circumstances is this valid? Under what circumstances is it not valid? If implemented, is this a Cold Site, Warm Site, Hot Site, Mobile Site or is this irrelevant? Comment and justify

### Cite This Work

My Assignment Help (2020) Enterprise Security [Online]. Available from: https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/computer-memory.html
[Accessed 11 August 2022].

My Assignment Help. 'Enterprise Security' (My Assignment Help, 2020) <https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/computer-memory.html> accessed 11 August 2022.

My Assignment Help. Enterprise Security [Internet]. My Assignment Help. 2020 [cited 11 August 2022]. Available from: https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/computer-memory.html.

### Content Removal Request

If you are the original writer of this content and no longer wish to have your work published on Myassignmenthelp.com then please raise the content removal request.

## 5% Cashback

On APP - grab it while it lasts!