IT286X Assessment 5 Complete Solution

Question: #7809

Assessment Grading Rubric
Course: IT286X Assessment 5 Points: 200

Project Directions
This component of the Course Assessment consists of 6 to 10 page Project assessed in the following learning outcome:

IT286-5: Explore social engineering, security administration, disaster recovery, and incident response.
Once you start the Assessment, you will have 1 week to complete the Project. You must submit your Project to the Dropbox within the specified time. When you are ready to submit it, go to the Dropbox and complete the steps below, or download the directions here: http://extmedia.kaplan.edu/global/DropboxGuide_s.pdf:

• Click the link that says “Submit an Assignment.”
• In the “Submit to Basket” menu, select “Essay.”
• Click the “Add Attachments” button.
• Follow the steps listed to attach your Word documents.
Use the following convention to name your Project: IT286‐Outcome1‐LastName‐ FirstInitial, where your own name is typed (example: IT286‐Outcome5‐Smith-J). Submit the completed document as an attachment to the basket.

Make sure that you save a copy of your submitted Project. When you are finished, select “Submit for Grade.” Please notify Academic Advising when your Project is submitted and ready for grading.
A Kaplan University faculty member will grade the Project within 48 hours and notify your advisor of your grade. A score of 80% or better is required to pass this portion of the Course Assessment. A score of at least 80% on each of the five Assessments is required to pass the Course Assessment for full course credit.

Outcome Assessment 5 Project Requirements
Provide a brief explanation of the following questions:
1. Select the best answer and provide a brief explanation (approx. 1/4 page essay) for each of the following questions:
A. What is the name of the area in a building where access is individually monitored and controlled?
a. Man Trap
b. Safe Room
c. Security Zone
d. Network Perimeter
B. What technology is used to provide EMI and RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping)?
a. Tempest
b. Scope shield
c. Faraday Cage
d. Zone Cladding
C. Which U.S. federal law regulates the standards for storage, use, and transmission of personal medical information?
a. Graham-Leach Bliley Act of 1999
b. Computer Fraud and Abuse Act
c. Personal Health Form Answerability Act (PHFAA)
Assessment Grading Rubric
Course: IT286X Assessment 5 Points: 200
Copyright Kaplan University
d. Health Insurance Portability and Accountability Act
D. Your company requires your ISP to ensure an Internet connection for 99.999% of the time. What agreement would cover this requirement?
a. Disaster recovery plan
b. Corporate security agreement
c. Communication Contract
d. Service level agreement
E. Which of the following is the process of ensuring that policies, procedures, and regulations are carried out in a manner consistent with organizational standards?
a. Baselining
b. Auditing
c. Process review
d. Security configuration review
2. Describe four types of social engineering attacks and how you can protect your organization from them.
3. Physical security includes more than locks and alarms. Discuss four types of physical security and environmental controls that you would recommend for a small manufacturing company.
4. Describe the following access control concepts: implicit deny, least privilege, and job rotation. What recommendations would you make for these controls?
5. Explain the difference in penetration testing versus vulnerability scanning. Why and when would you use one over the other?
6. Describe each of the four steps to follow in an incident response. How would you use these steps to avoid a future incident?
Project grading rubric=200 points
Project Criteria
Points Possible
Points Earned
1. Complete five questions.
1–A. 4 points for correct answers. 6 for explanation.
0–10
1–B. 4 points for correct answer. 6 for explanation.
0–10
1–C. 4 points for correct answer. 6 for explanation.
0–10
1–D. 4 points for correct answer. 6 for explanation.
0–10
Assessment Grading Rubric
Course: IT286X Assessment 5 Points: 200
Copyright Kaplan University
1–E. 4 points for correct answer. 6 for explanation.
0–10
2. Describe four types of social engineering attacks and how you can protect your organization from them.
0–30
3. Physical security includes more than locks and alarms. Discuss four types of physical security and environmental controls that you would recommend for a small manufacturing company.
0–30
4. Describe the following access control concepts: implicit deny, least privilege, and job rotation. What recommendations would you make for these controls?
0–30
5. Explain the difference in penetration testing versus vulnerability scanning. Why and when would you use one over the other?
0–30
6. Describe each of the four steps to follow in an incident response. How would you use these steps to avoid a future incident?
0–30
Column Total
0–200
Less deduction taken for spelling, grammar, and APA errors. Plagiarism is totally unacceptable.
New total after deductions.