Answer the Module Review Questions listed below. These questions were chosen to demonstrate your understanding and help you assess your progress.
- Describe the steps involved in defining the quantitative and qualitative design criteria for a system.
- Define human factors, provide an example of some human measures/metrics for a typical system and describe the basis for these.
- A system consists of three sub systems in parallel. Subsystem A has reliability of 0.98, subsystem B has a reliability of 0.85, and subsystem C has a reliability of 0.88. Calculate the overall system reliability.
- Define maintainability. Provide examples of some maintainability measures/metrics for a typical system and describe the basis for these.
After reading the case study, write a 2 page APA format report, with three sections. The first section should be titled “Summary of the Case Study”, and it should include a summary of the case study objectives, sections, findings, etc.; the second section of your report should be titled “Author Reflection”, and it should reflect your own critique of the examined case study, and whether you agree with the findings or not, and Why?; the third section of your paper should respond to the following questions:
- Did company ABC use the right analysis tool? If not, what other tool would have been more appropriate? Why?
- Do you agree with the findings/analysis results in section C.3.3 of the case study? Why?
- How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it?
- Where can a security administrator go to find information on established security frameworks?
- Briefly describe a management, an operational, and a technical control, and explain when each would be applied as part of a security framework.
- What are the differences between a policy, a standard, and a practice? What are the three types of security policies? Where would each be used? What type of policy would be needed to guide use of the web, e-mail, and office equipment for personal use?
- What is contingency planning? How is it different from routine management planning? What are the components of contingencyUsing a graphics program, design several security awareness posters on the following themes: updating anti-virus signatures, protecting sensitive information, watching out for e-mail viruses, prohibiting use of company equipment for personal matters, changing and protecting passwords, avoiding social engineering, and protecting software copyrights. What other areas can you come up with?
Again, using the airport case we have established in module three, using what you have learned in this module, and using the Web for examples of technology-specific security policies, create a security policy applicable to your airport project. You can use the Information Security Policy Template (.docx) as a guide or modify it as applicable to write your Security Policy plan.