Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.951 ■ Summer 2024 ■ David Lanter

David Lanter

Question 1

by 30 Comments

For an organization choosing among Chengdu Sichuan 成都市, Guangzhou Guangdong 广州, and Beijing  京 , from an environmental security perspective – where would be the best place to locate their data center?  Why is this place better and the other places worse?

Question 1

by 30 Comments

The total processing speed of microprocessors (based on clock rate and number of circuits) is doubling roughly every year.  Today a symmetric session key needs to be 100 bits long to be considered strong.  How long will a symmetric session key have to be in 30 years to be considered strong? (Hint: Consider how much longer decryption takes if the key length is increased by a single bit.) Explain.

Question 1

by 31 Comments

Based on the facts presented in the case, how far had Fetcher-Allen progressed in these steps by June, 1998?  How likely is it that Fletcher-Allen would have achieved full-year 2000 compliance by December 31, 1999?  [Explain your reasoning, supported by specific evidence from the case and assigned readings.]

Question 1

by 32 Comments

What is meant by the term “acceptable information system security risk”? Who within the organization determines what is the acceptable level of information system risk? How does an organization determine what is an acceptable level of risk?

Question 3

by 31 Comments

Assume you are tasked with designing a new policy that highlights information security best practices related specifically to mobile devices at RIT, including laptops, smartphones, and tablets. The new policy should supplement RIT’s Information Security Policy and Acceptable Use Policy (case Exhibits 4 and 5). What practices would you recommend? How could you make staff aware of the policy and encourage their compliance?