CIS 349 Endless Education /newtonhelp.com

1
CIS 349 Endless Education /newtonhelp.com
2
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Final Exam Guide Set 1
• For more course tutorials visit
• www.newtonhelp.com
•  
• CIS 349 Final Exam Guide Set 1
•  
•  
• 1)  ___________ are the components, including
  people, information, and conditions, that support
  business objectives.                              
  
•            
•                                    
• 2)         The first step in the implementation
  of separation of duties is to use access controls
  to prevent unauthorized data access.  The
  ultimate goal is to define access control where
  each user has the permissions to carry out
  assigned tasks and nothing else.  This is known
  as the principle of                            

3
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Final Exam Guide Set 2
• For more course tutorials visit
• www.newtonhelp.com
•  
• CIS 349 Final Exam Guide Set 2
•  
• 1) Which type of access control defines
  permissions based on roles, or groups, and allows
  object owners and administrators to grant access
  rights at their discretion?
•                                    
• 2) What is meant by business drivers?
•                                    
• 3) The first step in the implementation of
  separation of duties is to use access controls to
  prevent unauthorized data access.  The ultimate
  goal is to define access control where each user
  has the permissions to carry out assigned tasks
  and nothing else.  This is known as the principle
  of

4
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 2 Assignment 1 Designing Ferpa
  Technical Safeguards (2 Papers)
• For more course tutorials visit
• www.newtonhelp.com
•  
• This Tutorial contains 2 Papers on the Below
  Mentioned Topic 
•  
• Imagine you are an Information Security
  consultant for a small college registrars office
  consisting of the registrar and two (2) assistant
  registrars, two (2) student workers, and one (1)
  receptionist. The office is physically located
  near several other office spaces. The assistant
  registrars utilize mobile devices over a wireless
  network to access student records, with the
  electronic student records being stored on a
  server located in the building. Additionally,
  each registrars office has a desktop computer
  that utilizes a wired network to access the
  server and electronic student records. The
  receptionist station has a desktop computer that
  is used to schedule appointments, but cannot
  access student records. In 1974, Congress enacted
  the Family

5
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 2 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• Select an organization with which you are
  familiar. Identify the compliance laws that you
  believe would be most relevant to this
  organization.
•  
• Justify your response.
• Define the scope of an IT compliance audit that
  would verify whether or not this organization is
  in compliance with the laws you identified.

6
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 4 Assignment 2 Organizational Risk
  Appetite and Risk Assessment (2 Papers)
• For more course tutorials visit
• www.newtonhelp.com
•  
• This Tutorial contains 2 Papers on the Below
  Mentioned Topic 
•  
•  
• Assignment 2 Organizational Risk Appetite and
  Risk Assessment
• Due Week 4 and worth 100 points
• Imagine that a software development company has
  just appointed you to lead a risk assessment
  project. The Chief Information Officer (CIO) of
  the organization has seen reports of malicious
  activity on the rise and has become extremely
  concerned with the protection of the intellectual
  property and highly sensitive data maintained by
  your organization. The CIO has

7
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 5 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• "Monitoring the User Domain" Please respond to
  the following
• It is common knowledge that employees are a
  necessary part of any business. Identify three
  (3) best practices in the user domain and suggest
  the control type(s) (technical or manual) that
  are best suited to monitor each best practice

8
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 6 Assignment 3 Evaluating Access
  Control Methods (2 Papers)
• For more course tutorials visit
• www.newtonhelp.com
•  
• This Tutorial contains 2 Papers on the Below
  Mentioned Topic 
•  
•  
• CIS 349 Week 6 Assignment 3 Evaluating Access
  Control Methods
•  
• Imagine you are an Information Systems Security
  Specialist for a medium-sized federal government
  contractor. The Chief Security Officer (CSO) is
  worried that the organizations current methods
  of access control are no longer sufficient. In
  order to evaluate the different methods of access
  control, the CSO requested that you research
  mandatory access control (MAC), discretionary
  access control (DAC), and role-based access
  control (RBAC). Then, prepare a report addressing
  positive and negative aspects of each access
  control method. This information

9
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 6 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• Many companies, large and small, have implemented
  Bring Your Own Device (BYOD) policies allowing
  employees to use their personal smartphones and
  tablets to conduct business while at work. Debate
  the major pros and cons of implementing such a
  policy.
•  

10
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 8 Assignment 4 Designing Compliance
  Within The LanToWan Domain (2 Papers)
• For more course tutorials visit
• www.newtonhelp.com
•  
• This Tutorial contains 2 Papers on the Below
  Mentioned Topic 
•  
•  
• CIS 349 Week 8 Assignment 4 Designing Compliance
  Within The Lan-To-Wan Domain
•  
• Assignment 4 Designing Compliance within the
  LAN-to-WAN Domain
•  

11
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 8 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• Remote access to corporate resources is becoming
  commonplace. From an auditing perspective,
  suggest two (2) or more controls that should be
  in place to prevent the loss or theft of
  confidential information.
•  
•  Give your opinion on what you believe are the
  essential elements of an acceptable use policy
  for remote access. Elaborate on each item and
  justify its importance. 

12
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 9 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• Data Center Management" Please respond to the
  following
• Imagine you are an IT security specialist of a
  large organization which is opening a new data
  center. Recommend a minimum of three (3)
  controls, other than door locks, you would
  utilize to secure the new data center physically.
  Support your recommendations.

13
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 10 Discussion
• For more course tutorials visit
• www.newtonhelp.com
•  
• "IT Auditor" Please respond to the following
• Take a position on whether or not you would want
  to pursue a career as an IT auditor. Explain the
  key reasons why or why not. Determine if you
  would recommend this job to your family and
  friends. Provide a rationale for your response.

14
CIS 349 Endless Education /newtonhelp.com

• CIS 349 Week 10 Term Paper Planning An It
  Infrastructure Audit For Compliance (2 Papers)
• For more course tutorials visit
• www.newtonhelp.com
•  
• This Tutorial contains 2 Papers on the Below
  Mentioned Topic 
•  
•  
• CIS 349 Week 10 Term Paper Planning An It
  Infrastructure Audit For Compliance
• erm Paper Planning an IT Infrastructure Audit
  for Compliance
•  
• Due Week 10 and worth 200 points
•  
• The audit planning process directly affects the
  quality of the outcome. A proper plan ensures
  that resources are focused on the right areas and
  that potential problems are identified early. A

15
CIS 349 Endless Education /newtonhelp.com