Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Discussion and Replies

Please see attachment for instructions.

 

 

 

In 250 words total, answer the questions below with 4 evidence base scholarly articles. APA format.

Based on the readings for chapter 3 Information Security Fundamentals and chapter 3&4 Information Security: Design, Implementation, Measurement, and Compliance, Discuss the following.

1. What are some of the cryptology methods used in my work organizations?

2. What do you find to be an advantage and disadvantage?

3. What are some things you think that may be lacking and or should be improved in the future?

400 words total, replying to the two posts below. Each reply must be 200 words for post 1 and post 2. 


S.B POST 1

In my organization, which operates within the public sector, cryptology plays a central role in protecting sensitive data, particularly within our records management systems and inter-agency communications. One of the most widely used cryptographic methods is AES-256 encryption, especially for database storage and file transfer protocols. This symmetric key encryption standard provides a strong balance of speed and security, and its adoption has helped ensure compliance with CJIS and other government data protection requirements (Peltier, 2013).

 

For secure external communication, we also rely heavily on TLS (Transport Layer Security), particularly for web-based applications and email systems. TLS ensures data confidentiality and integrity during transmission and is integrated into many of our public-facing platforms, such as citizen complaint portals and department-wide internal communications. Additionally, SHA-2 hashing is used for data integrity checks on documents submitted through our digital evidence systems.

 

A clear advantage of these methods is their maturity and wide adoption, which allows for relatively seamless integration into commercial off-the-shelf software and platforms. The downside, however, is that key management—especially for encrypted backup archives—can become cumbersome. We’ve experienced issues in the past where decryption keys weren’t properly maintained or rotated, leading to accessibility problems during audits or recovery efforts. As Peltier (2013) notes, poor key management can be a critical failure point, even when robust cryptographic tools are in place.

 

One area I believe needs improvement is end-user awareness and handling of encrypted data. While the backend systems are fairly secure, human error remains a vulnerability. For example, employees sometimes download sensitive encrypted files to personal devices or cloud drives, defeating the purpose of organizational encryption policies. Improving this would require stronger endpoint controls and mandatory encryption for local storage (Whitman & Mattord, 2021).

 

Going forward, I believe we need to evaluate quantum-resistant cryptography for long-term data protection, especially as federal agencies begin laying the groundwork for post-quantum encryption standards (NIST, 2023). While this might seem premature, critical data archived for 10+ years could be at risk once quantum computing becomes mainstream.

 

References

 

National Institute of Standards and Technology. (2023). Post-quantum cryptography: NIST’s approach and latest updates. 

Peltier, T. R. (2013). Information security fundamentals (2nd ed.). CRC Press.

Whitman, M. E., & Mattord, H. J. (2021). Principles of information security (7th ed.). Cengage Learning.


J.N POST 2

Currently, I am engaged in Communications Security (COMSEC) operations for the wing’s cybersecurity division, which plays a foundational role in safeguarding classified and sensitive information.  This vital role requires vigilance and expertise in implementing cryptologic methods designed to secure voice, data, and network communication.  These methods adherer strictly to standards approved by the National Security Agency (NSA), ensuring robust encryption and protection against potential breaches.  We operate on Key Management Infrastructure (KMI), a system that centralize control over key distribution, auding, and accountability.  The KMI’s integrated framework bring numerous advantages, including the enhanced security and automation of key lifecycle management processes such as distribution, revocation, and destruction.  Some challenges we face in COMSEC include the complexity of KMI, which can slow down operation when agility is needed in dynamic operational environments, particularly during emergencies.   KMI training is highly specialized and provided at only one location for the entire Air Force.  Training takes one month to complete, creating gaps in staffing.  Mastery of KMI operations takes years to fully grasp both operational and administrative to run the account effectively.  This steep learning curve places additional pressure on personnel to perform flawlessly in high-stakes scenarios. 

 

For future improvement in the administrative processes of COMSEC, unifying all documents to include digital signature would be highly beneficial.  Currently, handle numerous documents, with some requiring wet signatures and others relying solely on digital ones.  Standardizing this process would streamline operations and reduce complexity.  Interestingly, COMSEC falls under the IT domain, yet it often feels more like an administrative role.  Many of my co-workers who have spent the majority of their careers in COMSEC enjoy job security within this field but struggle to qualify for other positions in IT.

 

Reference:

 

Layton, Timothy P.. Information Security : Design, Implementation, Measurement, and Compliance, Auerbach Publishers, Incorporated, 2006. ProQuest Ebook Central,

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

Project 1

Customer Guidelines The customer has given your manager the following guidelines for the system: Interfaces and startup: · The system needs to be GUI oriented and user friendly with functionality logically grouped together into sub-menus. · When program first starts it needs to give an option to open a new

GitHub

see attachment for details DAT 260 Module Eight Journal Guidelines and Rubric Overview As you have learned in the module resources, GitHub is more than just a place to store code. It is a dynamic community of practice and a living portfolio of your coding skills. In this journal entry,

Blockchain app programming

i have the template provided and you will have to use the term project presentation to complete it.  Secure-Trade CIS-5730 – Blockchain Applications TERM PROJECT PRESENTATION The money is stored in a digital wallet in the blockchain until two parties pass release or refund (Safe, 2026). The same agreement promotes

HIMS 655 ASS8

Watch the YouTube Video MEDICAL CODING ICD-10-CM GUIDELINES LESSON – 1.B – Coder explanation and examples for 2021 Review the ICD-10-CM Official Guidelines for Coding and Reporting at   and in your assignment respond to the following questions: Who is responsible for framing these Guidelines? Why are these guidelines necessary for

HIMS 645 ASS8

Using Internet resources, search  three national and three international healthcare organizations that maintain databases and use the information based on the processed data from these databases in their decision-making process. Briefly describe the organizations and types of data contained in their databases (make sure to remember quality of data points and

W8: Topic 1 – Course Wrap-Up

 Pick one topic from this class that most interested you. State the topic and your reasons for the choice. ii. You need to respond to at least 2 students.  This is part of your grade to be active in the threads and responding to students.   NB: THIS IS THE TOPIC

Big Data Tools and Emerging Technologies

please see attachment  4 [ Note: To complete this template, replace the bracketed text with your own content. Remove this note before you submit your project.] Big Data Tools and Emerging Technologies Paper [Your Name] DAT 260: Emerging Technologies and Big Data [Your Instructor’s Name] [Date—for example, May 1, 2021]

HIMS 655 ASS7

Mapping between SNOMED-CT and ICD-10-CM Note: For completing this assignment, use of the I-MAGIC tool (Interactive Map-Assisted Generation of ICD Codes) is required. To access the I-MAGIC tool, click on the following  ) Problems and diagnoses can be recorded in SNOMED CT in the EHR, while the cross-mappings to ICD-10-CM can

HIMS 645 ASS7

Four types of databases are Relational, Network, Hierarchical, and Object-Oriented. What are their salient features (a table format is acceptable)? Assess their usability for healthcare facilities that generated numerical, text, and images data citing reasons for your choice.  Two most commonly used databases in healthcare organizations are Relational and Object-Oriented (O-O). Both employ respective

MS ACCESS

Need to do a Microsoft Access document for my work.  2 Consideration of MS Access Database Development on Healthcare. Name Instructor School Date Consideration of MS Access Database Development on Healthcare. Introduction The task entailed developing a Microsoft access database of a small healthcare facility, which has just abandoned the

Effective security programs

Organizational policies define the direction for an organization and contribute to its overall security culture by setting the tone on what is and is not acceptable.