Our Services

Get 15% Discount on your First Order

[rank_math_breadcrumb]

Discussion and Replies

Please see attachment for instructions.

 

 

 

In 250 words total, answer the questions below with 4 evidence base scholarly articles. APA format.

Based on the readings for chapter 3 Information Security Fundamentals and chapter 3&4 Information Security: Design, Implementation, Measurement, and Compliance, Discuss the following.

1. What are some of the cryptology methods used in my work organizations?

2. What do you find to be an advantage and disadvantage?

3. What are some things you think that may be lacking and or should be improved in the future?

400 words total, replying to the two posts below. Each reply must be 200 words for post 1 and post 2. 


S.B POST 1

In my organization, which operates within the public sector, cryptology plays a central role in protecting sensitive data, particularly within our records management systems and inter-agency communications. One of the most widely used cryptographic methods is AES-256 encryption, especially for database storage and file transfer protocols. This symmetric key encryption standard provides a strong balance of speed and security, and its adoption has helped ensure compliance with CJIS and other government data protection requirements (Peltier, 2013).

 

For secure external communication, we also rely heavily on TLS (Transport Layer Security), particularly for web-based applications and email systems. TLS ensures data confidentiality and integrity during transmission and is integrated into many of our public-facing platforms, such as citizen complaint portals and department-wide internal communications. Additionally, SHA-2 hashing is used for data integrity checks on documents submitted through our digital evidence systems.

 

A clear advantage of these methods is their maturity and wide adoption, which allows for relatively seamless integration into commercial off-the-shelf software and platforms. The downside, however, is that key management—especially for encrypted backup archives—can become cumbersome. We’ve experienced issues in the past where decryption keys weren’t properly maintained or rotated, leading to accessibility problems during audits or recovery efforts. As Peltier (2013) notes, poor key management can be a critical failure point, even when robust cryptographic tools are in place.

 

One area I believe needs improvement is end-user awareness and handling of encrypted data. While the backend systems are fairly secure, human error remains a vulnerability. For example, employees sometimes download sensitive encrypted files to personal devices or cloud drives, defeating the purpose of organizational encryption policies. Improving this would require stronger endpoint controls and mandatory encryption for local storage (Whitman & Mattord, 2021).

 

Going forward, I believe we need to evaluate quantum-resistant cryptography for long-term data protection, especially as federal agencies begin laying the groundwork for post-quantum encryption standards (NIST, 2023). While this might seem premature, critical data archived for 10+ years could be at risk once quantum computing becomes mainstream.

 

References

 

National Institute of Standards and Technology. (2023). Post-quantum cryptography: NIST’s approach and latest updates. 

Peltier, T. R. (2013). Information security fundamentals (2nd ed.). CRC Press.

Whitman, M. E., & Mattord, H. J. (2021). Principles of information security (7th ed.). Cengage Learning.


J.N POST 2

Currently, I am engaged in Communications Security (COMSEC) operations for the wing’s cybersecurity division, which plays a foundational role in safeguarding classified and sensitive information.  This vital role requires vigilance and expertise in implementing cryptologic methods designed to secure voice, data, and network communication.  These methods adherer strictly to standards approved by the National Security Agency (NSA), ensuring robust encryption and protection against potential breaches.  We operate on Key Management Infrastructure (KMI), a system that centralize control over key distribution, auding, and accountability.  The KMI’s integrated framework bring numerous advantages, including the enhanced security and automation of key lifecycle management processes such as distribution, revocation, and destruction.  Some challenges we face in COMSEC include the complexity of KMI, which can slow down operation when agility is needed in dynamic operational environments, particularly during emergencies.   KMI training is highly specialized and provided at only one location for the entire Air Force.  Training takes one month to complete, creating gaps in staffing.  Mastery of KMI operations takes years to fully grasp both operational and administrative to run the account effectively.  This steep learning curve places additional pressure on personnel to perform flawlessly in high-stakes scenarios. 

 

For future improvement in the administrative processes of COMSEC, unifying all documents to include digital signature would be highly beneficial.  Currently, handle numerous documents, with some requiring wet signatures and others relying solely on digital ones.  Standardizing this process would streamline operations and reduce complexity.  Interestingly, COMSEC falls under the IT domain, yet it often feels more like an administrative role.  Many of my co-workers who have spent the majority of their careers in COMSEC enjoy job security within this field but struggle to qualify for other positions in IT.

 

Reference:

 

Layton, Timothy P.. Information Security : Design, Implementation, Measurement, and Compliance, Auerbach Publishers, Incorporated, 2006. ProQuest Ebook Central,

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Related Questions

Week 10

Read attachment for details  Week 8 Feedback Overall Feedback Theory is one of the most difficult concept to grasp.  Your study must be based on a theory and align with what you are attempting to explore and what you are trying to answer based on previous gaps in research. Well

hw2

This problem exercises the basic concepts of game playing, using tic-tac-toe as an example.  We define Xn as the number of rows, columns, or diagonals with exactly n X’s and no O’s.  Similarly, On is the number of rows, columns, or diagonals with exactly n O’s.  The utility function assigns

Computer Science Homework 2

Homework 2. Question 1. Decision Tree Classifier [10 Points] Data: The zip file “ hw2.q1.data.zip” contains 3 CSV files: · “ hw2.q1.train.csv” contains 10,000 rows and 26 columns. The first column ‘ y’ is the output variable with 2 classes: 0, 1. The remaining 25 columns contain input features: x_1,

Incident Response

Please follow the PDF WGU Performance Assessment  Please create report attach is the doc file to use  also included are the lab results with screen shots of answer  -Create “Incident Reporting Template” with file attach -Use screenshot evidence document, in .docx format, generated by the virtual lab for guidance and

Week 8

Read attachment for details Theoretical Framework – Week 8 Hide Assignment Information Turnitin™ Turnitin™ enabledThis assignment will be submitted to Turnitin™. Instructions This week you will submit your theoretical framework. The following description for this section of your thesis is from the End of Program Manual (EOP): Theoretical Framework/Approach: The

In Basketball Stars, a player attempts 25 shots in one game.

  In  basketball stars, a player attempts 25 shots in one game. a) If 15 shots are successful, what is the player’s shooting percentage? b) The next game, the player makes 18 out of 30 shots. Compare the two shooting percentages. c) What is the overall shooting percentage across both

problem

Research problems due 9/18 Please follow the instructions carefully for your research problem. Your argument and research input will significantly impact your grade. Ensure that you check for AI-generated content and plagiarism before submitting your paper. AI-generated content should not exceed 10%, and content from external sources should be limited

co task 6

Topic-bitcoin Task 6 Objective: To apply systems thinking principles to analyze a blockchain network and understand its key components, interactions, and dynamics. Assignment Tasks: Select a Blockchain Network: Choose a specific blockchain network or cryptocurrency project to analyze. You can select well-known networks like Bitcoin, Ethereum, or any other blockchain

CO Task 5

In this homework, we explore Naïve Bayes, K-Nearest Neighbors, and Support Vector Machine models. 1) (50 points) Use “credit_Dataset.arff” dataset and apply the Naïve Bayes, K-Nearest Neighbors, and Support Vector Machine technique using the WEKA tool in 2 different settings, including: a. 10 fold-cross validation. b. 80% training. Write a

PhD thesis

I need a comprehensive PhD thesis developed on the topic of “Emotion-Aware Artificial Intelligence and Sustainable Consumer Behavior: A Neuro-AI Marketing Framework for Continuous Green Consumption.”

Co project

· Comprehensive Literature Review: Require a more comprehensive survey of existing approaches. · Comparative Study: Expect more detailed benchmarking of at least 8 to 10 machine learning models. · Additional Experiments: · Conduct feature selection or dimensionality reduction as an extra step. · Explore ensemble methods or advanced techniques beyond

AI

Did AI take place the Software Engineers, HR consultants and Data Entry Jobs?

Data visualization 4 part 2

Follow the attached instructions to complete this work. Unit 4 Assignment Directions: Time Series In this assignment, you will perform a time series analysis in Tableau. · Choose a dataset to analyze based on the requirements provided.   · Once you’ve selected your time series, build a forecast to predict future

Computer Science CG Assignment 8 presentation

Follow the attach instruction to complete this work. Note: Make sure it aligns with Rubric Unit 8 Assignment 2 Directions: Final Presentation Purpose With this presentation, you will gain valuable experience demonstrating your expertise in cybersecurity governance by presenting as a CISO to a hypothetical professional audience.  Directions Begin by incorporating

Computer Science CG assignment 8

Follow the attached assignment to complete the work. Note: Follow Rubric Unit 8 Assignment 1 Directions: Presentation Rehearsal Purpose The rehearsal is your first run-through of your talk. Use the opportunity to de-bug any technical issues with lighting, positioning, and recording. You will not be graded on technical or artistic

Computer Science CG assignment 7 Outline

 Follow the attached document to complete this work Unit 7 Assignment 1 Directions: Professional Presentation Outline Purpose This assignment allows you time to review your research from previous units and organize your thoughts in an outline format. Plan on changing your paper and presentation based on feedback on this outline.  Directions

Computer Science CG assignment 6 ,

Follow the attached direction to complete this work. Note: Make sure it Aligns with Rubric Unit 6 Assignment 2 Directions: Timothy Brown vs. the SEC Purpose The Securities and Exchanges Commission (SEC) is a key US federal agency that regulates financial reporting. In this paper, you will explore how the