490 WK5 DQ1 100-150 WORDS

In 2018, CEO Mark Zuckerburg responded to a data breach by writing in a Facebook post, “We have a responsibility to protect your data, and if we can’t, then we don’t deserve to serve you. I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again.” (Schwalbe, 2018). Discuss how this problem could have been avoided. Explain why this problem is a product of poor quality.

REPLIES 75-100 WORDS

A Chad Pope

Hello Professor Gentry,

Based on my research and analysis of the circumstances surrounding the 2018 Facebook data breach, Facebook could and should have used project quality management processes and principles regarding third party applications offered on their platform. Did Facebook develop a quality management plan? If so, did they execute it? Did they implement quality control techniques? It would appear not. The Cambridge Analytica application compromised the information of Facebook users’ friends without their consent. Sound quality management could have at least reduced the risk associated with third party applications. I am not sure it would have completely mitigated the risk, but it could certainly have lowered it.

B Francheska Janosik

Class,

To me it would seem that the company should have required the privacy protection that they implanted in 2014 from the very beginning. There should always be strict requirements around the access and use of personal information. There should have been no point in time that a company should have been able to access private personal information. 

C Jordan Ehresman

Hello Class,

The Facebook data breach of 2018 was caused by vulnerabilities in a new implemented feature that allowed for the attackers to gain control of millions of user accounts through stolen access tokens. According the research by Wong (2019) the breach attack was conducted from September 16 and finally discovered and patched on by September 25th. This attack was able to access all the data that presented on the users account as well login capabilities for third party applications that utilize Facebook login as a method of access. Software vulnerabilities are inevitable but mitigating and account for them should be prioritized by all organization to ensure that both the company and the users data integrity is upheld. Vulnerability assessment processes and vulnerability scanners should be utilized to identify and correct for all all discovered vulnerabilities (Hamilton, 2022). Vulnerability assessments allow for the organization to identify and resolve all found vulnerabilities in an efficient manner that ranks them accordingly and minimizes the chances that they can be exploited upon before correction. Vulnerability scanners are categorized into host based, network based and database based tools and are utilized to identify vulnerabilities over the differing source associated with each type. These tools should be used to monitor and detect vulnerabilities in a timely manner.

430 WK6 DQ1 100-150 WORDS

How can an organization apply the Common Criteria for Information Technology Security Evaluation (CC)? Is there value in applying CC within public companies?

REPLIES 75-100 WORDS

A Yamil Santana

Good Afternoon Class,

The Common Criteria for Information Technology Security Evaluation (CC) is a standard for evaluating the security of information technology (IT) products. It is used to certify that an IT product has been thoroughly evaluated and meets certain security standards.

To apply the CC, an organization can follow these steps:

1. Identify the security requirements of the IT product that needs to be evaluated.

2. Determine the level of assurance needed for the IT product. This will depend on the sensitivity of the data that the IT product will be handling and the potential impact of a security breach.

3. Select a CC evaluation facility that is accredited to perform evaluations to the desired level of assurance.

4. Submit the IT product for evaluation to the selected facility. This will involve providing documentation about the product and its security features, as well as making the product available for testing.

5. The evaluation facility will conduct a thorough review of the IT product and its security features. If the product meets the CC requirements, it will be granted a certificate of evaluation.

There is value in applying the CC within public companies, as it can help to ensure that their IT products are secure and meet high standards for protecting sensitive data. This can help to build trust with customers and stakeholders, and can also reduce the risk of security breaches, which can have serious consequences for a company.

B Idrisu Rabiu

Common Criteria (CC) is an international set of guidelines and specifications developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments. Common Criteria is more formally called “Common Criteria for Information Technology Security Evaluation.” 

Common Criteria has two key components: Protection Profiles and Evaluation Assurance Levels. A Protection Profile (PPro) defines a standard set of security requirements for a specific type of product, such as a firewall. The Evaluation Assurance Level (EAL) defines how thoroughly the product is tested. Evaluation Assurance Levels are scaled from 1-7, with one being the lowest-level evaluation and seven being the highest-level of evaluation. A higher-level evaluation does not mean the product has a higher level of security, only that the product went through more tests. 

To submit a product for evaluation, the vendor must first complete a Security Target (ST) description, which includes an overview of the product and product’s security features, an evaluation of potential security threats and the vendor’s self-assessment detailing how the product conforms to the relevant Protection Profile at the Evaluation Assurance Level the vendor chooses to test against. The laboratory then tests the product to verify the product’s security features and evaluates how well it meets the specifications defined in the Protection Profile. The results of a successful evaluation form the basis for an official certification of the product. The goal of CC certification is to assure customers that the products they are buying have been evaluated and that the vendor’s claims have been verified by a vendor-neutral third party. 

C Autumn Keen

The common criteria is a international set of guidelines used to evaluate a computer security product and system evaluations. CC is also known as ISO/IEC 15408. It maintains certified products such as operating systems, access control system, databases and so on. Created by a multi country combined effort (United States, Canada, France, Germany, The Netherlands and the UK). A framework that computer system users can “Security Target” (functional and assurance requirements). It provides assurance that the process of implementation and evaluation of a security product has been performed in a rigorous standard at a level that is commensurate with the target audience / customer needs.

Seeing as CC is a checks and balance for products and services, I believe it is valuable to have CC within public companies to add one more layer of security due to all companies have devices, data and such that need to be protected.

Calculate the price of your order

Select your paper details and see how much our professional writing services will cost.

We`ll send you the first draft for approval by at
Price: $36
  • Freebies
  • Format
  • Formatting (MLA, APA, Chicago, custom, etc.)
  • Title page & bibliography
  • 24/7 customer support
  • Amendments to your paper when they are needed
  • Chat with your writer
  • 275 word/double-spaced page
  • 12 point Arial/Times New Roman
  • Double, single, and custom spacing
  • We care about originality

    Our custom human-written papers from top essay writers are always free from plagiarism.

  • We protect your privacy

    Your data and payment info stay secured every time you get our help from an essay writer.

  • You control your money

    Your money is safe with us. If your plans change, you can get it sent back to your card.

How it works

  1. 1
    You give us the details
    Complete a brief order form to tell us what kind of paper you need.
  2. 2
    We find you a top writer
    One of the best experts in your discipline starts working on your essay.
  3. 3
    You get the paper done
    Enjoy writing that meets your demands and high academic standards!

Samples from our advanced writers

Check out some essay pieces from our best essay writers before your place an order. They will help you better understand what our service can do for you.

  • Analysis (any type)
    Advantages and Disadvantages of Lowering the Voting Age to Thirteen
    Undergrad. (yrs 1-2)
    Political science
    APA
  • Coursework
    Leadership
    Undergrad. (yrs 1-2)
    Business Studies
    APA
  • Essay (any type)
    Is Pardoning Criminals Acceptable?
    Undergrad. (yrs 1-2)
    Criminal Justice
    MLA

Get your own paper from top experts

Order now

Perks of our essay writing service

We offer more than just hand-crafted papers customized for you. Here are more of our greatest perks.

  • Swift delivery
    Our writing service can deliver your short and urgent papers in just 4 hours!
  • Professional touch
    We find you a pro writer who knows all the ins and outs of your subject.
  • Easy order placing/tracking
    Create a new order and check on its progress at any time in your dashboard.
  • Help with any kind of paper
    Need a PhD thesis, research project, or a two-page essay? For you, we can do it all.
  • Experts in 80+ subjects
    Our pro writers can help you with anything, from nursing to business studies.
  • Calculations and code
    We also do math, write code, and solve problems in 30+ STEM disciplines.

Frequently asked questions

Get instant answers to the questions that students ask most often.

See full FAQ
  • Is there a possibility of plagiarism in my completed order?

    We complete each paper from scratch, and in order to make you feel safe regarding its authenticity, we check our content for plagiarism before its delivery. To do that, we use our in-house software, which can find not only copy-pasted fragments, but even paraphrased pieces of text. Unlike popular plagiarism-detection systems, which are used by most universities (e.g. Turnitin.com), we do not report to any public databases—therefore, such checking is safe.

    We provide a plagiarism-free guarantee that ensures your paper is always checked for its uniqueness. Please note that it is possible for a writing company to guarantee an absence of plagiarism against open Internet sources and a number of certain databases, but there is no technology (except for turnitin.com itself) that could guarantee no plagiarism against all sources that are indexed by turnitin. If you want to be 100% sure of your paper’s originality, we suggest you check it using the WriteCheck service from turnitin.com and send us the report.

  • I received some comments from my teacher. Can you help me with them?

    Yes. You can have a free revision during 7 days after you’ve approved the paper. To apply for a free revision, please press the revision request button on your personal order page. You can also apply for another writer to make a revision of your paper, but in such a case, we can ask you for an additional 12 hours, as we might need some time to find another writer to work on your order.

    After the 7-day period, free revisions become unavailable, and we will be able to propose only the paid option of a minor or major revision of your paper. These options are mentioned on your personal order page.

  • How will I receive a completed paper?

    You will get the first version of your paper in a non-editable PDF format within the deadline. You are welcome to check it and inform us if any changes are needed. If everything is okay, and no amendments are necessary, you can approve the order and download the .doc file. If there are any issues you want to change, you can apply for a free revision and the writer will amend the paper according to your instructions. If there happen to be any problems with downloading your paper, please contact our support team.
  • Where do I upload files?

    When you submit your first order, you get a personal account where you can track all your orders, their statuses, your payments, and discounts. Among other options, you will have a possibility to communicate with your writer via a special messenger. You will be able to upload all information and additional materials on your paper using the “Files” tab on your personal page. Please consider uploading everything you find necessary for our writer to perform at the highest standard.
See full FAQ

Take your studies to the next level with our experienced specialists

Live Chat+1 (857) 777-1210 EmailWhatsApp