Week 2. 3 assignment: CIS 329 Hardware Deployment Solution to Question1 a) Hardware compatibility, hardware availability and security are some of the items which should be a part of every installation checklist during the time of hardware deployment. Compatibility is an important part of checklist because it will ensure that the installed hardware is capable of functioning with other hardware and software types. The availability is also important since it will determine whether the needed hardware device(s) are easily obtainable or not. Security consideration ensures that the hardware devices are free from theft or any cyber attack after installation.
b) The type of hardware and site of installation should also be part of checklist. The hardware type can be used to solve compatibility issues with other hardware while installation site will ensure that adequate space is chosen for the occupancy of the hardware equipment (General 2011).
Solution to question 2
a) In terms of user interface, win 7 supported touch screen although it was not perfect or ideal, that is, it did not have control features that are sufficiently good. Win 8 on the other hand has improved touch screen support. An example is that of desktop which is far better in such a way that the user can close window and be able to choose menu items without any problem.
b) Windows8 also has improved performance in terms of short response time as compared to win7 since it has quicker ways of opening the target programs rather than just relying on menus given that the interface is built for touch. The additional advanced features of windows 8 also make it safer in terms of security features than win 7.
Validating Device Drivers
Solution to question 1
a) It is necessary to bypass the use of digital signatures to validate or protect device drivers in situations where non-embedded intelligent Guards against Disasters (iGADs) does not have device driver.
b) In the case where non embedded iGAD do not have, one or more disaster management applications is used to run on some platforms and thus digital signatures may not be necessary for protection (Liu et al., 2013).
Solution to question 2
a) The key guideline that one should meet in order to justify an administrator’s decision to bypass the use of digital signatures when validating device drivers is the design guideline. This is because the design guideline has the basics of ensuring that many levels of security and dependability are open, modular and cost effective(Di Sarno, 2011).
b) Another guideline is the NIST guideline which recommends shifting to 2048 bit keys in addition to protecting against adversaries (Böhme & Moore, 2012).
AppLocker versus Software Restriction Policies
Solution to question 1
a) Both software restriction policy and AppLocker use group policy for domain management. Nevertheless, AppLocker takes precedence over software restriction policy on computer running windows 7, 8 and others at a time when software restriction policy and AppLocker policies exist in similar domain and used via group policy.
b) One situation that would influence the use of software restriction policy or AppLocker within a network environment is the need to reduce network trouble shooting issues whereby the two are not combined but used individually. Another situation is where different group policy objective (GPO) is to be used for each case for the purpose of making straightforward the result of policy testing
Solution to question 2
a) Many organizations limit or restrict the applications used by their employees in order to reduce both the catalog of supported applications, and support and help desk escalation. This is necessary for the purpose of enforcing different levels of security for various users in order to ensure that not all organization files are accessed by them.
b) However, this practice is not really good because this translates to saying that the organization which is the employer always have employees which it cannot trust yet they part and parcel of the organization stakeholders. Nonetheless, this restriction by the organization aligns closest with my belief concerning the restriction of access to applications. This is because not all employees will always be satisfied with the organization and hence at one time one might be attempted to illegally gain access to sensitive files and applications of the organization for their own personal gains.
References
Böhme, R., & Moore, T. (2012). A Brief Introduction to Information Security
Di Sarno, C., UPM, V. V., UPM, V. G., Mazzeo, A., Mazzocca, N., UPM, R. J. P., … & Vial, E. (2011). D5. 1. 4-Resilient SIEM Framework Architecture, Services and Protocols.
General, A. (2011). SECTION 16740 PRIMARY ELEMENTS. SECTION TITLE PAGES SPECIFICATIONS DIVISION 1-GENERAL REQUIREMENTS.
Liu, J. W. S., Shih, C. S., & Chu, E. T. H. (2013). Cyberphysical Elements of Disaster-Prepared Smart Environments. IEEE Computer, 46(2), 69-75.
