New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
$34.99$59.99
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Please review the network diagram and scenario in detail. After you have completed your review, please choose the most appropriate statement that describes a legitimate source of the malicious data.
Cloud Service Consumer A sends a message to Cloud Service X (1), but it is first intercepted by Service Agent A (2) before actually being forwarded to Cloud Service X. Cloud Service X is hosted on Virtual Server X. Whenever an IT resource on Virtual Server X is accessed, the physical server that hosts Virtual Server X writes a log entry into Database A. After processing the request, Cloud Service X replies to Service Consumer A with a response message (4). Cloud Service Consumer B sends a message to Cloud Service Y (5)
Description
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms Please review the network diagram and scenario in detail. After you have completed your review, please choose the most appropriate statement that describes a legitimate source of the malicious data. New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Cloud Service Consumer A sends a message to Cloud Service X (1), but it is first intercepted by Service Agent A (2) before actually being forwarded to Cloud Service X. Cloud Service X is hosted on Virtual Server X. Whenever an IT resource on Virtual Server X is accessed, the physical server that hosts Virtual Server X writes a log entry into Database A. After processing the request, Cloud Service X replies to Service Consumer A with a response message (4). Cloud Service Consumer B sends a message to Cloud Service Y (5), which is hosted by Virtual Server Y. This virtual server is hosted by the same physical server as Virtual Server X and therefore when Cloud Service Y is accessed, a log entry is again written into Database A (6). After processing the request, Cloud Service X replies to Service Consumer A with a response message (7). After being in use for several weeks, Cloud Service Consumer B unexpectedly shuts down. An investigation reveals that a response message sent by Cloud Service Y contained malicious data that successfully attacked and disabled Cloud Service Consumer B and its underlying implementation.New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Part I: SELECT ALL THAT APPLY
Which of the following statements describes a legitimate source of the malicious data?
- The source of the malicious data was Service Agent A. Upon intercepting the message from Cloud Service Consumer A, the service agent altered its contents prior to forwarding the message to Cloud Service X. Because Cloud Service X and Cloud Service Y share the same underlying physical server, this data compromised IT resources on that physical server which further compromised Virtual Server Y and Cloud Service Y. New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
- The source of the malicious data was Database A. This database was independently attacked and made inaccessible by the physical server. Because the physical server was unable to write its log entries, it raised errors that affected the performance and behavior of Cloud Service Y. New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
- The source of the malicious data was Cloud Service Consumer A. This program forwarded malicious data in the message it sent to Cloud Service X. Because Cloud Service X and Cloud Service Y share the same underlying physical server, this data compromised IT resources on that physical server that further compromised Virtual Server Y and Cloud Service Y.
- The source of the malicious data was Virtual Server Y. This virtual server was independently attacked. The attacker managed to place malicious software on the virtual server which inserted malicious data into the message sent by Cloud Service Y to Cloud Service Consumer B. New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1 – Cloud Security Mechanisms
Part II: SELECT ALL THAT APPLY
Which of the following can be deployed to help ensure the confidentiality of the data in the cloud? (Choose two)
- Encryption
- SLA’s
- Masking
- Continuous Monitoring
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
The digital signature mechanism is a means of providing data authenticity and integrity through authentication and non-repudiation. A message is assigned a digital signature prior to transmission, which is then rendered invalid if the message experiences any subsequent, unauthorized modifications. A digital signature provides evidence that the message received is the same as the one created by its rightful sender. Would a digital signature have prevented Cloud Service Consumer B from being essentially attacked and shut down?
- Yes
- No
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
CMIT-280: Cloud Computing Security
Instructor Name and Communication Options
Instructor Name: Daniel Hembree
Preferred Email Method: Canvas Inbox
Secondary Email Method: djhembree@msn.com
Phone(s): 719-323-0748
Course Description and Prerequisites
Cloud computing has become increasingly central to Information Security (IS) strategies both at the corporate and personal level. It unifies a variety of technologies to provide businesses with a method to improve business efficiency and reduce costs. This course will provide students with knowledge they need to approach security in the cloud. We will start with a brief introduction to cloud computing and then jump in to cloud data security, infrastructure, and application security, etc. . This course was designed using coursework from ISC2 and the Cloud Security Alliance, two of the current leaders in this area.
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Prerequisite: CMIT-130
Student-Centered Learning Outcomes
By the end of the course, students will be able to:
- Learn the building blocks of cloud based systems.
- Understand the concepts, principles, structures, and standards used to design, implement, monitor, and secure operating systems.
- Develop knowledge of the cloud infrastructure components, both physical and virtual, existing threats, and mitigating and developing plans to deal with those threats.
- Ability to identify issues to ensure that the need for training and awareness in application security, the process involved with cloud software assurance and validation.
- Understand the processes to identify critical information and the execution of selected measures that eliminate or reduce adversary exploitation of critical information.
- Analyze the legal and compliance aspect of cloud computing security as it relates to ethical behavior and compliance with regulatory frameworks.
- Develop a sound understanding of cloud security tools, attacks, and various penetration methods.
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Textbook(s) and Technology Requirements
Required Texts
Your eBooks can be accessed through the Champlain College Library.
- Gordon, Adam. (2015). The Official (ISC)2 Guide to the CCSP CBK, 1st Edition (Links to an external site.) 1st Edition. Sybex.
- Erl, Thomas. (2013) Cloud Computing: Concepts, Technology & Architecture (Links to an external site.). 1st Edition. Prentice Hall.
For help accessing your O’Reilly eBook, please see the Champlain College Library’s O’Reilly eBook Guide.
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Technology Requirements
Please review the Technology Requirements (Links to an external site.) for Champlain College Online.
This course uses virtual machine technology. Please review the Course Overview for specific information about the technology you will be accessing for your coursework.
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Topic Outline
- Week 1: Cloud Architecture Concepts & Design Requirements
- Week 2: Cloud Data Security
- Week 3: Cloud Platform and Infrastructure Security
- Week 4: Cloud Application Security
- Week 5: Operations
- Week 6: Legal and Compliance
- Week 7: Cloud Security Mechanisms
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Methods of Assessment
Your final grade will be determined based on:
| Graded Elements | Percentage |
|---|---|
| Discussions | 25% |
| Written Assignments | 30% |
| Labs | 40% |
| Final | 5% |
| Total | 100% |
| Extra Credit Course Evaluation | 1% |
New Solution- CMIT-280-40 Week 2: Assignment 1 – Lab 1
Discussions
Weekly discussions are an integral part of learning at Champlain College and represent a significant portion of a student’s overall grade. In order to be successful, students should:
- Post a thorough, well-crafted initial response that fully addresses and develops all aspects of the prompt by the due date.
- Engage substantively throughout the discussion period by responding to others with questions or comments that demonstrate interest, build upon the ideas of others, and encourage elaboration.
- Apply and integrate concepts from this course as well as from quality resources including journals, websites, readings from another class, relevant work or life experience, etc.
- Demonstrate attention to style, structure, grammar, etiquette, and proper citation of references to maintain academic integrity.
Discussion grades are determined using the rubric below. The descriptions show what exemplary work looks like for each aspect of an overall discussion.
| Criteria | Description | Max Points |
|---|---|---|
| Application | Explicitly and thoroughly explains, applies, and integrates a) concepts from this or other courses, b) outside resources or research, c) life experiences, and/or d) processes used to solve problems. | 30 pts |
| Critical Thinking | Clearly articulates a desire to a) reflect, b) explore possibility, c) recognize ambiguity, d) question assumptions, and/or e) search for logical relationships among ideas. Selects, analyzes, and synthesizes relevant information to demonstrate original thinking. | 30 pts |
| Collaboration | Fosters collaborative learning while a) problem-solving, b) respectfully challenging others, and/or c) expanding thinking through responses and reflection with other learners throughout the week. Builds on classmate and instructor contributions to deepen the conversation. | 30 pts |
| Presentation | Demonstrates attention to APA/MLA style and structure, adheres to rules of grammar and etiquette, and properly cites references to literature and course materials. | 10 pts |
| Total Points: 100 | ||
Assignments
You will work through discussions and assignments related to some of the main pillars of cloud computing security, such as platform, application, and infrastructure security. We will also explore operations, legal, and compliance issues during the semester. There will also be a final assignment where students will be asked to demonstrate some of the things they have learned and apply them to a given scenario where they will document potential threats and attacks that could occur in a cloud environment.
Labs
The labs for this course were designed to provide students with practical experience identifying cloud threats and vulnerabilities. Students will have the opportunity to analyze a few different environments and apply what they have learned in the course to recommend actions/solutions. Most of the labs will be graded based on student understanding of the material and application of critical thinking to solve a problem, versus one right or wrong answer.
Student Resources & Policies
Academic Honesty Policy
Champlain College students are expected to be familiar with and adhere to the College’s policy for Academic Honesty. (Links to an external site.) Academic honesty entails creating original assignments, using your own words, and when using the words and ideas of others, documenting those sources using the method specified in this course. Our courses use plagiarism detection software. Please consult with your instructor if you are in doubt. Violations of the policy could result in a grade of F on the assignment or in the course as well as dismissal from the College.
Grading Policies
CCO Grading Policy (Links to an external site.)
Grading Scale (Links to an external site.)
