Skip to main content

ScenarioYou have just been hired as the security manager of Medical Credentials Company (MCC), reporting to the Chief Information Officer (CIO). MCC is a kind of clearinghouse for doctors, hospitals

By

Scenario

You have just been hired as the security manager of Medical Credentials Company (MCC), reporting to the Chief Information Officer (CIO). MCC is a kind of clearinghouse for doctors, hospitals, and group practices. It stores and distributes information on its clients, including sensitive information on previous malpractice lawsuits or disciplinary action. MCC is converting from an in-house database to a distributed database, which can be queried by telecommuting employees and clients. This change requires a high level of security. It is your responsibility to provide your engineers with the security requirements and at the same time convince senior management that the system being developed is robust and secure enough to protect this sensitive information. After careful examination of the database requirements and security requirements, you decide that compliance with the current accreditation/authorization process (NIST 800-37 RMF) would sufficiently protect the database from intrusion and tampering.

Project Background

In an IT security networking meeting, you join a group discussion the Common Criteria. Now you’re going to have to move up to the Common Criteria. You will need to focus on the Protection Profile (PP). A Protection Profile contains the necessary security requirements to achieve the operational functionality and assurance for a generic product or system of the designated category.

You’re in front of your CIO and she is not pleased that you have changed direction. You have explained the fundamentals to her, and now she is asking more detailed questions. This week you will respond to questions from your CIO.

The project deliverables are as follows:

WEEK 5: The EAL Ratings in the Common Criteria (600-700 WORDS)

·      What is the value of the Evaluation Assurance Level (EAL) rating in the CC model?

·      There is a treaty that requires the signatory nations to accept CC evaluations of products (U.S. and most European countries) from one country to another up to EAL4. Why is EAL4 a breakpoint?

Basically, you should talk about the following:

1.Value of Evaluation Assurance Levels (EAL)

2.Evaluation Assurance Level 4 (EAL4)

3.Common Criteria and the Orange Book



Logo
.
CLICK HERE TO ORDER 100% ORIGINAL PAPERS AT PrimeWritersBay.com

Comments

Post a Comment

Popular posts from this blog

Starting with this provided code, add the following functionality

By
1.Starting with this provided code, add the following functionality: Replace hardcoded strings “Zero”, “One”, “Two”, “Three” in the ArrayList based on user typed input (use Scanner or JOptionPane classes). The user will be prompted for the String to be stored in the ArrayList and then hit enter. The user will be able to continue to add items to the ArrayList until they just hit enter without typing anything. Once the user does this (hits enter without typing anything), the program will display all of the elements of the ArrayList, both the index and String values, in a table. It will do this via a single loop making use of an iterator method. 2. Starting with this provided code, add the following functionality: Use a Try/Catch block so that the exception is caught and the program exits a bit more gracefully. Save this file as TryCatch.java. (Be sure to rename the Public Class accordingly.) Starting with the provided code again (without the Try/Catch block), fix the code so that
2 comments
Read more

Josie Eskander

By
  Question 1: Task 1: Report Assume you are Josie Eskander. You are writing in response to techno trading P/L’s advertisement of a new laptop at 20% below normal price. You want information on brand name, availability of service and repairs, delivery times and methods of payment. Write the letter using the seven basic parts of the letter. In the opening paragraph present a clear and courteous request. Secondly write a response from techno trading giving details and proposing the sale. Provide draft of both emails in the space below. Question 2: Task 2: Report In pairs, nominate a good and a bad letter writer. Discuss the key differences. Write a good/bad letter from techno training to Alex Antonov accepting/declining his proposal to invest in the business Question 3: Task 3: Report Write a letter from techno trading p/l to a new client ‘new realities p/l’ urging them to buy techno new virtual reality software. Make a strong argument for the product. Question 4: Task 4: Report Write a l
Post a Comment
Read more

Sandra Coke is vice president for research and development at Great Lakes Foods (GLF), a large snack food company that has approximately 1,000 employees

By
Chapter 2 I Trait Approach 33 CASE 2.1 Choosing a New Director of Research Sandra Coke is vice president for research and development at Great Lakes Foods (GLF), a large snack food company that has approximately 1,000 employees. As a result of a recent reorganization, Sandra must choose the new director of research. The director will report directly to Sandra and will be responsible for developing and testing new products. The research division of GLF employs about 200 people. The choice of directors is important because Sandra is receiving pressure from the president and board of GLF to improve the company's overall growth and productivity. Sandra has identified three candidates for the position. Each candidate is at the same managerial level. She is having difficulty choosing one of them because each has very strong credentials. Alexa Smith is a longtime employee of GLF who started part-time in the mailroom while in high school. After finishing school, Alexa worked in as many as
2 comments
Read more