Which strategies are more expensive to deploy and maintain?
The Least- privileged strategies are more expensive in deploying and maintaining. They require the organization to plan, test as well as support limited access arrangements, thus generating substantial challenges and costs. The costs caused, for instance, are the redevelopment of custom programs, deployment of additional tools, and changes to operational procedures (Nurika et al. 2012).
Which strategies allow for the retention of data integrity?
Defense in Depth strategy allows for the data integrity retention as it nails all the requirements for the data integrity task. It is easy to maintain, pretty easy to understand, and permits rules to be placed (Ahmed et al. 2010).
Which strategies allow for stringent inbound data inspection?
Least Privilege- before the admins grant access, everything is usually evaluated.
Chokepoint- this strategy, when done in the right manner, prevents the attacker from getting access to the network without validation.
Defense in Depth- this strategy possesses a lot of layers of security controls.
Task 2:
What are the relevant issues surrounding firewall deployments?
Loss of visibility, as well as control over content, applications, and users, is the most significant issue surrounding the deployment of firewalls. The firewall in the past was able to control traffic with ease since applications were tightly tied to ports and protocols, making their classification using inspection technology effective. However, recent applications are built to handle any open port or SSL. They are not tied to particular protocols or ports, thus ensuring they are constantly accessible to users regardless of the likely security issues. A wide range of security and business risks is introduced by a lack of visibility and control (Nurika et al. 2012).
How does one balance security requirements with usability requirements?
An example of how security requirements can be balanced with usability is by use of passwords. Users are likely to set passwords that are simple and can be easily remembered and never change them when there are no constraints on the password complexity (Ahmed et al. 2010). In such cases, system usability is good since users will not experience a problem in accessing the system because of forgotten passwords. Simple passwords, however, are susceptible attacks of password guessing.
References
Ahmed, Z., Imine, A., & Rusinowitch, M. (2010, August). Safe and efficient strategies for updating firewall policies. In International Conference on Trust, Privacy and Security in Digital Business (pp. 45-57). Springer, Berlin, Heidelberg.
Nurika, O., Aminz, A. H. B. M., Rahman, A. S. B. A., & Zakaria, M. N. B. (2012, June). Review of various firewall deployment models. In 2012 International Conference on Computer & Information Science (ICCIS) (Vol. 2, pp. 825-829). IEEE.