Scribd
Upload
74 views6 pages

Lovely Professional University Academic Task N0-3 Cyber Security Essentials

The document discusses several relevant IBM policies: 1. It discusses IBM's commitment to principles of business ethics and lawful conduct. 2. It discusses IBM's policy of equal opportunity and fostering an inclusive workplace with diversity in employees. 3. It discusses IBM's policy of not making political contributions as a company and encouraging employees to participate in politics as individuals.

Uploaded by

Thathireddy Lokanadham Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
74 views6 pages

Lovely Professional University Academic Task N0-3 Cyber Security Essentials

The document discusses several relevant IBM policies: 1. It discusses IBM's commitment to principles of business ethics and lawful conduct. 2. It discusses IBM's policy of equal opportunity and fostering an inclusive workplace with diversity in employees. 3. It discusses IBM's policy of not making political contributions as a company and encouraging employees to participate in politics as individuals.

Uploaded by

Thathireddy Lokanadham Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

LOVELY PROFESSIONAL UNIVERSITY

ACADEMIC TASK N0-3


CYBER SECURITY ESSENTIALS

NAME: T. LOKANADHAM REDDY SECTION: K18TM


REG NO : 11810601 FACULTY: RAVI SHANKAR
ROLL NO :31

Q1) Just like other assets, the VMs that you have started building are subject to various
risks, both intentional and accidental, including the destruction of data. In order to recover
from such incidents quickly and to ensure that your VMs remain available and functional,
you want to take advantage of ability to create snapshots. It will enable you to quickly revert
your VMs to a baseline configuration, essentially resetting the machines to a known, secure
state. Why is elasticity such an important component of cloud services? How does it differ
from scalability? Discuss in detail.

Ans:

Virtualization has made a dramatic impact in a very short time on IT and networking and has
already delivered huge cost savings and return on investment to enterprise data centres and
cloud service providers. Typically, the drivers for machine virtualization, including multi-
tenancy, are better server utilization, data centre consolidation, and relative ease and speed of
provisioning. Cloud service providers can achieve higher density, which translates into better
margins. Enterprises can use virtualization to shrink capital expenditures on server hardware
as well as to increase operational efficiency. Some think that virtualized environments are
more secure than traditional ones for the following reasons:
Isolation between virtual machines (VMs) provided by the hypervisor
No known successful attacks on hypervisors1save for theoretical ones, which require access
to the hypervisor source code and ability to implement it
Ability to deliver core infrastructure and security technologies as virtual appliances such as
network switches and firewalls
Ability to quarantine and recover quickly from incidents. Others think that the new
virtualized environment requires the same type of security as traditional physical
environments. As a result, it is not uncommon to selegacy security solutions, processes, and
strategies applied to the virtual environment. The bottom line, though, is that the new
environment is more complex and requires a new approach to security.

Security Control for migrating risks:

To mitigate risk, consider implementing the following security controls:


Control the backup, archiving, distribution, and restart of VMs with effective policies,
guidelines, and processes such as suitably tagging the VM based on sensitivity / risk level.
Use virtualization products with management solutions that examine, patch, and apply
security configuration changes. While evaluating these products, consider the coverage
provided across hypervisors and if there are exceptions in fine print
.Create a controlled environment to apply security patches and control policies to an offline
or dormant VM.
.Avoid problems—systems accidentally or intentionally powered off / deleted or rogue
instances—with appropriate architecture and design as well as regular monitoring of virtual
appliances that provide critical infrastructure, management, and security services.

Cloud Elasticity:

Ability of the hardware layer below (usually cloud infrastructure) to increase or


shrink the amount of the physical resources offered by that hardware layer to the software
layer above. The increase / decrease is triggered by business rules defined in advance (usually
related to application's demands). The increase / decrease happens on the fly without physical
service interruption.

Scalability:

 Ability of a software system to process higher amount of workload on its current hardware
resources or on current and additional hardware resources without application service
interruption;
Difference:

Again, scalability is a characteristic of a software architecture related to serving higher


amount if workload, where elasticity is a characteristic of the physical layer below, entirely
related to hardware budget optimizations.
Elasticity is the ability to fit the resources needed to cope with loads dynamically usually in
relation to scale out. So that when the load increases you scale by adding more resources and
when demand wanes you shrink back and remove unneeded resources. Elasticity is mostly
important in Cloud environments where you pay-per-use and don't want to pay for resources
you do not currently need on the one hand, and want to meet rising demand when needed on
the other hand.

Q2) Explain in how network security programming works in iPhone platforms. Support
your answer with the help of a code or a demonstration.

Ans:

As more business moves to the cloud, security data is frequently spread across different tools,
clouds and IT environments. This requires teams to spend more time integrating tools and
information –and maintaining those integrations –and less time securing their organizations.
IBM Cloud Pak for Security helps teams address these issues with an open, secure platform.

Network security:

Network security is a broad term that covers a multitude of technologies, devices and
processes. In its simplest term, it is a set of rules and configurations designed to protect the
integrity, confidentiality and accessibility of computer networks and data using both software
and hardware technologies. Every organization, regardless of size, industry or infrastructure,
requires a degree of network security solutions in place to protect it from the ever-growing
landscape of cyber threats in the wild today.

It uses three types of network security systems.

Physical network security


Technical network security
Administrative network security.
Network security is any activity designed to protect the usability and integrity of your
network and data.

 It includes both hardware and software technologies.


 It targets a variety of threats.
 It stops them from entering or spreading on your network
 Effective network security manages access to the network.

How does network security work?

Network security combines multiple layers of defenses at the edge and in the network. Each
network security layer implements policies and controls. Authorized users gain access to
network resources, but malicious actors are blocked from carrying out exploits and threats.

Q3) IBM recognizes the need for official policies that clearly state how employees should
and should not use company’s property at work. Consult some free policy templates provided
by SANS institute. Which of the policies do you think are the most relevant to IBM’s security
concerns as noted in the scenario? Discuss in detail.

Ans:

IBM is committed to principles of business ethics and lawful conduct. It is IBM's policy to
conduct itself ethically and lawfully in all matters and to maintain IBM's high standards of
business integrity.
Work Diversity:
The employees of IBM represent a talented and diverse workforce. Achieving the full
potential of this diversity is a business priority that is fundamental to our competitive success.
A key element in our workforce diversity programs is IBM's long-standing commitment to
equal opportunity and an inclusive workplace.
IBM has more than 100 years of work on diversity, inclusion and equality in the workplace.
That legacy, and our continued commitment to advance equity in a global society, has made
us leaders in diversity and inclusion. Guided by our values and beliefs, we’re proud to foster
an environment where every IBMer is able to thrive because of their differences, not in spite
of them. IBM has taken and will continue to take a bold stand in favour of equal opportunity
for all.
Employees Participation:

It is IBM’s long–standing policy that we participate in politics as private citizens, not as


IBMers. Therefore, it is the policy of the IBM Company not to make contributions of
resources such as money, goods or services to political candidates or parties. This policy
applies equally in all countries where IBM does business, regardless of whether or not such
contributions are considered legal in any host country.

We encourage IBM employees to participate in political activity in their individual


communities and countries. The company will do everything reasonable to accommodate
employees who need to be away from work while running for or holding political office, or
fulfilling significant party duties during a campaign or election. IBM will not pay employees
for time off for political activity. However, if a country where IBM does business has a law
that requires an employer to give time off, with pay, to any employee holding public office,
then that law takes precedence.

SANS:

SANS is the most trusted and by far the largest source of cyber security training in the world.

It offer training through several delivery methods including OnDemand and instructor-led
both Live Online (virtual) and In-Person. Our cybersecurity courses are developed by
industry leaders in numerous fields including network security, digital forensics, offensive
operations, cybersecurity leadership, industrial control systems, and cloud security.

SANS OnDemand was designed to offer you convenient and flexible online cybersecurity
training, on your terms. Students who use OnDemand are able to avoid travel, learn from the
best in the business and study at their own pace.

Policies:

IBM has a strong tradition and commitment of exemplary corporate citizenship. We feel a
deep sense of responsibility both inside and outside the company -- a focused determination
to enhance the communities in which we do business.

IBM has selected strategic areas that focus initiatives and investment for higher impact. They
are:

 Education and skills,


 Disaster resiliency, and
 Health, with a focus on addressing disparities in cancer care in low- and middle-
income countries.

You might also like