Link to follow for this work.
https://cyberactive.bellevue.edu/bbcswebdav/pid-8295056-dt-content-rid-13195879_2/xid-13195879_2 Each student should pick TWO cells that have not already been addressed by another student. Describe how the cell can be used to identify specific countermeasures that can be implemented to reach a security goal during a given information state. Simply identifying the cell is not acceptable. For example, consider the cell (availability, storage, policy). That means you should address how to a policy can be used to make sure that our stored data will be available when needed.
McCumber’s Cube is represented as a three dimensional (3x3x3) cube, yielding a total of 27 cells. Each cell represents an area of intersection among the three dimensions. Those dimensions represent the information’s state (transmission, storage, or processing), countermeasures (technology, policy/practice, or people), and the security goal that mitigates risks to the confidentiality, integrity, and availability of the information. One method to use this model is to address each of the intersections of the three dimensions. For example, the intersection of Confidentiality – Technology – Storage could prompt a security professional to protect the confidentiality of a payroll system in storage (at rest) by means of a technology such as encryption.
Another way to look at the cube is by starting with an attack/threat. Then determine which information state (transmission, storage, or processing) is most affected by the threat (Price, 2008). Select a countermeasure (technology, policy/practice, or people) that can mitigate the threat. This process is mapped to reach a particular security goal (confidentiality, integrity, or availability). Using Price’s extended version of the model helps focus on specific threats and countermeasures needed to define the risk assessment.
Price, S.M. (September, 2008). Extending the mccumber cube to model network defense. ISSA Journal. 14-15. Retrieved from http://www.bluetoad.com/publication/?i=5669&p=14
Read through the Blogging Directions and other content located in the Blog Resources accessible from the Course Menu. Make sure you understand the requirements before you create your blog. Then post the name and link to your blog in the Student Blog Links discussion forum. You are not required to post in this forum each week.
In your post, describe the theme you will be using over the term. For example, Securing mobile devices or Issues of information security in healthcare organizations.
You need to both create the blog and populate it with your first entry.
Each blog entry should be a minimum of 250 words. You should give proper credit to ideas, articles or webpages you reference. And please put the week number at the top of each entry. One weekend you may feel particularly blogworthy and post the next three entries on the same day. It is extremely hard to assign the proper grades unless the weeks are identified on the blog.