Assignment 2: Evaluate Security Fundamentals

For this assignment, you will review another student’s initial discussion post for the previous assignment, ask them a relevant question related to their post, and engage in discussion until your question is answered. In addition, you will answer and engage any questions that are posted in reply to your initial discussion post from the previous assignment.

Discussion Requirements

There are two parts to this discussion. You will initiate a discussion with one other person, while you will also reply to anyone who initiates a discussion with you. For all posts that you make, you must do your own writing. Use of ChatGPT or other artificial intelligence tools is NOT PERMITTED.

Initiated Discussion

Read other students’ initial discussion posts. Find someone who is engaged in discussion with no more than one other person by looking at the replies to their initial post. Initiate a discussion by replying to this other student’s initial post with a well-considered question about their company and/or their analysis.

By way of example (this list is far from exhaustive):

• You might be confused about something they said or something they identified as a threat/vulnerability/control. You could ask for clarification.
• You might see another kind of data that they need to protect. In this case, form a question like “have you considered… ?”.
• Similarly, you might identify another threat or vulnerability, or you might have an idea for a control. Try to express your idea as a question, though you might have a bit of extra narrative to explain your question in more detail.

If you’re the first person asking a question for another student’s initial post, then you may ask any question. If you’re the second person, then ask a different question from the one that has already been asked. If two other people have already asked a question, then please choose a different student’s initial discussion post.

In your first reply post, begin by introducing yourself briefly. Your question should follow, phrased in a polite and professional manner.

Once the person who made the initial post has responded to your question, read the response to determine if they have answered your question fully. If not, post another question to narrow the discussion and/or explain your initial reasoning. Continue this process of question-and-answer until your original question is fully answered.

When you feel that your initial question has been fully answered, post a reply thanking the other person and indicating that you are satisfied with the answer.

Replies to Your Own Discussion

As other students ask you questions, reply to them in your own discussion topic. You shouldn’t be asked questions by more than two other students, and it’s also OK if nobody else happens to ask you a question. I might ask you followup questions as well, some of which might be accompanied with feedback through the gradebook if your discussion doesn’t appear complete.

Continue responding to the student(s) who ask(s) questions of you until you receive confirmation that you have given complete answer(s). You do NOT need to reply to a message indicating that the other student is satisfied with your answer.

Also reply to any questions I post. Some of these replies may be posted after we have started the next discussion.

Completion Standards

A complete discussion:

1. Has a post introducing yourself to another student and asking them a question about their initial discussion post.
2. Asks a relevant question that is directly related to the CIA Triad and/or threats, vulnerabilities, or controls that are applicable to the company described in the initial discussion post.
3. Asks for clarification, or poses followup questions, as required.
4. Thanks the other person whenever your question has been fully answered.
5. Contains answers to any question(s) that you are asked by someone else.
6. Is conducted in a civil and professional tone using proper English language skills (in other words, avoid text message speak and slang).

Assessment

Successful completion of this assignment satisfies the following course student learning outcome:

• SLO 3. Critically evaluate and manage information security policies, principles, processes, services, and technologies to manage risks and security threats for ensuring a secure information system technology infrastructure.