Responses week 1 | Computer Science homework help

Provide (4) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1, 2, 3 and 4 below. Ensure you list and break down each response in a word document. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.


ISSC 471

1. What is IT Security Auditing? What does it involve?

An IT security audit is a comprehensive examination and assessment of an information security system. By conducting regular audits, organizations can identify weak spots and vulnerabilities in their IT infrastructure, verify security controls, ensure regulatory compliance, and more. It involves running scans on IT resources like file-sharing services, database servers and SaaS applications to assess network security, data access levels, user access rights and other system configurations. It includes physically inspecting data centers for resilience to fires, floods, and power surges as part of a disaster recovery evaluation. Finally, it involves interviewing employees outside the IT team to assess their knowledge of security concerns and adherence to company security policy.

2. Why are Governance and Compliance Important?

To ensure that businesses protect their information, have consistent cohesion departmentally, and follow all governmental regulations, a governance, risk, and compliance program is important. This helps to minimize the threats and risks that companies are exposed to on a daily basis.

3. Explain in detail the roles and responsibilities in an organization associated with the following:

According to our lesson, the risk manager, auditor, and executive manager have the following responsibilities:

  • Risk Manager – responsible      for identifying organizational risk.
  • Auditor – responsible for      conducting information assurance audit and applying frameworks to the      seven domains to align with compliance.
  • Executive Manager – responsible      for aligning external or internal compliance with governance requirements.

4. Define the Certification and Accreditation (C&A) Process and briefly discuss the phases of C&A.

It is my understanding that the C&A process is outdated, and we now use assessment and authorization (A&A) to follow terminology in the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). In my job, we follow NIST guidelines, and all of our accreditation processes follow the RMF process. The C& process was initiation and planning, certification, accreditation, and then continuous monitoring. Though I never worked with the C&A process, I have been working with RMF for about 2 years now, and it is very involved.


Tierney, M. (2020, Aug 5) IT Security Audits: The Key to Success. Retrieved from:

Hall, K.T. (n.d.) Why a Governance, Risk, and Compliance Program is Important for Your Business. Retrieved from:

Sengupta, S. (2018, Apr 13) Cyber Security – Certification and Accreditation. Retrieved from:



1. What is IT Security Auditing? What does it involve?

According to the reading this week an IT Security Audit is an internal assessment of an organizations policies, controls, and activities. An audit ensures that an organization is in compliance with legal regulations and that their security controls are adequate. Audits can involve any number of aspects within a business’ activities including finances, compliance, operations, investigations and information technology. An IT Security Audit also involves three goals, providing an objective and review of policies, providing reasonable assurance controls are in place, and recommendations for improvement.

 2. Why are Governance and Compliance Important?

As businesses become ever more reliant on technology governance and compliance become a more integral part of business function. Governance of IT systems ensures proper use as well as compliance and risk management, all vital to the success in a business environment. Compliance is important and beneficial to all aspects of a business, it ensures the reliability as well as public trust of a business which is vital to the business’ success.

 3. Explain in details the roles and responsibilities in an organization associated with the following:

   Risk Manager- A risk manager is familiar with the risks and vulnerabilities that an organization faces, as well as creating and evaluating risk management procedures. They are also responsible for knowing auditing controls as well as reporting procedures (Patel, 2016)
    Auditor- The roles and responsibilities of an auditor include assessing current security controls and risk management procedures, advise management on how to improve security controls, evaluate risks, and analyze internal operations (Kumar, 2017)
    Executive Manager- The Executive Manager is responsible for ensuring their department is aligned with company vision and goals. They help to create and implement policies and procedures, and they make business decisions, such as security policy changes, based on the information received from the risk manager and auditor (Woodman, 2018)

4. Define the Certification and Accreditation (C&A) Process and briefly discuss the phases of C&A.

The Certification and Accreditation process is a standardized process, activities, and management to validate, implement and ensure security. The phases of the C&A process include Phase I Initiation and Planning: Which defines the C&A effort, it documents the steps needed to achieve the desired accreditation. Phase II Certification: This phase verifies system compliance with the identified security standards. Phase III Accreditation: Here validation is made that the system is compliant and security accreditation is achieved. Phase IV Post Accreditation: This phase continuously monitors the system to ensure it remains compliant with accreditation standards (QTS, 2019).

Alysha Macleod

Kumar N. (2017) Roles and Responsibilities of an Internal Auditor. EnterSlice

Patel N. (2016) A Risk Manager’s Role in Strategic Leadership. NIC State.

QTS. (2019) The Four Phases of the Certification and Accreditation Process. QTS

Woodman C. (2018) Job Description of an Executive Manager. Career Trend

ISSC 341


There are 7 layers to the Open Systems Interconnection (OSI) model, but I will be discussing layers one and two. The first layer, physical layer, is responsible for the physical cable or wireless connection between the network nodes. It defines the connector, the electrical cable or wireless technology connecting the devices, and is responsible for transmission of raw data (Os and 1s). The second layer, data link layer, establishes and terminates a connection between two physically connected nodes on a network. It is comprised of two parts, Logical Link Control (LLC) which identifies protocols and performs error checking/synchronizes frames. Media Access Control (MAC) uses MAC addresses to connect devices and define permissions to transmit and receive data.

           IPv6 is the latest version of internet protocol and was introduced in 1998 by the Internet Engineering Task Force (IETF) to solve address space exhaustion. IPv6 uses 128-bit addressing instead of IPv4 32-bit addressing scheme. What that means is IPv4 address method uses four sets of one-to-three-digit number (, and IPv6 uses eight groups of four hexadecimal digits (2001:0db8:85a3:0000:0000:8a2e:0370:7334). While IPv6 may seem more secure and will eventually replace IPv4 one day, the adoption of it has been delayed because there’s a dual stack requirement. IPv6 is not backwards compatible with IPv4. There is a problem with the network address translation (NAT), which takes private IP address and turns them into public IP addresses.

           IPv4 allows for a variation of the network and host segments of an IP address, known as subnetting. It can be used to design a network physically and logically. Subnetwork addresses enhance local routing capabilities, while reducing number of address required. The subnet mask is used to show what part of the addresses is the network portion and what part is the host portion. In IPv4, there are 3 default subnet masks corresponding to three classes of IP address.

           Hope everyone is having a great start to their week!



Works Cited:

McKeever, G., Sillam, Y., R.M., Hathaway, M., Houcheime, W., P.W., Kerman, D., Lynch, B., Hewitt, N., & Ray, T. (2020, June 10). What is OSI Model | 7 Layers Explained | Imperva. Learning Center.

Fruhlinger, K. S. A. J. (2020, August 26). What is IPv6, and why aren’t we there yet? Network World.

Google IPv6 adoption Statistics. (2020). IPv6.

IPv4 subnetting. (2021). IPv4 Subnetting.



1. For this discussion, compare and contrast two layers of the Open Systems Interconnection (OSI) Reference Model, including the protocols that run on each layer. 

The Open Systems Interconnection (OSI) Reference Model consist of 7 layers and they are from top to bottom application, presentation, session, transport, network, data link and physical. The architecture of the OSI reference model is separated into 7 layers so it aids in development, design, and troubleshooting and provides changes in one layer without effecting the other therefor all layers are equally important. These 7 layers of OSI reference model are divided into 2 groups upper (top 3 layers) and lower layers (bottom 4 layers). The upper layers define communication between the applications of the end users and the lower layers define how the data is transmitted between the two applications. Common protocols used in the layers are TCP, IP/IPX and Ethernet for the lower group and for the upper group HTPP, SSL and RPC just to name a few. 

2. What was the reason that IPv6 was introduced? Why do you think many organizations are not

upgrading their network solely to IPv6 and run that protocol instead of running IPv4?

IPv6 was introduced for its capacity over the IPv4, IPv4 is out of IP addresses and holds 4.3 billion addresses. With the growing devices like the smartphone, tablets, computer and other devices IPv4 was not able to support which gave birth to IPv6 which supports 128 bit addressing. Many organizations are not upgrading because IPv4 is enough for the company and because the internet at large doesn’t support IPv6 end to end there is a need to encapsulate IPv6 traffic into IPv4.

3. What is the purpose of subnetting when using IPv4 addressing? What role does subnet mask play in subnetting of IPv4?

Subnetting provides network security, better performance while providing clean separation for troubleshooting. Subnet mask plays important part of masking the IP address. Looking forward to reading other post and learning the role of IPv4 and 6 as my knowledge on the subject is limited. Have a good rest of the week.


Imperva. (n.d.). What is OSI Model | 7 Layers Explained | Imperva? Learning Center. Retrieved from

PARR, B. (2011, February 03). IPv4 & IPv6: A Short Guide. Retrieved March 05, 2019, from Mashable:


Custom Papers Pro
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work with Us

Top Quality and Well-Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.


Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.


Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.


Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.


Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.