Week 6 Essay Questions Instructions: Answer All Questions ✓ Solved

Week 6 Essay Questions

Instructions: Answer all questions i

Week 6 Essay Questions

Instructions: Answer all questions in a single document. Then submit to the appropriate assignment folder. Each response to a single essay question should be about a half-page in length (about 150 words).

1. Providing physical security to a facility involves numerous methods designed to discourage a determined attacker.

Perimeter fencing, gates, bollards, lighting, CCTV, as well as roaming security patrols and dogs are all designed to prevent easy access to the facility.

In the event that these physical security controls are breached, perimeter monitoring and detecting devices can provide notification of further attempts to gain access to the facility.

Describe three perimeter intrusion detection systems and give an example of one that you have seen deployed either at work or another location that you are familiar with.

2. Many organizations value their information so highly that they invest in a redundant site in the event that a catastrophic event interrupted service operations in their primary site.

Different options are available for facility recovery at varying costs and states of readiness.

Describe the differences between the hot, warm, and cold site methods of facility recovery.

What is a rolling hot site? What is a reciprocal agreement?

3. There are many different categories of evidence and each type varies in its value in supporting an investigation.

What are the four characteristics that help ensure that evidence is legally admissible in court?

Describe hearsay evidence and its admissibility.

Paper For Above Instructions

Question 1: Perimeter Intrusion Detection Systems (PIDS)

Example deployment: At a university campus, security staff reported a perimeter breach using a combination of fence-mounted fiber-optic sensing, radar intrusion detectors near a perimeter bend, and IP-based CCTV with analytics at the main access points. The coordinated system generated a real-time alert to the security operations center, enabling a rapid response path that included gate lockdown and patrol dispatch. This example illustrates how integrating multiple PIDS components strengthens detection capabilities and reduces response times by leveraging redundancy, situational awareness, and a clear escalation process (ASIS guidance; NIST SP 800-53 Rev. 5). (ASIS; NIST SP 800-53 Rev. 5, 2020)

Question 2: Disaster Recovery Site Types, Rolling Hot Sites, and Reciprocal Agreements

A rolling hot site is a DR capability where a provider maintains multiple hot-site capacity locations that can be switched in or rotated among customers to ensure capacity availability during outages. This approach can improve resilience for organizations that require high availability but cannot maintain a dedicated, always-on hot site themselves, trading off some control for greater geographic diversity and redundancy (TechTarget). (TechTarget, 2019)

A reciprocal agreement (also known as a mutual aid agreement) is a formal arrangement between two or more organizations to provide assistance, including facilities or resources, in the event of a disaster. In a DR context, reciprocal arrangements allow participating organizations to temporarily relocate or run critical operations at partner sites or to share facilities and infrastructure to minimize downtime (FEMA; ISO 22301; DRII guidance). (FEMA CGC; ISO 22301; DRII)

Question 3: Evidence Admissibility and Hearsay

Hearsay is an out-of-court statement offered for the truth of the matter asserted and is generally inadmissible unless an exception applies. Hearsay rules govern what counts as an out-of-court statement and outline exceptions that allow certain statements to be admitted (e.g., business records, excited utterances, public records). The legal framework for hearsay is documented in the Federal Rules of Evidence, and authoritative explanations are available from the Legal Information Institute and U.S. courts. (Cornell LII – Hearsay; FRE 801-803; FRE 902; FRE 1001-1008). (Cornell LII; FRE 801-803)

In practice, maintaining proper chain of custody, corroborating evidence through multiple independent sources, and ensuring proper authentication of documents, communications, and digital records are essential steps to minimize challenges to admissibility. Proper documentation of collection methods, storage, and handling reduces the risk that evidence will be excluded on technical grounds, while recognizing that certain types of evidence (e.g., digital metadata, logs) require specialized authentication and validation processes. (NIST SP 800-53 Rev. 5; FRE 901; FRE 403; DRII best practices). (NIST SP 800-53 Rev. 5, 2020; FRE 901; DRII)

Conclusion

References

1. NIST SP 800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations. (2020). National Institute of Standards and Technology. https://nist.gov/publications/security-and-privacy-controls-information-systems-and-organizations-sp-800-53-rev5
2. NIST SP 800-34 Rev. 1: Contingency Planning Guide for Federal Information Systems. (2010). National Institute of Standards and Technology. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf
3. ISO 22301:2019: Security and resilience — Business continuity management systems — Requirements. International Organization for Standardization. https://www.iso.org/standard/75139.html
4. FEMA: Continuity Guidance Circular (CGC). Federal Emergency Management Agency. https://www.fema.gov/media-library-data/20130726-1740-25087-Continuity_Guidance_Circular.pdf
5. Disaster Recovery Institute International (DRII). Best Practices for Business Continuity and Disaster Recovery. https://www.drii.org/
6. TechTarget: What is a hot site, warm site, cold site? https://searchdisasterrecovery.techtarget.com/definition/hot-site-warm-site-cold-site
7. TechTarget: Rolling hot site. https://searchdisasterrecovery.techtarget.com/definition/rolling-hot-site
8. Cornell LII: Federal Rules of Evidence (FRE). https://www.law.cornell.edu/rules/fre
9. Cornell LII: Hearsay. https://www.law.cornell.edu/wex/hearsay
10. Cornell LII: Authentication and identification (FRE 901). https://www.law.cornell.edu/rules/fre/rule_901