List several types of information stored on the university administrative network. Next, list a few positions (jobs) within the administration. Finally, relate the positions to the data types, based on each position's need to know specific information. Which access control method would you recommend?Exercise 2:Suppose you are a security manager at a medium-size company. Several people on the staff are reluctant to follow the company's rules regarding the use of passwords. For example, these users may post their passwords in a conspicuous place, routinely use easily guessed passwords, or resist changing their passwords on a regular basis. How would you win such workers over to the notion that passwords must be used correctly? For the moment, set aside the premise that such users might be automatically shut out of the system for failing to use passwords in the prescribed manner. Exercise 3:A growing number of people believe that the use of biometrics is an invasion of privacy. For example, an eye scanning device records the inner structure of a person's eye and stores that image in a database. Critics worry that databases of human traits used to maintain corporate security may actually pose a privacy threat to individuals, if such data were used in other ways. In your view, are such concerns justified? Why or why not?Exercise 4:The owner of your company is becoming increasingly concerned about computer security and the laxness of users. Users regularly leave the office at the end of the day without signing out of their accounts. The company is trying to win a contract that involves working with the government and that will require additional security measures. What would you suggest to the owner?Network Security – Perimeter SecurityExercise 5: Compile an Infrastructure ListAs an administrator, you have to deal with a variety of devices every day. Not only must you attend to the needs of the servers, but you must also maintain internet access, manage a plethora of users and workstations, and keep everything running smoothly. You can have firewall after firewall in place, but if you are allowing access to a salesperson to dial in from the road with minimal safeguards, that connection becomes the baseline of your security.In this scenario, if you can gain approval from your organization, perform a general survey or inventory of the significant components comprising your network. See how many different network devices you can locate within your network. Make a note of all the devices that are connected, permanently or intermittently, to your network. See if you can answer these questions:• How many servers are there? What's the function of each, and what level of security applies to each?• How many workstations are there? What operating systems are they running? How do they connect to the network (cabling, wireless, dial-in)?• How does data leave the network (routers, gateways)? How secure is each of those devices? Are firewalls or other devices impeding traffic?• What else is connected to the network (modems and so on) that can be used to access it?This information should already exist and readily accessible. If your organization is like most others, though, the information doesn't exist, and devices are added as needed with the intent of creating documentation at some future point in time. There is no better time than the present to create it. One issue to watch out for the attitude many have: "It can't happen to us!" That is something to watch out for in planning meetings and to be prepared to handle.