User Account

All Pages

How and where will host-based firewalls be used

Assignment Help Computer Network Security
Reference no: EM131152955

CYBER SECURITY ASSESSMENT

INSTRUCTIONS: When addressing this question #6: 1) you only need to refer back to the final exam case study description; 2) address the points presented in the 1st two columns (i.e. 'ABC Cyber Security Plan' and 'Questions to Consider') by filling in the Action Plan colum (yelllow cells); 3) you can add additional space if needed; and 4) bullet point entries are acceptable.

ABC Cyber Security Plan Questions to Consider Action Plan

Security Plan Requirements Reference to help with responses Describe your recommendations and projected improvements

Define/update the "security objectives" for confidentiality, integrity, and availability of information resources, describing the potential harm/security impact that failure to achieve security objectives would have on the operations, function, image/reputation, or ability to protect personal information. Biefly describe your cyber security plan recommendations for ABC include objectives and any action/security plans resulting from your security review.

Education & Security Awareness Training

Conduct appropriate security awareness training for employees. QUESTIONS: Describe your recommendations to provide security information to your client's workforce, including the proper handling of information and how information about relevant policies and laws is distributed. Is training required for access to this system or service? If so, does it include security information, either general or specific to the systems/service (e.g. restricted data reminders)? Do you include security information in response to security-related events? More generally, how are people made aware of the reources described above?

Identity and Access Management

"* Control accurate identification of authorized parties and that provides authenticated access to and use of network-based services.

* Control access by authentication and authorization mechanisms to insure that only identifiable individuals with appropriate authorization gain access to specified computing and information resources. " QUESTIONS: How Is authentication used for access to these systems or services? Does this system or service utilize the name as part of authentication? Is the authentication system local or is it integrated with something central, e.g. kerberos or Active Directory? What is the mechanism for handling authorization, e.g., is it technically enforced within the application?

Security Program Processes

Risk Assessment, Asset Inventory & Classification

" Inventory computing devices (servers, desktop computers, laptops, mobile devices, storage devices, etc.) and the characteristics of the information/data stored on or transmitted from/to those computing devices. Inventory applications and the characteristics of the data stored by or transmitted from/to those applications.

Classify each computing device and application based on the characteristics of the associated stored data or data transmitted from/to the computing device or application." Are you taking into account all the places where your data may be stored, including desktops, reports portable devices, etc. Additionally, is education in place instructing people to minimize storage and transmission of restricted data, such as by deleting, redacting or de-identifying restricted data whenever possible, including from storage devices? Are people aware of electronic discovery and data retention requirements (when it's OK to delete something and when it's not? where authoritative copies live?)
Vulnerability Assessment

"Understand and document the risks in the event of failures that may cause loss of confidentiality, integrity, or availability of information resources.

?Identify the level of security necessary for the protection of information resources." QUESTIONS: What are your gaps in required security controls (based on your assessment)? Identify if the risk is low, medium or high. Determine cost-effective actions, and document an action plan to address areas of high risk.

[Workforce] Administrative

* Control how employees and other affiliates are granted access privileges to computing and information resources and how those privileges for individuals are altered or revoked. Review privileged account access. "QUESTIONS:

Is there a formal authorization process for obtaining access to systems or data? Who is responsible for granting authorization? Please describe the authorization process. How about for obtaining privileged/admin access at any level, e.g. root access, superuser access, privileged application or database access, etc.? Does the Support Center have a role in account management for your system or service?

Are procedures in place to ensure prompt modification or termination of access or authorization levels in response to user separation or change in role? Including for people with privileged access? Are privileged accounts and individuals with access to these accounts reviewed periodically for appropriateness? Describe the review process, including frequency."

* Conduct appropriate background checks for personnel handling information classified as "sensitive" or "to be protected." "BACKGROUND: ABC HR procedures exist for identifying positions requiring background checks. ABC requires all staff to have background checks as standard part of recruitment process.

QUESTIONS: Are required background checks for employees in your organization implemented promptly upon hire or reclassification? Do you know whether other departments do the same for people who have access to your system? "

* Take appropriate personnel/disciplinary action(s) for violations of policy/procedures. "BACKGROUND: Organizational procedures for reporting violations of law or security policies/procedures.

QUESTION: Is management aware of procedures for reporting violations of law or policy/procedures? Are individuals? Does the department have any local procedures in addition to campus procedures? Are violations and responses reported and documented?"

Applications Systems Management

* Control application systems development/maintenance through conformance with specifications in local standards, procedures, guidelines, and conventions; conduct application vulnerability assessments as appropriate. QUESTIONS: Describe the process used to develop/deploy new application(s) from inception (requirements, function, funding), to development (coding standards, application security, authentication/authorization), and deployment (workflow, management approval, alpha/beta testing and pilot, release). How will application development take into account business decisions about how restricted or confidential information should be collected, stored, shared, and managed? How are application vulnerability assessments performed? Is appropriate separation of duties in place? Is data in test, training and development systems protected according to its classification, including storage, transmission, bug reports, and bug reporting systems?

* Control production application software modification through change management procedures for major systems. "BACKGROUND: ABC has adopted divisional change management process for outage communications and maintenance window guidelines.

QUESTIONS: Explain procedures used to manage and document changes. Include any method in place to provide history of changes. Are change management procedures in place where restricted data is involved and for essential systems? Are changes tested and backout plans developed? Is documentation updated based on changes?"

Risk Mitigation Measures

Protect resources in the event of emergencies. "BACKGROUND: The system or service is in the IT Data Center, this information is provided by the ABC Core Tech Operations group. The Data Center has regular data backups and mitigations for infrastructure failures, including power, fire, flooding.

QUESTIONS: Where is this system or service housed, including backups? If not in the IT Data Center, or for any portions not in the Data Center, describe what is in place for the prevention, detection, early warning of, and recovery from emergency conditions. For example, are there locks, is there UPS or generator back-up power, is there fire suppression? Are procedures in place to protect restricted data during emergencies when focus may be elsewhere? Are there regular backups of critical/essential data and are they securely stored in an off-site location?"

Incident Response Planning & Notification Procedures

Maintain incident response and notification processes. "BACKGROUND: Does the organization have an implementation plan for protection of electronic restricted data and data security incidents are to be reported?

QUESTIONS: How will employees become aware of procedures for reporting and responding to potential security incidents? Do additional departmental procedures exist, and if so, are people aware of them?"

Third Party Agreements

Ensure that contracts with external entities include data security language. QUESTIONS: Is additional language, e.g. for HIPAA or PCI, required? Assuming a third party managing a web site for you that collects sensitive data, such as SSN, credit card info, or other PII or restricted data, how will compliance aspects be handled?

Security Controls

* Control passwords through password management conventions and vulnerability assessment procedures. - [Passwords and other authentication credentials] QUESTIONS: How will the password policy be monitored and enforced by your system or service? Describe any limitations that prevent this and additional mitigations to compensate. How will passwords be tested for strength? Are there any expiration or password aging policies? Will individuals have unique access credentials? How about vendors/contractors?

* Control access to working sessions through session timeout mechanisms. -[Session protection] QUESTIONS: Is there a session timeout for the application, including for administrators? Are users encouraged to implement screensaver locks at the desktop? Are desktops configured to automatically lock or go to screensaver after a period of inactivity?

* Control privileged account access through defined procedures for providing privileged accounts and reviewing activity under privileged account. - [Privileged access] QUESTIONS: See "[Workforce] Administrative," above for process for obtaining privileged access/accounts. Is privileged access and activity logged? Are logs reviewed periodically? Are they reviewed in response to potential security events? Do individuals have unique access credentials for privileged access?

Systems and Application Security

* Control systems-level access through review of personnel assignments for appropriate classification, security responsibilities, and separation of duties. "BACKGROUND: Centralized systems and applications are supported by ABC employees with IT-related classifications.

QUESTIONS: Do job descriptions for individuals who provide application and system support accurately reflect their duties and access to restricted data or systems? Are individuals who provide IT-related services trained and knowledgeable in these areas of responsibility? Do defined procedures exist for reviewing personnel assignments for appropriate classification, security responsibilities, and separation of duties?"

* Backup systems supporting essential activities; encrypt data where required to secure backup data. "

QUESTIONS: How will system backups containing restricted data be secured? How will data integrity/user functionality be ensured/verified upon recovery or restore? Is a retention and disposition schedule in place for backups? "

* Protect computing and information resources from malicious software (e.g., viruses, worms, Trojans, spyware, etc.)- QUESTIONS: How will the system protect against computer viruses and spyware? How is this verified? What about for systems not in the Data Center?

* Maintain currency of operating systems and application systems software. - [Patch Management] QUESTIONS: Describe the patching process, including frequency, whether it is a manual or automatic process, and verification. Is there a testing or backout procedure? What is the process for severe or critical updates?

Audit Logs

Monitor for attempted/actual unauthorized access through review of access and audit logs. QUESTIONS: Where will audit logs be enabled? What types of activiteis will be captured in the logs? What procedures are in place to proactively review logs or is review event-driven, such as in the case of problems or potential security incidents?

Encryption

Control risk of unauthorized access to "sensitive"/"restricted" data by use of encryption. QUESTIONS: Describe encryption methods or mitigating controls: Are passwords or other authentication tokens encrypted in transit and in storage? Is restricted data encrypted during transmission, including printing? Is stored restricted data encrypted? How about database tables or columns with restricted data elements? Is restricted data on backups, portable devices and media encrypted or otherwise protected? Are encryption keys secure? Are encryption keys managed to ensure availability of essential data?

Physical/Environmental Controls

" Control access to facilities by appropriate measures - [Physical Access Controls]

Track movement of devices - [Tracking Reassignment or Movement of Devices & Stock Inventories]

Remove data before equipment is re-deployed, recycled, or disposed. - [Disposition of Equipment]" "BACKGROUND: The system or service is in the Data Center, this information is provided by the Core Tech Operations group. Access to the Data Center is regulated by the Data Center Access Policy as well as physical security controls (i.e. locks). Movement of equipment is tracked; rack inventory is updated as needed, reviewed quarterly. Devices are stored securely pending secure destruction.

QUESTIONS: Where will this system or service be housed, including backups?

* Describe the physical security controls protecting access to the facility, systems and data, including backups and portable devices.

* Are facility access policies in place, including procedures to verify the identity of individuals and tracking of entry and exit, including for visitors and guests?

* Are all critical and restricted systems locked down?

* Is there a unit inventory of all computers and storage devices with restricted or critical data, including portable devices (data sticks, CDs, PDAs, etc.) and media? Is there frequent movement of equipment? Is there a check-out/in or tracking system in place?

* Are procedures in place to ensure secure removal or destruction of data before equipment or electronic media is re-deployed, recycled or disposed?"

* Control physical security of portable media. - [Portable & Media Devices (III.C.3.e)] QUESTIONS: Are portable devices and media used? If so, are procedures in place to ensure their physical security? Are laptop computers locked down? Is restricted data on portable devices and media encrypted? Is there a practice of reviewing and deleting data from portable devices when no longer needed?

* Control access to networked devices How will the system control access to networked devices?

* Protect passwords or other authentication tokens while in transit? How will the system protect passwords or authentication tokens in transit?

* Control potential security loopholes for operating system, application software, and firmware code on all devices connected to the network. How will the system control potential security loopholes for operating system, application software, and firmware code on all devices connected to the network?

* Protect networked devices against malicious software. - [Malicious Software Protection Question: How will the system protect against malware and other types of malicioius software?

* Control the use of networked devices for intended purposes by eliminating unnecessary services from devices. QUESTIONS: How will the system control the use of networked devices for intended purposes by eliminating unnecessary services from devices

* Control network communications to/from networked devices through host-based firewall software, as available. QUESTIONS: How and where will host-based firewalls be used? What about network firewalls and Intrusion Detection System/Intrusion Prevention System?

* Prevent networked devices from becoming unauthorized email relays. QUESTIONS: How will the system secure devices from becoming unauthorized email relays? How will they be configured?

* Control access to network proxy servers through authentication QUESTIONS: Does organization run any network proxy servers? Is access controlled through authentication?

Special Categories of Data

HIPAA Security Rule /Practices for HIPAA Security Rule Compliance "Since ePHI is present, how will organizational resources be ensured to comply with HIPAA and SOX Security Requirements? How will the compliance practices be monitored?

Payment Card Industry Data Security Standard (PCI DSS) How will credit card information be stored, processed or transmitted so as to ensure compliance with PCI? (e.g. ensure that credit card environment is PCI compliant).

Reference no: EM131152955

Questions Cloud

Compare a use case description and an activity diagram : Compare a use case description and an activity diagram. Devise a scenario in which you would use a case description, and devise a scenario in which you would use an activity diagram.
Series of experiments with electro-migration : You now conduct a series of experiments with electro-migration at the same 2 temperatures (T1 = 25ο C and T2= 60ο C). The current density at T1 was 2 mA/μm2 and the current density at T2 was 1 mA/μm2.
Find the probability that the number who consider : Find the probability that the number who consider themselves baseball fans is (a) exactly five, (b) at least six, and (c) less than four.
What is the general concept of an iron triangle : Describe what happens when you "increase" or "decrease" one corner of the triangle. For example, I'll give you one of the answers and tell you that one corner of the triangle is "cost." What happens to the other two attributes when you increase o..
How and where will host-based firewalls be used : How and where will host-based firewalls be used? What about network firewalls and Intrusion Detection System/Intrusion Prevention System?
Confidence interval for the mean daily return : If we assume that the returns are normally distributed, find a confidence interval for the mean daily return on this stock. Then complete the table below.
Schedule often suffer from insomnia : Pilots who cannot maintain regular sleep hours due to their work schedule often suffer from insomnia. A recent study on sleeping patterns of pilots focused on quantifying deviations from regular sleep hours. A random sample of 30 commercial airlin..
Methods to monitor and control your proposed strategic plan : Develop at least three methods to monitor and control your proposed strategic plan, being sure to analyze how the measures will advance organizational goals financially and operationally
Estimate for the mean birth weight : A scientist studying babies born prematurely would like to obtain an estimate for the mean birth weight, U(mean) , of babies born during the 24th week of the gestation period.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Compare u.s. and e.u. policies

Compare U.S. and E.U. policies and underlying philosophies of privacy. Include references to monitoring and privacy in the workplace, surveillance, and disclosure/data privacy. In your estimation, could self-regulation be effective or does it need to..

  Incident and crime scene procedures

Determine the purpose of creating a digital hash. Explain in detail the need for this procedure and the potential damage if this critical step is not taken.

  Explain role of access controls in implementing a security

Explain the role of access controls in implementing a security policy.

  Identify all potential security threats on personal computer

Identify all the potential security threats on a personal computer. Identify some of the techniques an attacker might employ to access information on the system.

  Companys needs for these types of security

Details on physical security, you have to make sure you include the basics. Make sure you detail what will deter hackers from breaking in. Be sure to include your references -

  Project - prepare a local it security policy

Project: Prepare a Local IT Security Policy- In Project 1, you developed an outline for an enterprise level IT security policy. In this project, you will write an IT security policy which is more limited in scope - a local IT security policy

  Overview of information security fundamentals

This assessment task is based on the following topics discussed in the subject: the overview of Information security fundamentals, security threats, cryptography, malicious software and its countermeasures, operating system security and software ..

  Describe nondeterministic polynomial time algorithm

How would you go about proving that the above two problems are indeed NP-Complete and describe a nondeterministic polynomial time algorithm for problem.

  Perform an attack against the cipher based

Perform an attack against the cipher based on a letter frequency count: How many letters do you have to identify through a frequency count to recover the key? What is the cleartext?

  Encrypt block in block cipher using key

Suppose that there is block cipher ABC that always encrypts block of b=72 bits using key of k= 60 bits. Prove that XYZ doesn't give much stronger security than ABC.

  Details of the attack on the playstation network

Briefly summarize the details of the attack on the PlayStation Network, including the dates of when the attack started and was eventually uncovered.

  Differences between file viruses and boot viruses

What are the differences between file viruses and boot viruses

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd