Think about a business you are familiar with, one that uses networks and
items such as computers, disks, equipment, and information such as sales data,
client data, and network configuration. Identify the threats these important items
are subject to. Devise a security policy to mitigate that threat. Document your
analysis process. Note that this information will be useful moving forward, so
develop it fully at this time. to support business functions. Create a list of ten important, specific
Criteria Part 1:
1. Identify ten unique items that must be protected.
2. Identified at least one threat for each of the 10 items.
3. Devised a policy to mitigate each threat.
Read the following mini security policy. Assess this security policy in four major
areas. What is missing, incomplete, inaccurate, or ill advised?
Acme Security Policy
Each document should have a footer or header identifying the level of
sensitivity. Suggested sensitivity levels are unrestricted and client
Email clients should enable
way regardless of where we work, our email traffic will not expose any
data to network eavesdropping techniques. If client confidential data must
be emailed amongst Pixel Inc. consultants, the file should be both for POP and SMTP. That
perhaps using a cross-platform product such as PGP ,
S/MIME, so that data cannot be read from email servers along the way. 9.0 or
File servers with shared folders should have access controls enabled to
only members of the authorized group. Shared folders should also be
encrypted so that physical theft of the server, its hard drives, or the
backups will not compromise data confidentiality.
Periodic backups will be made of server hard drives and stored offsite in a
secure location such as a safety deposit box. Access to the backups will
Only a select few consultants under contract to Pixel Inc. will be given the
file server Administrator account password. computers will not automatically login the administrator and each account will be password protected. Local folders containing client
sensitive data should be encrypted so that theft of the laptop or its hard
drive will not compromise data confidentiality.
Portable storage devices such as USB and Firewire disk drives or flash
disks and thumb drives may be used to store client sensitive documents if
they’re stored in encrypted folders or drive images.
protection. Users will switch on their screen saver to lock the computer
when they walk away from it. will have screen savers enabled with password
Passwords should be chosen wisely, i.e., common dictionary words would
not be used.
Criteria Part 2:
1. Identified four major areas of concern.
2. Determined two missing or incomplete aspects of the security policy.
3. Determined two inaccurate sections of the security policy.
4. Determined two inaccurate sections of the security policy.
5. Determined two aspects of the security policy that are ill-advised
|Due By (Pacific Time)||08/13/2014 12:00 am|
out of 1971 reviews
out of 766 reviews
out of 1164 reviews
out of 721 reviews
out of 1600 reviews
out of 770 reviews
out of 766 reviews
out of 680 reviews