Project #60873 - Infoformation System Security: Risk, Threats, and Mitigation Steps

NO PLAGERISM 

 

 

BUDGET is $125 MAX!!!!!

 

Answer the 8 questions below in a minimum of 200 words each.  This is not an essay.  Rather short answers to each.  NO REFERENCE required.  

 

#1.  Answer DQ1 in 200 words.  

 

Review the Monitoring, Alerting and Reporting Part 1 lab (Link below). What did you learn? What did you think was most valuable?

 

https://vlabs.holsystems.com/vlabs/technet?eng=VLabs&auth=none&src=microsoft.holsystems.com&altadd=true&labid=9784

 

#2.  Answer DQ2 in 200 words.  

 

What is an important difference between risk management applied to enterprise systems and risk management applied to other contexts?

 

#3.  Respond to James’ answer to DQ2 in 200 words. 

 

The definition I found was kind of generic stating "Enterprise Risk Management ("ERM") is a strategic business discipline that supports the achievement of an organization's objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio." The added capital management and liquidity management to risk management have enabled ERM to become stable at this level. Even though all of the stated risks in an ERM portfolio contribute to it I think another identifiable risk would be Reputation risk. An enterprise has to consider this more than risk management in other contexts. There are ERM risks that will hurt the reputation of a company from a decision made by its management and stakeholders. For example, if the enterprise is a manufacturing company of a product that is in high demand and the enterprise is trying to cut costs. If the organization decides to outsource the manufacturing oversees and the employees and consumers become disgruntled over this decision it could affect future earnings. Even though the company is savings costs in manufacturing it has now hurt its reputation by the decision it has made by outsourcing and puts the future of the organization at risk.  

 

 Reference: http://www.rmahq.org/risk-management/enterprise-risk

 

#4.  Answer DQ3 in 200 words.  

 

What is an important difference between risk management applied to enterprise systems and risk management applied to other contexts?

 

 

 

#5.  Respond to Troy’s answer to DQ3 in 200 words.  

 

Typically the first step in securing any information system is creating a security policy that address the concerns and vulnerabilities of the system. This policy will give the users an understanding of what is expected of them while operating the system and the consequences for misuse. 

 

Physical security is the key to safe and confidential computing. User log in credentials are a good security measure but do not help if the data is lost, stolen, or damaged. Back up the data to a safe place in the event of loss to prevent the system from unneeded downtime. All sensitive equipment, such as servers or data storage devices should be stored in a secure location with limited access from users.

 

A computer virus is a program that has the unique ability to replicate. Computer viruses spread quickly and are difficult to eradicate. They can attach themselves to any file and can arrive on anyone's machine through e-mail, networks, Internet, pirated software, shared or downloaded files and other media. 
In addition to replication, these viruses may also display messages or images; they can also destroy files, reformat hard drives, or compromise computer system security. Even if there is no visible damage, the virus can cause trouble by consuming storage space and memory, and degrading the overall performance of your computer. Viruses won't go away by themselves. More than 60,000 viruses have been identified, and 400 new ones are created every month, according to the International Computer Security Association (ICSA). It's fairly safe to say that most organizations will encounter some level of virus outbreaks. No one who uses computers is immune to viruses. Properly configured anti virus software in combination with a network firewall will help to prevent and identify viruses and malware from a company network.

 

#6 Respond to Mack’s answer to DQ3 in 200 words.  

 

Due to the recent cyber attacks on different major corporations, many have decided to deal with the aspect of protecting their information in different ways. One method is protecting their information networks or systems from damage by spyware, malicious code, and viruses.  Businesses can implement a centrally managed anti-virus and anti-spyware software on each and every computer associated with their business. This type of software can by set to automatically check for updates and scan to detect any malicious attacks. It is also plausible for these businesses to provide copies of this anti-virus software for their employees, since many of them do work from home. Another stage is managing and controlling they physical access to their network and computer devices. Companies have set policies to ensure that their system is protected by unauthorized users from physically accessing  their systems by locking up laptops when not utilized and positioning computers so that individuals passing by do not see the information on the screen. Setting standards for appropriate personnel to access certain offices and departments. One more stage of protecting information systems is requiring individual user accounts on business computers and applications for each and every employee. Establishing a separate account for each employee and requiring they creates great sturdy passwords. By utilizing computer accounts for each employee that do not have administrative rights can ensure that the information systems are better protected.  Developing individual accounts enables corporations to restrict access to sensitive data, like personnel, inventory, financial, and manufacturing information.

 

Reference:

http://www.hrsa.gov/healthit/toolbox/HIVAIDSCaretoolbox/SecurityAndPrivacyIssues/howdoiensuresec.html

 

#7.  Answer DQ4 in 200 words.  

 

Imagine you are a security consultant. What are four specific enterprise system threats? For each threat, what mitigation steps should a company take?

 

#8.  Respond to Peter’s answer to DQ4 in 200 words.  

 

Four specific enterprise system threats are:

1.) Exploiting information via remote access software

A considerable amount of insider abuse is performed offsite via remote access software such as Terminal Services, Citrix and GoToMyPC. Simply put, users are less likely to be caught stealing sensitive information when they can it do offsite. Also, inadequately protected remote computers may turn up in the hands of a third-party if the computer is left unattended, lost or stolen.

Mitigation steps:

Solid share and file permissions are critical, as is OS and application logging. With many remote access solutions, you can also enable tighter security controls on certain features and system access, monitor employee usage in real time, generate usage logs and more. Look deeply into the configuration of your system and determine which features and audit trails can provide better management, reporting and security. Also, it's common for abuse to take place during non-business hours, so consider limiting the times that users can remotely access systems.

 

2.) Sending out information via e-mail and instant messaging

Sensitive information can simply be included in or attached to an e-mail or IM. Although this is a serious threat, it's also one of the easiest to eliminate.

Mitigation steps:

An effective way to catch sensitive information leaving the network is to set up a network analyzer and filter keywords, specific attachments, etc.

You can also utilize client or server-based content filtering to catch and block sensitive information going out. However, perimeter-based or outsourced messaging security solutions offer content filtering and blocking that is much easier to manage.

 

3.) Sharing sensitive files on P2P networks

Whether or not you allow peer-to-peer file sharing software such as Kazaa or IM on your network, odds are it's there and waiting to be abused. The inanimate software in and of itself is not the problem  it's how it's used that causes trouble. All it takes is a simple misconfiguration to serve up your network's local and network drives to the world.

Mitigation steps:

If your organization allows P2P software, it behooves you to ensure that users are aware of the dangers. There are even certain perimeter-based P2P content monitoring solutions that can help keep sensitive data safe.

If you don't want P2P software on your network, you can try blocking it at the firewall; however, the software is smart enough to find open ports to go out. This is another good use for a network analyzer and even more justification for performing a firewall rule audit.

 

4.) Careless use of wireless networks

Perhaps the most unintentional insider threat is that of insecure wireless network usage. Whether it's at a coffee shop, airport or hotel, unsecured airwaves can easily put sensitive information in jeopardy. All it takes is a peek into e-mail communications or file transfers for valuable data to be stolen. Wi-Fi networks are most susceptible to these attacks, but don't overlook Bluetooth on smartphones and PDAs. Also, if you have WLANs inside your organization, employees could use it to exploit the network after hours.

Mitigation steps:

You cannot control the airwaves outside of your office, but you can enable secure wireless hotspot usage for your Wi-Fi users. This entails using a VPN for remote network connectivity, a personal firewall to keep users from connecting to the wireless computer and SSL/TLS for all messaging (i.e., Webmail via HTTPS, POP3s, IMAPs and SMTPs).

 

 

http://searchsecurity.techtarget.com/tip/Five-common-insider-threats-and-how-to-mitigate-them

Subject Computer
Due By (Pacific Time) 03/06/2015 09:00 pm
Report DMCA
TutorRating
pallavi

Chat Now!

out of 1971 reviews
More..
amosmm

Chat Now!

out of 766 reviews
More..
PhyzKyd

Chat Now!

out of 1164 reviews
More..
rajdeep77

Chat Now!

out of 721 reviews
More..
sctys

Chat Now!

out of 1600 reviews
More..
sharadgreen

Chat Now!

out of 770 reviews
More..
topnotcher

Chat Now!

out of 766 reviews
More..
XXXIAO

Chat Now!

out of 680 reviews
More..
All Rights Reserved. Copyright by AceMyHW.com - Copyright Policy