User Account

All Pages

COMP1431 Audit and Security Assignment

Assignment Help Computer Engineering
Reference no: EM132555329

COMP1431 Audit and Security - University of Greenwich

Learning Outcomes: Analyse and assess risk exposures of particular assets to particular threatsSpecification

Read the following and then write a report for your client.

MI5, Britain's domestic intelligence agency, has repeated its warning that foreign agents are trying to persuade company insiders to reveal secrets. IT staff with sysadmin access are considered popular targets because of their privileged access rights to many corporate systems.
Security company CyberArk points out that the targets are not the people but their access: "Privileged and administrative accounts are the most powerful in any organisation. They provide absolute control over a company's infrastructure. Attackers use techniques like malware and phishing to steal these privileged and administrative credentials.From Stuxnet to Snowden, the common denominator is that the breach occurred through an exploited privileged account. Attackers understand this - it's time for businesses to understand as well and proactively address these critical security gaps."

Another company, Vormetric, adds: "This warning confirms our contention that the abuse of privileged credentials is the next frontier for cyber crime against enterprises. With organisations such as Target, Morrisons and Korea Credit Bureau falling victim in quick succession, it is clear businesses are still struggling to defend their most critical assets from those legitimately within the perimeter.Vormetric recently surveyed 500 IT decision makers and found almost half believed insider threats had become harder to detect. Just nine per cent said they felt safe from insider threats. Vormetric advises companies to adopt an inside-out security architecture based on strict need-to-know principles. "Businesses must ensure constant monitoring of their IT to detect and respond to data breaches as soon as they happen - irrespective of whether the attack was internal or external."

A furthercompany, LogRhythm, did a study that revealed almost half of UK employees admitted having accessed or taken confidential information from the workplace, while 79 per cent claimed their illegitimate actions had never been identified. "LogRhythm stated "This indicates a gross level of negligence by companies who really should know better."

Part 1: Introduction
What is this report all about, why has it been produced?

Part 2 : PAM Accounts
What exactly could be done with stolen ‘privileged and administrativeaccounts'?

Part 3 : Need-to-Know Data Access
What is meant by ‘strict need-to-know principles'? How could this be arranged?

Part 4 : Data Leakage
What measures should be put in place to protect against employees accessing or taking "confidential information from the workplace. "Give five measures.

Part 5 : Repercussions in Public Domain
How might ‘Target, Morrisons and Korea Credit Bureau' have lost out now that this knowledge of their breach of security is in the public domain?

Part 6: Insider Threats Audit
How might auditors help with keeping the ‘insider threats' under control?

Part 7 :References and Appendices
List of references used and appendices included.

Attachment:- Audit and Security.rar

Reference no: EM132555329

Questions Cloud

How did the reading relate to fraud detection and deterrence : Select one of the readings and provide summary.How did the reading relate to fraud detection and deterrence? What did learn and how will apply it going forward?
Juvenile justice system is challenge of mental health : One sustaining issue in the juvenile justice system is the challenge of mental health.
Think about key elements of communication : If your group was attempting to develop a drug that prevented P. aeruginosa from utilizing quorum sensing and virulence factors, where could your drug target?
Is an alternative substantive procedure : Is there an alternative substantive procedure that you could perform that would provide convincing evidence that this balance is collectible? If so, explain.
COMP1431 Audit and Security Assignment : COMP1431 Audit and Security Assignment Help and Solution, University of Greenwich - Assessment Writing Service - Analyse and assess risk exposures
Describe the treatments used to treat the disease : Describe the respiratory disease you selected. Describe the treatments used to treat the disease. Consider holistic and traditional treatments.
What do think man actions to pay off debt quickly : What do you think of this man's actions to pay off debt quickly? Do you think he was being extreme or wise? Would it be hard for you to live in austerity?
Many security experts argue that primary concern : Many security experts argue that their primary concern isn't hardware or software.
Calculate personal debt ratio : Calculate your own personal Debt Ratio. You may use hypothetical numbers if you want to keep your actual information private. State whether you think this ratio

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd