User Account

All Pages

How and where will host-based firewalls be used

Assignment Help Computer Network Security
Reference no: EM131152955

CYBER SECURITY ASSESSMENT

INSTRUCTIONS: When addressing this question #6: 1) you only need to refer back to the final exam case study description; 2) address the points presented in the 1st two columns (i.e. 'ABC Cyber Security Plan' and 'Questions to Consider') by filling in the Action Plan colum (yelllow cells); 3) you can add additional space if needed; and 4) bullet point entries are acceptable.

ABC Cyber Security Plan Questions to Consider Action Plan

Security Plan Requirements Reference to help with responses Describe your recommendations and projected improvements

Define/update the "security objectives" for confidentiality, integrity, and availability of information resources, describing the potential harm/security impact that failure to achieve security objectives would have on the operations, function, image/reputation, or ability to protect personal information. Biefly describe your cyber security plan recommendations for ABC include objectives and any action/security plans resulting from your security review.

Education & Security Awareness Training

Conduct appropriate security awareness training for employees. QUESTIONS: Describe your recommendations to provide security information to your client's workforce, including the proper handling of information and how information about relevant policies and laws is distributed. Is training required for access to this system or service? If so, does it include security information, either general or specific to the systems/service (e.g. restricted data reminders)? Do you include security information in response to security-related events? More generally, how are people made aware of the reources described above?

Identity and Access Management

"* Control accurate identification of authorized parties and that provides authenticated access to and use of network-based services.

* Control access by authentication and authorization mechanisms to insure that only identifiable individuals with appropriate authorization gain access to specified computing and information resources. " QUESTIONS: How Is authentication used for access to these systems or services? Does this system or service utilize the name as part of authentication? Is the authentication system local or is it integrated with something central, e.g. kerberos or Active Directory? What is the mechanism for handling authorization, e.g., is it technically enforced within the application?

Security Program Processes

Risk Assessment, Asset Inventory & Classification

" Inventory computing devices (servers, desktop computers, laptops, mobile devices, storage devices, etc.) and the characteristics of the information/data stored on or transmitted from/to those computing devices. Inventory applications and the characteristics of the data stored by or transmitted from/to those applications.

Classify each computing device and application based on the characteristics of the associated stored data or data transmitted from/to the computing device or application." Are you taking into account all the places where your data may be stored, including desktops, reports portable devices, etc. Additionally, is education in place instructing people to minimize storage and transmission of restricted data, such as by deleting, redacting or de-identifying restricted data whenever possible, including from storage devices? Are people aware of electronic discovery and data retention requirements (when it's OK to delete something and when it's not? where authoritative copies live?)
Vulnerability Assessment

"Understand and document the risks in the event of failures that may cause loss of confidentiality, integrity, or availability of information resources.

?Identify the level of security necessary for the protection of information resources." QUESTIONS: What are your gaps in required security controls (based on your assessment)? Identify if the risk is low, medium or high. Determine cost-effective actions, and document an action plan to address areas of high risk.

[Workforce] Administrative

* Control how employees and other affiliates are granted access privileges to computing and information resources and how those privileges for individuals are altered or revoked. Review privileged account access. "QUESTIONS:

Is there a formal authorization process for obtaining access to systems or data? Who is responsible for granting authorization? Please describe the authorization process. How about for obtaining privileged/admin access at any level, e.g. root access, superuser access, privileged application or database access, etc.? Does the Support Center have a role in account management for your system or service?

Are procedures in place to ensure prompt modification or termination of access or authorization levels in response to user separation or change in role? Including for people with privileged access? Are privileged accounts and individuals with access to these accounts reviewed periodically for appropriateness? Describe the review process, including frequency."

* Conduct appropriate background checks for personnel handling information classified as "sensitive" or "to be protected." "BACKGROUND: ABC HR procedures exist for identifying positions requiring background checks. ABC requires all staff to have background checks as standard part of recruitment process.

QUESTIONS: Are required background checks for employees in your organization implemented promptly upon hire or reclassification? Do you know whether other departments do the same for people who have access to your system? "

* Take appropriate personnel/disciplinary action(s) for violations of policy/procedures. "BACKGROUND: Organizational procedures for reporting violations of law or security policies/procedures.

QUESTION: Is management aware of procedures for reporting violations of law or policy/procedures? Are individuals? Does the department have any local procedures in addition to campus procedures? Are violations and responses reported and documented?"

Applications Systems Management

* Control application systems development/maintenance through conformance with specifications in local standards, procedures, guidelines, and conventions; conduct application vulnerability assessments as appropriate. QUESTIONS: Describe the process used to develop/deploy new application(s) from inception (requirements, function, funding), to development (coding standards, application security, authentication/authorization), and deployment (workflow, management approval, alpha/beta testing and pilot, release). How will application development take into account business decisions about how restricted or confidential information should be collected, stored, shared, and managed? How are application vulnerability assessments performed? Is appropriate separation of duties in place? Is data in test, training and development systems protected according to its classification, including storage, transmission, bug reports, and bug reporting systems?

* Control production application software modification through change management procedures for major systems. "BACKGROUND: ABC has adopted divisional change management process for outage communications and maintenance window guidelines.

QUESTIONS: Explain procedures used to manage and document changes. Include any method in place to provide history of changes. Are change management procedures in place where restricted data is involved and for essential systems? Are changes tested and backout plans developed? Is documentation updated based on changes?"

Risk Mitigation Measures

Protect resources in the event of emergencies. "BACKGROUND: The system or service is in the IT Data Center, this information is provided by the ABC Core Tech Operations group. The Data Center has regular data backups and mitigations for infrastructure failures, including power, fire, flooding.

QUESTIONS: Where is this system or service housed, including backups? If not in the IT Data Center, or for any portions not in the Data Center, describe what is in place for the prevention, detection, early warning of, and recovery from emergency conditions. For example, are there locks, is there UPS or generator back-up power, is there fire suppression? Are procedures in place to protect restricted data during emergencies when focus may be elsewhere? Are there regular backups of critical/essential data and are they securely stored in an off-site location?"

Incident Response Planning & Notification Procedures

Maintain incident response and notification processes. "BACKGROUND: Does the organization have an implementation plan for protection of electronic restricted data and data security incidents are to be reported?

QUESTIONS: How will employees become aware of procedures for reporting and responding to potential security incidents? Do additional departmental procedures exist, and if so, are people aware of them?"

Third Party Agreements

Ensure that contracts with external entities include data security language. QUESTIONS: Is additional language, e.g. for HIPAA or PCI, required? Assuming a third party managing a web site for you that collects sensitive data, such as SSN, credit card info, or other PII or restricted data, how will compliance aspects be handled?

Security Controls

* Control passwords through password management conventions and vulnerability assessment procedures. - [Passwords and other authentication credentials] QUESTIONS: How will the password policy be monitored and enforced by your system or service? Describe any limitations that prevent this and additional mitigations to compensate. How will passwords be tested for strength? Are there any expiration or password aging policies? Will individuals have unique access credentials? How about vendors/contractors?

* Control access to working sessions through session timeout mechanisms. -[Session protection] QUESTIONS: Is there a session timeout for the application, including for administrators? Are users encouraged to implement screensaver locks at the desktop? Are desktops configured to automatically lock or go to screensaver after a period of inactivity?

* Control privileged account access through defined procedures for providing privileged accounts and reviewing activity under privileged account. - [Privileged access] QUESTIONS: See "[Workforce] Administrative," above for process for obtaining privileged access/accounts. Is privileged access and activity logged? Are logs reviewed periodically? Are they reviewed in response to potential security events? Do individuals have unique access credentials for privileged access?

Systems and Application Security

* Control systems-level access through review of personnel assignments for appropriate classification, security responsibilities, and separation of duties. "BACKGROUND: Centralized systems and applications are supported by ABC employees with IT-related classifications.

QUESTIONS: Do job descriptions for individuals who provide application and system support accurately reflect their duties and access to restricted data or systems? Are individuals who provide IT-related services trained and knowledgeable in these areas of responsibility? Do defined procedures exist for reviewing personnel assignments for appropriate classification, security responsibilities, and separation of duties?"

* Backup systems supporting essential activities; encrypt data where required to secure backup data. "

QUESTIONS: How will system backups containing restricted data be secured? How will data integrity/user functionality be ensured/verified upon recovery or restore? Is a retention and disposition schedule in place for backups? "

* Protect computing and information resources from malicious software (e.g., viruses, worms, Trojans, spyware, etc.)- QUESTIONS: How will the system protect against computer viruses and spyware? How is this verified? What about for systems not in the Data Center?

* Maintain currency of operating systems and application systems software. - [Patch Management] QUESTIONS: Describe the patching process, including frequency, whether it is a manual or automatic process, and verification. Is there a testing or backout procedure? What is the process for severe or critical updates?

Audit Logs

Monitor for attempted/actual unauthorized access through review of access and audit logs. QUESTIONS: Where will audit logs be enabled? What types of activiteis will be captured in the logs? What procedures are in place to proactively review logs or is review event-driven, such as in the case of problems or potential security incidents?

Encryption

Control risk of unauthorized access to "sensitive"/"restricted" data by use of encryption. QUESTIONS: Describe encryption methods or mitigating controls: Are passwords or other authentication tokens encrypted in transit and in storage? Is restricted data encrypted during transmission, including printing? Is stored restricted data encrypted? How about database tables or columns with restricted data elements? Is restricted data on backups, portable devices and media encrypted or otherwise protected? Are encryption keys secure? Are encryption keys managed to ensure availability of essential data?

Physical/Environmental Controls

" Control access to facilities by appropriate measures - [Physical Access Controls]

Track movement of devices - [Tracking Reassignment or Movement of Devices & Stock Inventories]

Remove data before equipment is re-deployed, recycled, or disposed. - [Disposition of Equipment]" "BACKGROUND: The system or service is in the Data Center, this information is provided by the Core Tech Operations group. Access to the Data Center is regulated by the Data Center Access Policy as well as physical security controls (i.e. locks). Movement of equipment is tracked; rack inventory is updated as needed, reviewed quarterly. Devices are stored securely pending secure destruction.

QUESTIONS: Where will this system or service be housed, including backups?

* Describe the physical security controls protecting access to the facility, systems and data, including backups and portable devices.

* Are facility access policies in place, including procedures to verify the identity of individuals and tracking of entry and exit, including for visitors and guests?

* Are all critical and restricted systems locked down?

* Is there a unit inventory of all computers and storage devices with restricted or critical data, including portable devices (data sticks, CDs, PDAs, etc.) and media? Is there frequent movement of equipment? Is there a check-out/in or tracking system in place?

* Are procedures in place to ensure secure removal or destruction of data before equipment or electronic media is re-deployed, recycled or disposed?"

* Control physical security of portable media. - [Portable & Media Devices (III.C.3.e)] QUESTIONS: Are portable devices and media used? If so, are procedures in place to ensure their physical security? Are laptop computers locked down? Is restricted data on portable devices and media encrypted? Is there a practice of reviewing and deleting data from portable devices when no longer needed?

* Control access to networked devices How will the system control access to networked devices?

* Protect passwords or other authentication tokens while in transit? How will the system protect passwords or authentication tokens in transit?

* Control potential security loopholes for operating system, application software, and firmware code on all devices connected to the network. How will the system control potential security loopholes for operating system, application software, and firmware code on all devices connected to the network?

* Protect networked devices against malicious software. - [Malicious Software Protection Question: How will the system protect against malware and other types of malicioius software?

* Control the use of networked devices for intended purposes by eliminating unnecessary services from devices. QUESTIONS: How will the system control the use of networked devices for intended purposes by eliminating unnecessary services from devices

* Control network communications to/from networked devices through host-based firewall software, as available. QUESTIONS: How and where will host-based firewalls be used? What about network firewalls and Intrusion Detection System/Intrusion Prevention System?

* Prevent networked devices from becoming unauthorized email relays. QUESTIONS: How will the system secure devices from becoming unauthorized email relays? How will they be configured?

* Control access to network proxy servers through authentication QUESTIONS: Does organization run any network proxy servers? Is access controlled through authentication?

Special Categories of Data

HIPAA Security Rule /Practices for HIPAA Security Rule Compliance "Since ePHI is present, how will organizational resources be ensured to comply with HIPAA and SOX Security Requirements? How will the compliance practices be monitored?

Payment Card Industry Data Security Standard (PCI DSS) How will credit card information be stored, processed or transmitted so as to ensure compliance with PCI? (e.g. ensure that credit card environment is PCI compliant).

Reference no: EM131152955

Questions Cloud

Compare a use case description and an activity diagram : Compare a use case description and an activity diagram. Devise a scenario in which you would use a case description, and devise a scenario in which you would use an activity diagram.
Series of experiments with electro-migration : You now conduct a series of experiments with electro-migration at the same 2 temperatures (T1 = 25ο C and T2= 60ο C). The current density at T1 was 2 mA/μm2 and the current density at T2 was 1 mA/μm2.
Find the probability that the number who consider : Find the probability that the number who consider themselves baseball fans is (a) exactly five, (b) at least six, and (c) less than four.
What is the general concept of an iron triangle : Describe what happens when you "increase" or "decrease" one corner of the triangle. For example, I'll give you one of the answers and tell you that one corner of the triangle is "cost." What happens to the other two attributes when you increase o..
How and where will host-based firewalls be used : How and where will host-based firewalls be used? What about network firewalls and Intrusion Detection System/Intrusion Prevention System?
Confidence interval for the mean daily return : If we assume that the returns are normally distributed, find a confidence interval for the mean daily return on this stock. Then complete the table below.
Schedule often suffer from insomnia : Pilots who cannot maintain regular sleep hours due to their work schedule often suffer from insomnia. A recent study on sleeping patterns of pilots focused on quantifying deviations from regular sleep hours. A random sample of 30 commercial airlin..
Methods to monitor and control your proposed strategic plan : Develop at least three methods to monitor and control your proposed strategic plan, being sure to analyze how the measures will advance organizational goals financially and operationally
Estimate for the mean birth weight : A scientist studying babies born prematurely would like to obtain an estimate for the mean birth weight, U(mean) , of babies born during the 24th week of the gestation period.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Dscribe three 3 ways in which businesses use internet

assume that you were recently hired by a manufacturing company as a systems administrator trainee. your first

  What is the definition of information security what

1.what is the definition of information security? what essential protections must be in place to protect information

  Examine the different levels of security

Examine the different levels of security and how an organization can provide the proper level of effort to meet each information security need and how this relates to what is in an organization's information security policy

  Descripe what is web cache about secure computer network

Descripe what is each topic about secure computer network and why its important? Describe these topics to somone that has no knowledge in computer networks to deliver the idea to him?

  Genome4u is a scientific research project at a large

Genome4U is a scientific research project at a large university in the United States. Genome4U has recently started a large-scale project to sequence the genomes of 100,000 volunteers with a goal of creating a set of publicly accessible databases wit..

  Define the terms class, object and message

Define the terms class, object and message. How does the concept of message passing help to encapsulate the implementation of an object, including its data?

  Define intellectual property in cyberspace

Develop a one-page poster in Word or PowerPoint for a public service campaign to educate people about intellectual property rights of cyberspace for some aspect in your readings from this week.

  Disadvantages of your remote access solution

Describe the advantages and disadvantages of your remote access solution. Describe the network protocols that will be used on your suggested network.

  How to manage the file system encryption keys

Setup a 64MB encrypted file system in a file on a Flash drive so that it can be used with the cryptmount command.

  Identify and prioritize it security controls

Using the case study and NIST SP 800-53, Identify and prioritize IT Security controls that should be implemented. Discuss any applicable US Government regulations/standards that apply to this organization

  Analyze the security of the system compriosing the size of

alice has a picture-based password system where she has each user pick a set of their 20 favorite pictures say of cats

  Gamal signature schemes

Prove that the equation yaab mod p = gm mod p holds for the signature values chosen by Equation 1, 2 and 3].

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd