User Account

All Pages

How system shall recover from attacks failures and accidents

Assignment Help Computer Network Security
Reference no: EM131158624

Exam

There are five semi open ended questions along with an accompanying cyber security action plan template. You are to answer each of the five questions and to complete the Cyber Security Action Plan template based on best practices and your understanding of the case.

Please refer to the FAQ concerning the maximum length answer for each question You are not required to use APA formatting. For the open ended questions you are to provide your answers immediately follow the question.

On the Cyber Security Action Plan template for each Action Plan item include your response. You can add additional space if needed.

Sections in the Plan

Description

Security risks

Enumerates the types of security hazards that affect your enterprise.

Security strategies

Describes the general security strategies necessary to meet the risks.

Public key infrastructure policies

Includes your plans for deploying certification authorities for internal and external security features.

Security group descriptions

Includes descriptions of security groups and their relationship to one another. This section maps group policies to security groups.

Group Policy

Includes how you configure security Group Policy settings, such as network password policies.

Network logon and authentication strategies

Includes authentication strategies for logging on to the network and for using remote access and smart card to log on.

Information security strategies

Includes how you implement information security solutions, such as secure e-mail and secure Web communications.

Administrative policies

Includes policies for delegation of administrative tasks and monitoring of audit logs to detect suspicious activity.

ABC HEALTHCARE CASE BACKGROUND

Healthcare companies, like ABC Healthcare, that operate as for-profit entities, are facing a multitude of challenges. The regulatory environment is becoming more restrictive, viruses and worms are growing more pervasive and damaging, and ABC Healthcare's stakeholders are demanding more flexible access to their systems.

The healthcare industry is experiencing significant regulatory pressures that mandate prudent information security and systems management practices.

Furthermore, the continued pressure to reduce cost requires that management focus on streamlining operations, reducing management overhead and minimizing human intervention. The regulatory focus at ABC Healthcare is on the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX). Both pieces of legislation highlight the need for good systems administration and controls, but focus on different aspects of the business. The main focus of HIPAA is to protect personally identifiable health information while SOX is concerned with data that impacts financial reporting. Violations may be met with both civil and criminal penalties. Therefore, the company must be ever watchful of new threats to their systems, data, and business operations.

The most prevalent security related threat to on-going business operations is the continued development and propagation of viruses and worms. Virus and worm prevention or containment is a vital component to the overall risk mitigation strategy. Virus and worm outbreaks have multiple cost aspects for the company including lost patient charges due to system unavailability, lost productivity because of recovery efforts due to infection, and potential regulatory impacts depending on the virus or worm payload. However, the company must balance
risk with opportunities in order to serve the stakeholders and grow the business.

ABC Healthcare's stakeholders include multiple groups that depend on or need access to clinical and/or financial systems in order to help support and grow the company. The access requirements and associated risk model varies by user group. The main access groups are internal only users (i.e. nurses, hourly employee, etc.), internal/remote users (i.e. salaried employees, doctors, etc.), and business partners (i.e. collection agencies, banks, etc.). Risk mitigation solutions must be developed for each user group to help ensure that the company recognizes the benefit that each group brings and to minimize the risk to business operations.

The high-level management goals of the network design implementation are as follows:

· Support the business and balance security requirements without introducing significant overhead and complexity;
· Maintain and enhance security without significantly increasing management overhead or complexity;
· Implement systems that are industry supported (standards where appropriate), scalable, and fault-tolerant;
· Ensure that the design is implemented to help ensure compliance with any and all applicable regulations;
· Proper management of access control for legitimate users and malicious users is of the utmost importance for the security of the ABC

Healthcare management system. The threat is not limited to outside malicious users but also legitimate users engaged in illegitimate activity.

Based on the above description you are to provide a recommendation of how you would address each of the following ABC Healthcare's computer network security requirements. Note, whereas cost is typically an important factor, this is not a consideration for this case analysis. Therefore, you do not need to include cost estimates. Your solution should have the "right feel", despite the lack of depth or details necessary to be accepted by upper management. Be specific in your answers. Write them as if you were writing a proposal to your boss. Since you are developing a solution to a specific circumstance, material that is copied from an outside source will not likely fit so everything should be in your own words.

Describe your technical recommendation for addressing the security requirements in the overall technical design of the ABC Healthcare network. This should include both internal and external (untrusted and trusted) aspects. Untrusted would include user connectivity to the Internet. The "trusted" network has the main purpose of supporting the business functions of known entities (i.e. partners, suppliers, etc.) which have a business relationship with the company. Note that you are to concentrate on the physical and logical level, including the type of hardware and software, however you are not expected to provide specific low level details in terms of equipment suppliers or model numbers, etc. for your recommended design.

Discuss the way you will address requirements for system monitoring, logging, auditing, including complying with any legal regulations.

Describe how the system will identify and authenticate all the users who attempt to access ABC Healthcare information resources.

Discuss how the system shall recover from attacks, failures, and accidents.

Discuss how the system will address User Account Management and related security improvements.

Complete the Cyber Security Action Plan template.

Reference no: EM131158624

Questions Cloud

List four types of memory and describe how each one works : Briefly describe what a microprocessor is and explain its relationship to software. List the four types of memory and briefly describe how each one works.
Comparative advantage and absolute advantage : The minister has argued that raising the tax on alcohol is the most effective way to reduce alcohol abuse in our society. Do you agree or disagree?
Develop skills not only in performing the calculations : The purpose of this project is to help you develop skills not only in performing the calculations behind financial analysis but in interpreting the numbers as well.
How much force is needed to move the car up the ramp : A car weighing 4580 pounds is sitting on a ramp inclined at 17.5 degrees with the horizontal. Find the force parallel and the force perpendicular to the ramp. How much force is needed to move the car up the ramp?
How system shall recover from attacks failures and accidents : Discuss how the system shall recover from attacks, failures, and accidents. Discuss how the system will address User Account Management and related security improvements.
What were challenges you faced today in modifying behavior : At the beginning of the semester, you identified on behavior that you will try to modify. How did it go? What were the challenges you faced today in modifying the behavior?
Raising capital reserve requirements : What has been the recent history on CB' stress tests and in raising capital reserve requirements for those that fail the stress tests? Are these measures adequate to ensure solvency?
Is wal-mart''s business strategy fair and equitable : Do Wal-Mart's business practices raise or lower our standard of living? How? Why do you think this is so? Is Wal-Mart's business strategy fair and equitable to all parties? Why or why not
What is insolvency risk : (a) What is insolvency risk? How can liquidity risk and credit risk cause insolvency? What are the two best protections against insolvency at a financial institution?

Reviews

Write a Review

Computer Network Security Questions & Answers

  Encrypt the plaintext by using vigenere cipher

Encrypt the following Plaintext using Vigenere cipher: Plaintext: stocks market is falling Key : one. Is Vigenere cipher monoalphabetic or polyalphabetic? Why?

  Analyze issue using social contract and rule utilitarianism

Analyze issue using Social Contract, Kantianism, Act Utilitarianism, Social Contract Theory, Virtual Ethics and Rule Utilitarianism.

  Strategies for developing secure software

You want to convince your software development manager that the team needs to include strategies for developing secure software. Your first step is to help your manager understand the common sources of risks in software. 1. Write a ½ to 1 page memo t..

  What are penalties for committing these crimes

What might the profile (with emphasis on sociological and psychological theories) be for a cybercriminal who commits this type of cybercrime?

  Identify the anomaly in the traffic organisation going

Identify the anomaly in the traffic this organisation is going through. What sort of evidence do you have to make this claim. What sort of utility or tool do you think the "attacker"is using to conduct this attack

  Explain a technique used by hackers to cover their tracks

describe a technique used by hackers to cover their tracks after a network attack. this may take a little bit of

  Why do you think functional silos are not appropriate for

1. where are erp systems heading in the future? do you agree or disagree with the trends discussed in the chapter?

  Design secure wireless networks

Determine and explain the steps by which you can create a secure wireless CCTV system from Raju's phone - Draw a diagram of the setup.

  What descriptive labels might apply to this type of threat

What descriptive labels might apply to this type of threat/incident? What sort of people would go after this information? Why would they want it

  Patton-fuller community hospital networking virtual

resource patton-fuller community hospital networking virtual organization or an organization you are familiar with

  Briefly describe the type of e-commerce

This assignment provides you with an opportunity to read an article about a current security threat (or attack) while also examining how security measures impact the customer experience.

  What is net neutrality and why is it so important

What is Net Neutrality and why is it so important for organizations today?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd