User Account

All Pages

Mandatory access control and discretionary access control

Assignment Help Management Information Sys
Reference no: EM132241148

Assignment

Imagine that you are the Information Systems Security Specialist for a medium-sized federal government contractor. The Chief Security Officer (CSO) is worried that the organization's current methods of access control are no longer sufficient.

In order to evaluate the different methods of access control, the CSO requested that you research: mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC). Then, prepare a report addressing positive and negative aspects of each access control method.

This information will be presented to the Board of Directors at their next meeting. Further, the CSO would like your help in determining the best access control method for the organization.

Write a three to five page paper in which you:

Explain in your own words the elements of the following methods of access control:

Mandatory access control (MAC)

Discretionary access control (DAC)

Role-based access control (RBAC)

Compare and contrast the positive and negative aspects of employing a MAC, DAC, and RBAC.

Suggest methods to mitigate the negative aspects for MAC, DAC, and RBAC.

Evaluate the use of MAC, DAC, and RBAC methods in the organization and recommend the best method for the organization. Provide a rationale for your response.

Speculate on the foreseen challenge(s) when the organization applies the method you chose. Suggest a strategy to address such challenge(s).

Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Your assignment must follow these formatting requirements:

This course requires use of Strayer Writing Standards (SWS). The format is different than other Strayer University courses. Please take a moment to review the SWS documentation for details.

Include a cover page containing the title of the assignment, the student's name, the professor's name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific course learning outcomes associated with this assignment are:

Analyze information security systems compliance requirements within the User Domain.

Use technology and information resources to research issues in security strategy and policy formation.

Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.

Reference no: EM132241148

Questions Cloud

Compute amounts of any liability for compensated absences : Compute the amounts of any liability for compensated absences that should be reported on the balance sheet at December 31, 2016 and 2017
Evaluate the current pay structure used by your company : BUS 409 COMPENSATION MANAGEMENT - Strayer University - Determine the most beneficial ratio of internally consistent and market consistent compensation systems
Explain why the team performed so well or so poorly : Discuss the team dynamics for a highly effective or ineffective team of which you were a member.
A brief discussion on the security of the internet of things : Describe what IoT is; what are some of the security risks and issues with IoT devices; what steps can be taken to mitigate these risks?
Mandatory access control and discretionary access control : Imagine that you are the Information Systems Security Specialist for a medium-sized federal government contractor.
Improve cultural awareness related to doing business : Improve your cultural awareness related to doing business in another country or with another culture - Discuss at least three of the categories
Describe the data breach incident and the primary causes : Analyze how the data breach could have been prevented with better adherence to and compliance with regulatory requirements and guidelines.
What role end-users typically play in incident reporting : Discuss what role end-users typically play in incident reporting? Should end users be encouraged to report suspicious occurrences?
Consider how to handle new hires and job changes : Discuss, in your own words using 500 words or more, the relationship between users and roles in databases.

Reviews

Write a Review

Management Information Sys Questions & Answers

  National courier company picks up and delivers packages

national courier company picks up and delivers packages across the country and through its relationships with couriers

  What are the implications for organizational change

What other areas of organizational behavior or design are impacted by information technology, and what are the implications for organizational change?

  Describe briefly what services they contribute

What personal knowledge management tools does this organization utilize? What steps has this organization taken in securing their information and knowledge? What has this organization done to gain and sustain an advantage over their competitors?

  Describe the impact and the vulnerability of the scada

Describe the impact and the vulnerability of the SCADA / Stuxnet Worm on the critical infrastructure of the United States.

  Review an initial draft of a service level agreement

For this task you will respond to a hypothetical business arrangement where you have been asked to review an initial draft of a service level agreement (SLA) between your company, Finman Account Management, and two other companies, Datanal and Min..

  Have you ever encountered a filter bubble

What are you thoughts about companies collecting data about you? Do you feel this type of data collection is a beneficial or detrimental? Why? Do you feel you have a right to know what data companies are collecting about you? Does this concern you..

  Describe in very general terms the as-is business process

Describe in very general terms the as-is business process for registering for courses at your university. Collaborate with another student in your course and evaluate the process using problem analysis and root cause analysis.

  Describe the business environment and identify the risk

As an IT professional, you'll often be required to communicate policies, standards, and practices in the workplace.

  How to prevent the hack attack

Preventing Computer Hacking - Describe the detailing of such an incident. What should the target company have done to prevent the "Hack Attack"?

  Compare the qualitative and quantitative risk analysis

Compare and contrast qualitative risk analysis and quantitative risk analysis, and provide at least two examples identifying a situation when each would be useful.

  Create critical reports sales forecasts and territory models

Salesforce introduction: Customer relationship management (CRM) is a tool that refers to technologies, strategies, practices companies use to analyze and manage customer interactions and data throughout the customer lifecycle, with the objective o..

  Explain why openid offers users greater convenience

Explain why OpenID offers users greater convenience and security than the current system. Would you consider using an identity provider to access content on the Web? Why or why not

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd