Reference no: EM133478969
BUSINESS CASE: Star Biotech Company: Star Biotech uses living organisms to develop new drugs. Star Biotech focus on developing treatments for diseases that are difficult to treat with traditional drugs. Star Biotech has an IT system with office desktop computers and a data center. There are two departments.
The Star Biotech research and development department with 50 employees assigned to involve mission-critical data processing. Each and every computer is part of an important business process, therefore, data communication traffic that is directed at each computer should be monitored.
The management office is the second department of Star Biotech. Where 100 employees are conducting regular business activities in the management office department. The data communication traffic among all these computers should be monitored network traffic for suspicious activity.
QUESTION 1. You, as an IT manager should make a decision about the network security tool that monitors network or system activity for malicious or unauthorized behavior for both departments. Read the given parameters and write your decision about the type of intrusion detection system you would use in two departments
QUESTION 2. As an IT manager, your task is to prevent possible intrusion by employing user authentication. Authentication should require more than one piece of information to verify a user's identity to access to OS. For accessing the computers in research and development; authentication must be more difficult for attackers to gain access to a user's account, even if they have stolen their password. What kind of authentication method you would use for computers OS in research and development? Write examples for each piece of information that you would ask from the user.
QUESTION 3. As an IT manager, your task is to come up with file system access control (also known as file permissions) for the computers. So, the owner of the Star Biotech IT system would be able to determine who can access files and folders on each computer in. You should come up with a solution to protect sensitive data in the research and development department computers from unauthorized access. Consider the given pavements below and write which access control models you would deploy
There should be a hierarchical approach to access control. All the documents in the computers were already classified as Confidential, Secret, and Top secret. The sensitivity levels are in order from most sensitive to least sensitive.
QUESTION 4. As an IT manager, your task is to reduce the risk of attack on Star Biotech computers, increase security: and improve performance by implementing operating system hardening for each computer. Write the steps that you will follow to secure the operating system in each computer.
QUESTION 5. Once the OS for each computer is appropriately built, secured, and deployed, the process of maintaining security is continuous. This results from the constantly changing environment, the discovery of new vulnerabilities, and hence exposure to new threats. As an IT manager, how you would provide security maintenance in the long run? Write the steps