Q.4.2 Read the following scenario and then answer the questions that follow: You are the enterprise administrator in your organisation. You are responsible for all systems including servers, clients, databases, equipment, and mobile devices. Your ultimate goals are to ensure that the network infrastructure is highly available and secured. You have been alerted that a staff member, Employee A, has deleted and corrupted numerous files on the system that would have contributed to providing evidence in a scheduled disciplinary hearing against Employee A. The files deleted have an impact on the business continuity, audit trails, and data integrity. Q.4.2.1 Outline at least four steps you would have taken to secure the crime scene as soon as you were alerted of the incident. Q.4.2.2 Explain what Chain of Custody means and then provide an example of how you would establish such.

Q.4.2 Read the following scenario and then answer the questions that follow: You are the enterprise administrator in your organisation. You are responsible for all systems including servers, clients, databases, equipment, and mobile devices. Your ultimate goals are to ensure that the network infrastructure is highly available and secured. You have been alerted that a staff member, Employee A, has deleted and corrupted numerous files on the system that would have contributed to providing evidence in a scheduled disciplinary hearing against Employee A. The files deleted have an impact on the business continuity, audit trails, and data integrity. Q.4.2.1 Outline at least four steps you would have taken to secure the crime scene as soon as you were alerted of the incident. Q.4.2.2 Explain what Chain of Custody means and then provide an example of how you would establish such.

Principles of Information Security (MindTap Course List)

6th Edition

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Michael E. Whitman, Herbert J. Mattord

Chapter6: Security Technology: Access Controls, Firewalls, And Vpns

Section: Chapter Questions

Problem 6RQ

See similar textbooks

Similar questions

The organisation has recently introduced a novel security protocol mandating all personnel to authenticate their access to personal computers via a biometric fingerprint scanner, in lieu of conventional username and password credentials. As a result of the recent trimming of your fingerprint, your computer is currently unable to locate and utilise it for identification purposes. Consequent to this issue, your access to the computer that was being utilised by you will be terminated. What are the subsequent stages?
A significant cause of security breaches is inappropriate entitlements. This can be caused by incorrect initial access rights settings, accumulation of entitlements over time, or even improper access rights for a user that were intentionally set by a rogue collaborating administrator. Entitlement accumulation can result from a lack of maintenance when an employee changes positions and maintains all of his or her old access rights. One frequent mistake many organizations make is terminating administrators while not immediately de-provisioning their accounts and removing all access rights. i. Discuss why the mistakes identified are seen as problems. Propose your solution to these problems. Support you answers with concepts learnt in class.
Local administrator privileges on a personal computer may be shared. Inappropriate rule changes are being made by some of these users, and it has to do with security. To prevent users from losing access to local administrative controls, you should reapply these crucial rules to computers whenever they are updated by users. What can I do to help?
A significant cause of security breaches is inappropriate entitlements. This can be caused by incorrect initial access rights settings, accumulation of entitlements over time, or even improper access rights for a user that were intentionally set by a rogue collaborating administrator. Entitlement accumulation can result from a lack of maintenance when an employee changes positions and maintains all of his or her old access rights. One frequent mistake many organizations make is terminating administrators while not immediately de-provisioning their accounts and removing all access rights.i. Discuss the why the mistakes identified are seen as problems.
A significant cause of security breaches is inappropriate entitlements. This can be caused byincorrect initial access rights settings, accumulation of entitlements over time, or even improperaccess rights for a user that were intentionally set by a rogue collaborating administrator.Entitlement accumulation can result from a lack of maintenance when an employee changes positions and maintains all of his or her old access rights. One frequent mistake many organizations make is terminating administrators while not immediately de-provisioning theiraccounts and removing all access rights.i. Discuss why the mistakes identified are seen as problems ii. Propose your solution to these problems.
Explain the following “Measures” used to provide system security at organizational level: Physical - The sites containing computer systems must be physically secured against armed and malicious intruders. The workstations must be carefully protected. Human - Only appropriate users must have the authorization to access the system. Phishing (collecting confidential information) and Dumpster Diving (collecting basic information so as to gain unauthorized access) must be avoided. Operating system – The system must protect itself from accidental or purposeful security breaches. Programs – Usually, Anti Malware programs are used to periodically detect and remove such viruses and threats. Additionally, to protect the system from the Network Threats, Firewall is also be used. Network – Almost all the information is shared between different systems via a network. Intercepting these data could be just as harmful as breaking into a computer. Henceforth, Network should be properly…
Assuming that we had to place our current Yoga application into production, with the addition of the firewall we installed identity three(3) significant and distinct areas for which our application and its environment is still vulnerable, and list some possible ways we would need to protect those vulnerabilities? Be sure to be specific, thorough, and use critical thinking. Imagine this is for your boos, and your job depends on it, but keep it limited to just three paragraphs. Each paragraph should clearly list a vulnerability and at least one mitigation for each. Expected length: 3 well-formed but concise paragraphs.
John Martin, a highly skilled computer technician with a master's degree in computer science took a low profile evening job as a janitor at Kent Manufacturing Company. Since the position was low level no security clearance or background check was necessary. While working at nights, John snooped through offices for confidential information regarding system operations, internal controls, and the financial thresholds for trans-action that would trigger special reviews. He observed employees who were working late, type in their passwords, and managed to install a Trojan horse virus onto the system to capture the IDs and passwords of other employees. During the course of several weeks, john obtained the necessary IDs and passwords to set himself up in the system as a supplier, a customer, systems administrator, which gave him access to most of the accounting system’s functions. As a customer, John ordered inventory that was shipped to a rented building and later sold. As a system…
significant cause of security breaches is inappropriate entitlements. This can be caused by incorrect initial access rights settings, accumulation of entitlements over time, or even improper access rights for a user that were intentionally set by a roguecollaborating administrator. Entitlement accumulation can result from a lack of maintenance when an employee changes positions and maintains all of his or her old access rights. One frequent mistake many organizations make is terminating administrators while not immediately de-provisioning their accounts and removing all access rights. i.Discuss the why the mistakes identified are seen as problems. ii.Propose your solution to these problems.Support you answers with concepts learnt in class
Module 1 New Discussion: Seven Domains Module 01 Discussion: Seven Domains A typical IT infrastructure has seven domains: User Domain, Workstation Domain, LAN Domain, LAN-to-WAN Domain, WAN Domain, Remote Access Domain, and System/Application Domain. Each domain requires proper security controls that must meet the requirements of confidentiality, integrity, and availability. Answer the following question(s): In your opinion, which domain is the most difficult to monitor for malicious activity? Why? In your opinion, which domain is the most difficult to protect? Why? Submission Instruction and Grading Evaluation Criteria: Students fully addressed the question(s) in the discussion instructions. Students included justification or rationale for their choices, where applicable. Reply to at least 2 post using a minimum of 50 words. When responding, "I agree", "I like your post", etc. are NOT considered professional responses. Either agree, with explanation; disagree, with explanation; or…
1. Let us consider an application where we need to run a secure Information Management System. We are to receive very confidential information from our customers and keep them save in our system. These information are sent to us in the softcopy forms. We are to protect our customers’ confidentiality even from ourselves, we are not to see the information they bring to us, or else the confidentiality is compromised. Your job as computer security officer is to verify the authenticity of the important document received in order to save them under the appropriate users. Mind you; you have no access to the users’ usernames and passwords, you can store but cannot retrieve except the user himself. Secondly, you are to protect the passwords and usernames to make impossible for everyone (including the system administrators) except the users themselves to access even if the whole database is hacked or stolen. i. Based on your knowledge in computer security, which cryptographic mechanisms would…
The stakeholders of a software company have four new security requirements that they are considering including in the next release of their flagship product: Two-factor authentication (2FA), Captcha for Bot Detection (CBT), Password Expirations (PEX), and Role-base access control (RBA). Given the time constraints, they may not be able to include all, so they need to prioritize these requirements based on three criteria: Maintainability (MA), Ease of Use (EU), and Integration Support (IS). They have the following pairwise preferences of the criteria: Maintainability is three times as important as Ease of Use Ease of Use is two times as important as Integration Support Maintainability is five times as important as Integration Support Based on the above information, do the following: Make a matrix capturing all pairwise comparisons of importance of criteria.