Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Security policy and procedures manual

24/11/2021 Client: muhammad11 Deadline: 2 Day

Security Standards, Policies, And Procedures Manual

Cyber Security Engineers are responsible for safeguarding computer networks and systems in an organization in order to protect the sensitive data they store.

Take on the role of Cyber Security Engineer for the organization you chose in Week 1.

Develop a 5- to 6-page manual using the Security Standards, Policies, and Procedures Template with recommendations to management of security standards, polices, and procedures which should be implemented in your chosen organization. The 5-6 page assignment length requirement applies to the content of the assignment. Start the assignment with an APA formatted title page and add a reference section with at least two professional references. Use the references in the text of the assignment.

Research and include the following:

Explain the importance to your organization of implementing security policies, plans, and procedures. Discuss how security policies, plans, and procedures will improve the overall security of the organization.
Recommend appropriate policies and procedures for:
Data privacy
Data isolation
NDA
IP Protection
Passwords
Acceptable use of organizational assets and data
Employee policies (separation of duties/training)
Risk response
Avoidance
Transference
Mitigation
Acceptance
Compliance examples that might affect your organization or others [Regulatory, Advisory, Informative]
HIPPA
FERPA
ISO
NIST
SEC
Sarbanes/Oxley
Incident response
Preparation
Identification
Containment
Eradication
Recovery
Lessons learned
Auditing
Environmental/Physical
Administrative

Running head: THREATS, ATTACKS AND VULNERABILITY ASSESSMENT

THREATS, ATTACKS AND VULNERABILITY ASSESSMENT

8

Threats, Attacks and Vulnerability Assessment

Anthony bahlman

CMGT/400

03/30/2019

Google LLC is a technological company from America which specializes in Internet-related products and services. Some of the products and services which are offered by Google include search engines, cloud computing, hardware, software, and online advertising technologies. It is considered among the Big Four companies which also include Apple, Amazon, and Facebook. The organization was founded by Larry Page and Sergey Brin in 1998. The founders were Ph.D. students at Stanford University in California. All facilities are subject to a certain level of risk which can be associated with different threats. The threats may be as a result of natural events, intentional acts by human beings to cause harm or accidents (Maglaras et al., 2018). The owners of companies have the responsibility of limiting or managing the risks arising from the threats to the maximum extent possible.

Tangible Assets

Google is one of the best technology companies in the world with a high number of tangible assets within its premises, especially in the headquarters located in Mountain View, California. The information systems, critical infrastructure, and cyber-related interests to be tested include the software of the company, hardware, system interfaces with consideration of internal and external connectivity, data and information, and people who use and support IT system. The aspects will be assessed because they are crucial to the day to day operations of the facility, and a breach in any aspect may lead to major disruption of services. The aspects which will not be assessed include IT system functional requirements, system users, current network topology system security policies which guide the use of the IT system and the architecture of security of the system. The aspects will not be assessed because of the minimal threat they pose to the system, and low probability of risk to arise from them. Moreover, the disruption of the items does not lead to significant interference in the operation of the organization.

Asset Descriptions

The following is a diagram of the flow of assessment activities:

The assets descriptions are outlined below:

· Hardware- Physical parts of the computers.

· IT personnel- Individuals operating computer systems.

Threat Agents and Possible Attacks

There are several threat agents and possible attacks that may face the organization. the company may be subject to floods which may be as a result of excessive rainfall or overflowing ocean water. Tornadoes are also a possible threat to the organization, and these are violent and destructive rotating winds. Other possible natural threats to the organization headquarters include earthquakes, electrical storms, and avalanches. Electrical storms involve the violent disturbance of the electrical condition of the atmosphere, and such an occurrence can destroy any electrical system. The company also faces the human threat of hacking where people may make attempts to gain unauthorized access to their files. There is also the threat of unintentional acts of inadvertent data entry taking place. Another possible threat is the possibility of malicious software upload by people intending to destroy the reputation of the company (Esteves, Ramalho & De Haro, 2017). There is also the treatment of employees of the organization gaining access to confidential information using their credentials. The other possible threat of environmental nature to the organization is a long term power failure, and this may lead adversely affect them because of the use of technological systems highly dependent on power. Pollution may also affect the environment in which the workers perform their duties. The company also faces the threat of industrial espionage by the competitors. Finally, the spillage of dangerous liquids or chemicals from factories can affect the working environment.

Exploitable Vulnerabilities

The following is the list of exploitable vulnerabilities:

· Failure of removal of identifiers of terminated employees

· Buffer overflows

· The firewall of the company allows for inbound tenet, and the identification of guest is allowed on XYZ server

· The failure of application of new patches to one of the systems with an identified flaw

· The server room uses sprinklers for fire protection but there is no hardware to protect from water damage.

· The possibility of code injection in the system.

· Presence of dangling pointers

Existing Countermeasures

The organization has several existing countermeasures to threats and vulnerabilities. The data and crucial information files are backed up in an offsite location. The backup schedule is also accurate to ensure they do not miss out on any information. There are also arrangements for another location in the event that the primary site is rendered to be inoperable. There are also several procedures which protect against the unauthorized access or use of the computer systems. System monitoring is done on a regular basis for detection of any unusual aspects. The company also has a risk analysis plan and security strategy developed from the risk analysis.

Evaluation of Threats or Impacts on the Business

Threat History Events

Duration

Business Impact

Threat Resolution

Hacking

1 day

None

Change of hardware at customer sites

Hacking

Hours

None

Software upgrades.

Prioritized List of Identified Risks

Risk

Probability

Priority

Owner

Countermeasures/Contingencies/Mitigation Approach

Hacking

High

High

IT personnel

Regular software and hardware updates.

Use of two-factor authentications.

Long term power failure

Low

High

Emergency department

Establishment of power back up systems

Natural events such as flooding and earthquakes

Medium

Medium

Emergency Department

Establishment of evacuation protocols for personnel and data back up systems in offsite location

Malicious software uploads

Low

Medium

IT personnel

System restoration protocols.

References

Maglaras, L. A., Kim, K. H., Janicke, H., Ferrag, M. A., Rallis, S., Fragkou, P., ... & Cruz, T. J. (2018). Cybersecurity of critical infrastructures. ICT Express, 4(1), 42-45.

Esteves, J., Ramalho, E., & De Haro, G. (2017). To improve cybersecurity, think like a hacker. MIT Sloan Management Review, 58(3), 71.

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Ideas & Innovations
Chartered Accountant
Calculation Master
Assignment Solver
Solution Provider
Homework Master
Writer Writer Name Offer Chat
Ideas & Innovations

ONLINE

Ideas & Innovations

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$48 Chat With Writer
Chartered Accountant

ONLINE

Chartered Accountant

I have done dissertations, thesis, reports related to these topics, and I cover all the CHAPTERS accordingly and provide proper updates on the project.

$24 Chat With Writer
Calculation Master

ONLINE

Calculation Master

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$30 Chat With Writer
Assignment Solver

ONLINE

Assignment Solver

I am an academic and research writer with having an MBA degree in business and finance. I have written many business reports on several topics and am well aware of all academic referencing styles.

$31 Chat With Writer
Solution Provider

ONLINE

Solution Provider

This project is my strength and I can fulfill your requirements properly within your given deadline. I always give plagiarism-free work to my clients at very competitive prices.

$31 Chat With Writer
Homework Master

ONLINE

Homework Master

As an experienced writer, I have extensive experience in business writing, report writing, business profile writing, writing business reports and business plans for my clients.

$28 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

End of term prayer - Bus/475 - Prep for taxes quickbooks online - Salmonella - Century theater federal way showtimes - Air force task list - Tamiu course descriptions - Molar mass of alum - Discussion Forum 7 – Preponderance of Evidence: Options Menu: Forum - Shelly cashman excel 2019 module 4 sam project 1a - Fenix are x2 manual - Luton town fc kit 18 19 - Linear approximation tangent plane - Cloud Paper - Tone colour in music - Julius caesar thesis statement - The author to her book - Who is zeebo what does he do at the church - Consumer health a guide to intelligent decisions 9th edition pdf - Students should have phones in school - Square root in word - Global business policies temple university - An end of period spreadsheet includes columns for - Mathswatch circle theorems answers - A student plotted the data from a sleep study - 2020 grade distribution vce - Ul awm style 1015 - Safer Opioid Use Scenario and research article review due 9/22/2020 - Acid base titration discussion of theory - Siemens dipstick color chart - Strategic management in international context - Through the eyes of a child norton 8th edition - Importance of ex post facto research - Assignment: Organizational Culture - Hurren corporation makes a product with the following standard costs - The most popular pizza at pavone's pizza - Amazon in emerging markets pdf - Aladdin light lift parts - Annie's growing organically case analysis - Learning lounge answers - Types of leadership cafs - Ring size 52 in letters - Combining form for pulse - Http www nrtw org rtws htm - Project - 4 Powerpoints + 4 Workbooks (for a Trainer/Coach in a retail business ) - Artemisia gentileschi judith slaying holofernes analysis - Km group of companies - Gd spradlin net worth - Revays auto service harrisburg pa - Spelling for class 4 - ¿quieres un poco de leche con el café, abuela? yo ____ sirvo. - Estate planning 2.7 2 a2 answers - Module 03 Project - Strategy - 5r framework - Grade 7 reading list - Physics data sheet hsc - Shireland hall primary academy - Suppose the baseball hall of fame in cooperstown - Key leadership trait that can assist in managing conflict - COM303 Week 3 Discussion 9 - HW5 - Cranks luscious lemon cake recipe - Paper planes urban dictionary - Implied immunity of instrumentalities - Project management simulation scope resources and schedule solution - Blood vessel, blood pressure and blood components. - 1 discussion due in 24 hours. - Are lupini beans low fodmap - James hardie easylap panel - Roadies xtreme form questions pdf - Literature review fire alarm system - One drawback of using schools as vehicles for cultural transmission is that - Which of the following is not a descriptive statistic - Suave usp - Bus 600 ashford university - A book review example - Cause and effect diagram operations management - Tele root word examples - A capacity cushion is the amount of capacity less than expected demand. - Buffalo wild wings code of ethics - Hw 8 - Comparative economics - Imitative new entry involves offering a radical new product or highly innovative service. - Umuc last day to withdraw - Security Architecture & Design - Barack obama leadership style ppt - Chemistry Final Test. - Chapter 1 critical thinking exercises - Where did julian jumpin perez go to high school - Gibbs 1988 reflective cycle book - Kurt schwitters picture with light center - B stands for bronco benz bmw bass lyrics - Determine the missing amounts in the following accounting equations - Volume of 3d shapes - Boys and girls alice munro questions and answers - 54 pounds to euro - Calculate activation energy from slope - 14 jenkins avenue myrtle bank - Gambotto v wcp ltd summary - International student advisor swinburne