$20 Bonus + 25% OFF
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!
Add File

Error goes here

MN604 IT Security Management

tag 0 Download8 Pages / 1,812 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT

Questions:

1.For the organization MIT, what are the controls (technical, physical or administrative) that you will implement to make it secure and fulfills the CIA triad within the university and departments and when contacting the internet? (Provide a figure for your controls and explain why using them). Please note that you have to mention technical/physical and administrative controls. 

2.What kind of risks that you might accept (not to implement controls for them) and why? For the risks that you either decided to accept, or for the unexpected risk, how do you plan to handle them?                           

3.Give an example of a duty of the Incident response planning, Disaster recovery planning and Business continuity planning when having an unexpected event.                                                               

4.Refer back to any resource to explain the difference between Host Intrusion Detection System(HIDS) and Network Intrusion Detection System (NIDS)? 

5.Literature review on signature based detection and anomaly based detection?   

Case Study (1): Victim of Social Engineering

Throughout the process, the auditor found countless examples of lax information security throughout the organization. There was a lack of a coordinated security policy, and the policies in place were not being followed. While reviewing the notes, the auditor noticed that a contractor requested the TMS server address over the phone. Further follow up revealed that a system administrator gave out the server address to a contractor because the contractors were in the middle of upgrading servers. The administrator also mentioned that the contractor requested the password, but the administrator didn’t feel comfortable sharing the password on the phone and asked the contractor to stop by the office – but the contractor was a no show. From the description of the events, the auditor felt it was a social engineering attempt. Social engineering is when a hacker attempts to gain access to sensitive information by tricking a person into giving it to them. The immediate recommendation of the auditor was to focus on the contractor’s activity in the organization.

Over the next few weeks the story unfolded and all the pieces of the puzzle were put together. It was eventually proven that the contractor stole the information. The contractor was hired to oversee the upgrade of servers on the storage network. While doing this, she learned about the transaction management system. She knew PII could be sold on the black market and thought the lax security at TKU would enable her to get away with stealing data without any repercussions. Her only obstacle was access. Since she only had access to the storage network, she needed a way to get access to the transaction management server. That’s when she called the system administrator and got the IP address and tried to get his login credentials. Once she got the IP address, she was able to utilize the free tools available on the Internet to scan the system and get the username and password with administrative access. It took her only a matter of minutes to get this information.

The password was only three characters long and didn’t use any numbers or special characters. With her new administrative permissions, she was able to export the PII.

Write a Memo that discusses the serious of the situation and highlight key breaches, including ITSec recommendations.

Case Study (2): Data Breach

Early one morning, Don was ushered into a closed door meeting with the Chief Finance Officer, the CIO, and an external security auditor he hadn’t met before. In the meeting Don learned that large amount of data, including the PII, was exported from the system. The previous day Gary was going through the logs to see if the patch he applied worked correctly, and he noticed that someone in the administrator group had exported a large amount of data at an odd time. Gary reasoned that no one should be accessing the system at 2am, and he was concerned because a large amount of data was exported. After bringing up the issue to management, it was decided that the Finance division would investigate the issue. Therefore, the responsibility to figure out exactly what happened fell on Don. He was asked to work with an auditor to find out exactly what happened.

Don left the meeting feeling overwhelmed and disconcerted; he knew nothing about security practices and he wasn’t happy about working with the auditor. He had recently inherited the system and didn’t know much about it. He did know that he had to find the source of the leak before more student information was lost and he knew his job might be on the line.

Download Sample Now

Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.

Upload
Unique Document

Document
Under Evaluation

Get Money
into Your Wallet

Total 8 pages, 1 USD Per Page

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2021). IT Security Management. Retrieved from https://myassignmenthelp.com/free-samples/mn604-it-security-management/administration-controls.html.

My Assignment Help (2021) IT Security Management [Online]. Available from: https://myassignmenthelp.com/free-samples/mn604-it-security-management/administration-controls.html
[Accessed 19 September 2021].

My Assignment Help. 'IT Security Management' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/mn604-it-security-management/administration-controls.html> accessed 19 September 2021.

My Assignment Help. IT Security Management [Internet]. My Assignment Help. 2021 [cited 19 September 2021]. Available from: https://myassignmenthelp.com/free-samples/mn604-it-security-management/administration-controls.html.


For years, MyAssignmenthelp.com has been operating as one of the cheap assignment help providers in the USA. We are one of the best college paper writing services that keep service price minimal. We do not let the affordability of our service to hamper the standard of our work. We have separate teams of experts to provide report writing help . At MyAssigenmnthelp.com, we believe in earning credibility, so students can pay for assignments only after getting satisfied solutions. Tough assignments bother you? Trust us with your project. You will not regret paying us to write assignments for you.

Latest It Write Up Samples

ITC508 Object Modelling

Download : 0 | Pages : 8

Answer: A prototype is the previous approximation of any resulting system or product. The prototyping model has been the SDM or “System Development Method”, where a prototype is created (Karstens et al., 2014). It has been needed to validate system design of “XYZ car parking system” using the interaction diagrams like sequence diagrams or communication diagrams. It should be done for at least two sub-system of this dev...

Read More arrow

1803ICT Information Systems Foundations

Download : 0 | Pages : 11

Answer: Paper 1: Key Design Characteristics for Developing Usable E-Commerce Websites in the Arab World Part 1: A. The Context of the Paper  Research community: In this section of the paper, discussions would be made on the research article entitled “Key Design Characteristics for Developing Usable E-Commerce Websites in the Arab World”.  The paper essentially addresses the Information Technology and Communication...

Read More arrow Tags: Australia Sunnybank Management University of Melbourne Masters in Business Administration 

HI5019 Strategic Information Systems For Business And Enterprise

Download : 0 | Pages : 11

Answers: Introduction Accounting software packages are used by the companies to manage the records related to the customers, financial, investment and etc. These software packages facilitate the organization to manage the entire business activities in the context of financial activities with any flaw (Albrecht, etal, 2010). In this context, the research paper describes, the use of accounting software packages in accounting information systems...

Read More arrow Tags: Australia Emu Plains Management managerial policy University of New South Wales Masters in Business Administration 

ITC561 Cloud Computing

Download : 0 | Pages : 13

Answers: Introduction  The report is presenting description about the migration of web services within the concerned organization named SoftArc Engineering Ltd that operated their business over throughout Australia, Sydney as well as Papua New Guinea. This report is elaborating important benefits ad issues involved within this migration process with respect to their fictional objectives and goals within their selected target market. The...

Read More arrow

INFO6030 Systems Analysis And Design

Download : 0 | Pages : 9

Answer: 1.1 Introduction (System qualities) Serving as the overall system factors, system qualities are the factors that affect the system design in order to influence user experiences and run-time behaviours. In essence, they will represent the concerns that will provide a wider impact on different application platforms and users. For the project at hand, ‘My Health Record’, the system aims to enhance the efficiency of the health...

Read More arrow Tags: Australia Melbourne Management c# programm University of New South Wales 
Next

5% Cashback

On APP - grab it while it lasts!

Download app now

*Offer eligible for first 3 orders ordered through app!

ribbon
callback request mobile
Have any Query?