Skip to Content (press Enter/Return)
preview

Summary: Defense In Depth

explanatory Essay
739 words
Open Document
739 words
  • Small
  • Normal
  • Large
  • Huge
bookmark

DEFENSE IN DEPTH Defense-in-depth involves using multiple layers of controls to avoid having a single point of failure. Computer security involves using a combination of firewalls, passwords, and other preventive procedures to restrict access. Redundancy also applies to detective and corrective controls. Major types of preventive controls used for defense in depth include:  Authentication controls to identify the person or device attempting access.  Authorization controls to restrict access to authorized users. These controls are implemented with an access control matrix and compatibility tests.  Training to teach employees why security measures are important and teach them to use safe computing practices.  Physical access controls to protect entry points to …show more content…

In this essay, the author

  • Explains that defense-in-depth involves multiple layers of controls to avoid having a single point of failure. computer security involves using firewalls, passwords and other preventive procedures to restrict access.
  • Explains that authorization controls restrict access to authorized users are implemented with an access control matrix and compatibility tests.
  • Describes the importance of security training to teach employees how to use safe computing practices.
  • Explains physical access controls to protect entry points to the building, to rooms housing computer equipment, wiring, and devices such as laptops, cell phones and pdas.
  • Explains that remote access controls include routers, firewalls and intrusion prevention systems to prevent unauthorized access from remote locations.
  • Explains digital signatures are hashed documents that have been encrypted with the sender’s private key.
  • Explains that an organization that issues public and private keys is a certificate authority.
  • Explains that preventive controls are never 100% effective, so organizations implement controls to enhance security by monitoring their effectiveness and detecting incidents.
  • Explains log analysis, the process of examining logs which record who accesses the system and the actions they take.
  • Explains that intrusion detection systems (ids) automate the monitoring of logs of network traffic permitted to pass the firewall.
  • Explains that managerial reports can be created to disclose the organization's performance with respect to cobit objectives. key performance indicators include downtime caused by security incidents, number of systems with ids installed, and the time needed to react to security incident reports.
  • Describes vulnerability scans, which use automated tools designed to identify whether a system contains any well-known vulnerabilities.
  • Explains penetration testing, which involves an authorized attempt by an internal audit team or external security consulting firm to break into the organization's is.
  • Explains that a computer emergency response teams (cert), consisting of technical specialists and senior operations management, to deal with major incidents. the cert leads the organization’s incident response process through four steps.
  • Explains that the firewall works with the border router to filter information trying to enter or leave the organization. the access control list determines which packets are allowed in and which are dropped.
  • Explains that web servers and email servers are placed in a separate network outside the corporate network referred to as the demilitarized zone.

It works with the border router to filter information trying to enter or leave the organization. Data is transmitted over the Internet in packets through a protocol called TCP/IP. A set of rules called an access control list (ACL) determines which packets are allowed in and which are dropped. Stateful packet filtering examines the header of each packet in isolation. Deep packet filtering examines the data in the body of a packet to provide more effective access control. Deep packet filtering is the heart of a new type of filter called intrusion prevention systems. Internal firewalls can be used to segment different departments within an organization. Web servers and email servers are placed in a separate network outside the corporate network referred to as the demilitarized zone. Special attention must be paid to use of rogue modems by employees. Wireless access and dial-up modems require special security procedures. Host and application hardening procedures involve the use of supplemental preventive controls on workstations, servers, printers, and other devices. Special attention should be paid to host configuration, user accounts, and software

Get Access
Check Writing Quality
Related
  • explanatory
  • comparative
  • opinionated
  • Policy Enforcement Paper
    explanatory essay
    It was integrated with one platform( three products with various interfaces) and it is beneficial for the admin

    In this essay, the author

    • Explains docave policy enforcer is useful for organizations for responding quickly to unauthorized changes in the security, configuration, and management by frequent monitoring and taking necessary action on the sharepoint environment.
    • Explains that alberta urban municipalities association (auma) simplifies microsoft sharepoint management with docave and saves 75% on administrative expenses.
    • Explains that it is implemented with a fully integrated governance and infrastructure management platform to resolve the challenges which can save 75% of expenses required to hire consultants to help deployment.
    • Opines that it is helpful to connect file shares to sharepoint and enable the end-users to access the files from anywhere.
    • Explains that it has reorganized around 250 websites 90% faster than the sharepoint abilities need while maintaining security settings, configuration, metadata, content and so on.
    • Opines that privacy plays an important role for any organization. it helps to understand the defects or unusual behavior and an immediate proactive response is provided by sharepoint.
    • Describes the tools and resources of the policy, including the online and avepoint software downloads, to assist in policy usage and fraud detection.
    • Explains that avepoint is an independent software vendor that develops, supports governance, manages and compliance software for enterprise systems.
    • Explains that docave is an enterprise-class management platform for sharepoint. the cost of docsve was 75% less than the hiring an expert.
    • Explains that it was integrated with one platform (three products with various interfaces) and is beneficial for the admin.
    • Explains that the admin uses docave content manager to re-arrange the content required for the customers.
    • Explains that administrators can manage and restructure sharepoint data with a minimal interruption to corporate methodologies, by maintaining all configuration, content, security settings, and metadata during task management.
    • Explains that docave linker allows the auma customer to collaborate on network file shares directly via sharepoint without the migration.
    • Explains that sharepoint's superior document management capabilities are applied to content residing in file shares. all permissions for accessing the content are maintained.
    • Explains how auma implemented microsoft sharepoint 2010 in place of file management system with improved features for an organization.
    • Explains that data is being protected at rest or in-motion, around all the information gateways. the information governance and compliance policies assure that the content id classified, secured and also protected.
    730 words
    Read More
  • Chapter 1 Quiz
    comparative essay
    Please read the article “Security Controls for Computer Systems” at the following URL. http://www.rand.org/pubs/reports/R609-1/index2.html 1.

    In this essay, the author

    • Recommends assigning a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity. justify your answers.
    • Describes the three schemes illustrated in figure 2.3.
    • Explains that there is an error in the question, which should read "...as a function of c, k1 and k0..."
    • Asks if h (m) is a collision-resistant hash function that maps arbitrary bit length messages into n-bit hashes.
    • Explains how a phonetic password generator picks two segments randomly for each six-letter password.
    • Explains the dac model's alternative representation of the protection state is a directed graph, where each subject and object is represented by nodes. a directed line indicates an access right.
    • Asks whether there is a one-to-one correspondence between the directed graph representation and the access matrix representation.
    • Recommends repeating the process shown in #1 with a technical issue on access control from the rand report.
    • Explains that an information system used for large acquisitions in a contracting organization contains both sensitive, pre-solicitation phase contract information and routine administrative information.
    • Explains that passwords are selected from four-character combinations of 26 alphabetic characters, and an adversary is able to attempt them at a rate of one per second.
    • Assumes that passwords are limited to the use of 95 printable ascii characters, and that the password cracker has an encryption rate of 6.4 million encryptions per second.
    • Recommends reading the article "security controls for computer systems" at the following url.
    811 words
    Read More
  • Safeguards And Security Case Study
    explanatory essay
    Communication – Being able to answer questions regarding all aspect of security. How security is connected to a DHS. Security technology and advancement, what rewards are offered? How security relates to management goals (Youssef-Morgan & Stark. 2014). Safeguards and security personnel, and to prescribe the policies, plus Responsibilities, and authority for training programs.

    In this essay, the author

    • Explains that training starts with education and qualification, knowledge and skills needed interactions within and without of the organization.
    • Describes a security meeting where the employer and employees can learn different techniques and tools of motivations.
    • Explains how security is connected to a dhs, security technology and advancement, and security relates to management goals. training starts with education and qualification, knowledge and skills needed interactions within and without of the organization.
    • Describes a security meeting where the employer and employees can learn different techniques and tools of motivations.
    • Explains how security is connected to a dhs, security technology and advancement, what rewards are offered, and security relates to management goals.
    • Describes standards that need to be addressed throughout for officers. new skills/goals – learning new task.
    • Explains how to set up surveys and gather feedback for new skill sets and learning tasks based on the direction of all organization needs. cross training to the task and newsletter report on team satisfaction.
    • Explains how paul stewart senior security management implements different procedures of training in a classroom environment.
    • Explains that middle security management mike ward will facilitate training, hr, to hire goal setting employees security supervisors will provide training on polices and procedures with respect to improving the quality of work in terms of providing a good service for customers.
    • Explains that the trainings will be given to all staff members, including full-time and part-timers, and fill-in workers.
    • Explains performance appraisals, security training and development plan, motivation to promote security officers, rewards for job performance, and benefit package.
    • Explains that training is the first resort when any problems are detected. however, training tends to be most effective in resolving ksa deficiencies.
    • Opines that security must be trained in taking responsibilities for every staff member and employee.
    • Proposes training for job specification, job retentions, successful planning tips, and rewards for managers developing their employees. training should be performed at the highest of direction to achieve the desired outcome.
    • Explains that the training is effective by the assessment results and how well managers perform the tasks at hand. the material is relevant to the problem and the timeframe for training will be long enough to net desired outcome.
    • Explains the week timeframe for training will cover all needed materials to achieve desired goals through a necessary level or experience and quality of resources given.
    • Opines that the training must be completed in order to retrieved company loyalty and improve contract services.
    • Explains that the training will last three weeks and have a positive impact on employees. security contracts officers must be trained in customer service.
    • Explains that training needs assessment (tna) is the first stage of the training process.
    • Explains that the next step is to determine the type of training that will most effectively strengthen the specific areas where employees are struggling.
    • Explains that technology is another large part of training, it helps manager and employee doe their jobs properly, and security and management must learn how to utilize their job in the office and field.
    • Opines that technology is vital for all employees to be able to operate and understand all programs within the company.
    • Recommends that supervisors or management assign each worker with a training partner which makes training more effective.
    • Defines self-efficacy as a person's belief about his or her ability to mobilize the motivation, cognitive resources, and courses of action necessary to execute
    • Describes the differences between high and low performing employees on specific competencies. would providing training on those competencies improve employee job performance?
    • Describes osha's safety rules, including ensuring exits are safe, and osha making sure safety plans are carried out.
    • Explains that they communicate about hazards, where chemical are concerned on the job, such as blood born pathogens.
    • Explains that osha enforces rules, maintains accurate records, and inspects workplaces for danger.
    • Explains that a security checklist can help you in the training process and progress. it should summarize the kinds of information discussed above.
    • Opines that a safety management program must be in place to promote safety and well for the security contract employees.
    • Opines that health hazards can be physical, high heat, noise smoking, and the work environment must be designed to protect employees and management.
    • Opines that monitoring employees regarding substance abuse is cost job to lose out and be unproductive. organizations should implement substance-abuse programs for their employees.
    • Explains that security management will help employees who voluntary present their issues to them such as drug or other problems.
    • Explains that workplace security is covered by a wide range of topics, such as hackers, threats of natural disasters, manmade threats, and loss of property.
    • Explains that the eeoc prevents unlawful discrimination in the workplace, disparaging and people being disrespected with words, such as slurs.
    • Recommends that employers provide reasonable accommodations for an employee. behavior issues must be covered, staring with communication.
    • Opines that leadership skill is a plus, and human resources will often have mentoring coaches in place for its employees to sharpen their skills.
    • Explains that hum an resources help worker to increase their leadership abilities, to make sure all approaches are positive.
    • Explains that human resources help coach their clinent and help the employee reach their goals.
    1769 words
    Read More
  • Worldwide Global Case Study
    opinionated essay
    Worldwide need to update or rewrite their security policies. The current policies does not address the vulnerabilities that occurred. All employees should be aware of what types of device are allowed and not allowed on a company network. In addition security forums should educate users on security and regulatory risk employees on using tools outside of company polices. The company should invest in hiring a person that specialized in security.

    In this essay, the author

    • Explains that the repair process starts once a company discovers and acknowledges the incident to the public.
    • Opines that worldwide global did not take the threat seriously at first. the company should have tightened control and monitoring of all network activity coming and going out from the company network.
    • Opines that worldwide global's weakness in handling the incident rested on the ceo. the ceo addressed the issue as a routine malware attack that malwarebytes could correct, but this incident required action from all security agency local and federal government.
    • Recommends updating or rewriting security policies worldwide. employees should be aware of what devices are allowed and not allowed on a company network. security forums should educate users on security and regulatory risk employees on using tools outside of company policies.
    • Describes 6 steps for data breach recovery and prevention - intralinks.
    • Explains that a security breach can have detrimental results on the name, character, reputation, for which the company stands for. it can lead to lost revenue, fines levy or possible closure.
    • Opines that a revised security plan should be addressed annually or bi-annually to meet the constant changes in the cyber threat arena.
    728 words
    Read More
  • Connect Group Case Study
    comparative essay
    Ensure regular patching of systems, network and third party software are current and updated to prevent attackers exploiting vulnerabilities in unpatched, outdated, or unsupported programs.

    In this essay, the author

    • Outlines the recommendations connect group plc should consider to maintain a strong cyber security posture.
    • Advises connect group plc employees to be cognizant of unexpected emails and their authenticity, especially emails requesting urgent responses.
    • Opines that high-level executives should be briefed on the risk of fraudulent email requests and social media information regarding personal details.
    • Recommends regular patching of systems, network, and third party software to prevent attackers exploiting vulnerabilities in unpatched, outdated, or unsupported programs.
    • Recommends deploying a web application firewall, penetration testing, log reviews for suspicious activity, and immediate remediation of any/all vulnerabilities.
    • Explains the incident response plan for responding and containing data breaches before they become a major corporation catastrophe.
    • Explains background checks on all employees and new hires; and vigilant presences monitoring employee/visitor security entry points as a deterrence of any possible insider or outsider threat.
    • Explains employee information security awareness training, in addition to making aware of different security threats, such as phishing/vishing, shoulder surfing, etc.
    • Recommends conducting ongoing information security risk assessments, including access to personal devices, wi-fi access, and physical security.
    • Recommends stringent password requirements and training on the dangerous of password sharing and password protection.
    • Opines that connect group is a specialist distribution company, offering market-leading expertise in various industries. cyber criminals are likely to target the company's applications and systems, as well as email/phone phishing attacks and insider threats.
    • Advises connect group to be advised cyber criminals target the functions and names of executives within organizations in order to send phishing emails to gain access or an advantage to exploit fund transfers and to leak data.
    • Opines that osint research did not yield any damaging information on connect group. however, it yielded numerous newspaper/magazine distribution companies, attacked ranging from denial of service attacks to phone hacking scams.
    • Explains how osint research discovered a post on pastebin regarding fake spammed names/companies spamming out with malicious excel document attached. the companies listed below will not have any involvement in the malware attack.
    • Explains that osint research shows no evidence of any grass roots social media activity against connect group lpc, which may indicate a risk of hacktivism.
    1098 words
    Read More
  • Firewalls: Preventing Unauthorized Access Into a Network
    explanatory essay
    Firewalls are used in businesses to help prevent attacks, mitigate security issues, and provide a sense of known security for the organization. Firewall characteristics are generally the same from firewall brand or vendor to another in that they provide authorized access only into a network. This review will look into the common security features that are present within firewalls and how they are used in daily functions to help prevent issues that threaten organizations.

    In this essay, the author

    • Explains that firewalls are used in businesses to help prevent attacks, mitigate security issues, and provide a sense of known security for the organization.
    • Explains that firewalls prevent unauthorized access into a network by monitoring and enabling / disabling traffic via security policies and procedures.
    • Explains that some attacks bypass firewall level security features such as software based worms, trojans or other malicious software. firewalls generally work off of positive or negative filtering of packets to allow network traffic to pass into the network.
    • Explains that firewalls can be used as a hardware or software based security mechanism to help in user access control to and from an organization.
    • Explains that firewalls feature a characteristic of service control, where policies can be established that either authorize or prevent various forms of internet access for the network it is protecting.
    • Explains that firewalls can implement behavior control to filter email that is sent into or out of a network. mcaffee's newest software firewall provides several filtering characteristics including folder and file encryption check on traffic exchange, social network protection, and more.
    961 words
    Read More
  • Hrm 531 Week 3 Peripherals
    comparative essay
    Employees need to be educated so that they can learn how their individual web browsing habits can adversely affect the company’s network if they are not careful. If employees are not careful, they can accidentally visit websites filled with malware or become victims of phishing schemes. Phishing schemes are another prevalent scam that hackers use to gain personal data and financial information (Somonds, 2008). A hacker could cause serious damage to a business network if an employee unknowingly provides the hacker their network login through a phishing scheme. Educating employees about these potential risks can help reduce this type of intrusion from ever happening and therefor keep the network more

    In this essay, the author

    • Recommends two widescreen monitors for each workstation to increase productivity by allowing employees to have important documents and files displayed on two screens simultaneously.
    • Recommends high-definition monitors for all employees since graphic design is an important part of publishing.
    • Recommends that the publishing company acquire two high quality printers for their day-to-day operations.
    • Advises employees to run category 5 ethernet cables and electrical outlets to their cubicles from the networking closet. the other end of the cables will be routed through the basement or crawlspace and brought up inside the cubicle.
    • Explains that with the electrical and category 5 ethernet cables in place, the publishing company will need additional equipment inside the networking closet to complete its network.
    • Explains that the cable or dsl modem provides the publishing company with the connection out to the internet and will provide the router with a valid internet protocol address. ethernet switches work similar to hubs but they can identify specific information and send it directly to its intended target.
    • Explains that both the laser and inkjet printers will be connected to the switch via ethernet cables granting each work station the ability to print to either printer depending on their needs.
    • Explains the multi-prong defense of the publishing company's computers and network from hackers, viruses, and vulnerabilities.
    • Explains that to improve the security of both the computers and network it is imperative to install antivirus software on every computer or device connected to the network and keep its software up to date.
    • Recommends that employees be educated about network security and any potential risks their actions pose. phishing schemes are another prevalent scam that hackers use to gain personal data and financial information.
    1295 words
    Read More
  • Critical Incident Analysis Essay
    explanatory essay
    Because there is no single solution to protect against all security threats, organizations must evaluate their capability to respond effectively to an incident. Containing a problem rapidly and effectively can make all the difference.

    In this essay, the author

    • Explains that there is no single solution to protect against all security threats, so organizations must evaluate their capability to respond effectively to an incident. containing a problem quickly and effectively can make all the difference.
    94 words
    Read More
  • dadad
    explanatory essay
    In today’s global environment you cannot be too careful. Due to last attack on our network here at Gem Infosys, were the network was shut down for 2 days. It was made the company lose productivity and money. The attack could of ben thwarted if we had an security task force and had a policy in place. I will formulate a policy that can reduce network down time if such attacks should occur again.

    In this essay, the author

    • Opines that in today's global environment, you cannot be too careful. the last attack on gem infosys' network made the company lose productivity and money.
    • Explains that the security incident response team will be a task force that will deal with treats at different levels and shifts.
    • Explains that the task force should institute a redundant back procedure to keep data safe in case of hacks or malware attacks.
    • Explains that the team will set up a honey honeypot that will serve as an early warning system.
    • Explains that the task force members should be notified of security incidents, such as firewall, ids, team members, or network dmin, and encourage staff to report by phone.
    • Explains that in the case of a malware attack, the team or member shall slowing look over every file for damage and delete files that cause the incident.
    • Explains the final piece will be conducting a follow-up on what was detect and the response used. the team member shall document the intrusion by recording what happen to file for example database.
    • Opines that the last attack on gem infosys' network could have been thwarted if a security task force and policy were in place.
    • Explains that the security incident response team will be a task force that will deal with treats at different levels and shifts.
    • Explains that the task force should institute a redundant back procedure to keep data safe in case of hacks or malware attacks.
    • Explains that the team will set up a honey honeypot that will serve as an early warning system.
    • Explains that the task force members should be notified of security incidents, such as firewall, ids, team members, or network dmin, and encourage staff to report by phone.
    • Explains that in the case of a malware attack, the team or member shall slowing look over every file for damage and delete files that cause the incident.
    • Explains the final piece will be conducting a follow-up on what was detect and the response used. the team member shall document the intrusion by recording what happen to file for example database.
    597 words
    Read More
  • Notes On Information Security Vulnerabilities
    explanatory essay
    Avoidance prevents the exploitation of the vulnerabilities. Uncontrolled risks for the vulnerability are eliminated or reduced by applying safeguards. Avoidance can be accomplished by applying policies, training and education, countering threats, and by implementing security control and safeguards.

    In this essay, the author

    • Defines vulnerability as a weakness in the system that allows hackers or attackers to access the information.
    • Explains that vulnerabilities are identified in a cyclic practice known as vulnerability management, which is software vulnerabilities in computing systems.
    • Explains that avoidance prevents the exploitation of vulnerabilities by applying policies, training and education, countering threats, and implementing security control and safeguards.
    • Explains how transference can be accomplished by rethinking how services are offered, outsourcing to other organizations, revising deployment modules, insurance purchasing, or implementing service contracts with providers.
    • Explains acceptance of risk is choosing to do nothing to protect an information asset and accepting any outcome of resulting exploitation. consequences are understood and thus accepting the risk without mitigation or control.
    • Explains that contingency planning is the planned approach for the risks which impractical or impossible. governments and organizations should be well-prepared with a plan, in order to face any catastrophic effects.
    • Explains the importance of a contingency plan, which is developed and implemented to overcome the errors in the routine plan.
    • Explains that an organization must take proper steps in maintaining a contingency plan to assure public safety, business continuity, prevention, and commitment of management.
    978 words
    Read More
Get Access