SEC 402 Developing the Forensics, Continuity, Incident Management, and Security Training Capacities for the Enterprise

Strayer SEC 402 Cyber Security, Case Study 2, Developing the Forensics, Continuity, Incident Management, and Security Training Capacities for the Enterprise, 7 pages, 1555 words, Graded A. Cybersecurity: The essential body of knowledge
Write a five to seven page paper in which you:
1. Consider that Data Security and Policy Assurance methods are important to the overall success of IT and Corporate data security.
a. Determine how defined roles of technology, people, and processes are necessary to ensure resource allocation for business continuity.
b. Explain how computer security policies and data retention policies help maintain user expectations of levels of business continuity that could be achieved.
c. Determine how acceptable use policies, remote access policies, and email policies could help minimize any anti-forensics efforts. Give an example with your response.
2. Suggest at least two models that could be used to ensure business continuity and ensure the integrity of corporate forensic efforts. Describe how these could be implemented.
3. Explain the essentials of defining a digital forensics process and provide two examples on how a forensic recovery and analysis plan could assist in improving the Recovery Time Objective (RTO) as described in the first article.
4. Provide a step-by-step process that could be used to develop and sustain an enterprise continuity process.
5. Describe the role of incident response teams and how these accommodate business continuity.
6. There are several awareness and training efforts that could be adopted in order to prevent anti-forensic efforts.
a. Suggest two awareness and training efforts that could assist in preventing anti-forensic efforts.
b. Determine how having a knowledgeable workforce could provide a greater level of secure behavior. Provide a rationale with your response.
c. Outline the steps that could be performed to ensure continuous effectiveness.
Exclusive and Original document Available only on Course Answer


Download Now
(sent via email)



Discussion 1

Analyze the importance of having acceptable use policies, remote access policies, and network security control policies. Choose one acceptable use policy, remote access policy, or network security control policy and give three reasons why you believe this policy is an effective way to manage network security. The Acceptable Use Policy (AUP) is an important policy to manage network security. Assessing vulnerabilities also includes the users who access and use information systems. That being said, users represent a liability that must be policed. According to a 2012 study by Symantec & the Ponemon Institute, 64% of data breaches were due to human and system errors (Oiavsurd, 2013). Another report by IBM {Security Services 2014 Cyber Security Intelligence Index) stated that 95% of IT breaches are because of human error (Oihorst, 2014). 1. AUP’s places personal accountability on the users and makes them accountable for their actions. An AUP will list all prohibited actions. AUP’s usually explains the consequences of non-compliance. That’s why you must sign and acknowledge the AUP prior to accessing the network. 2. The AUP educates users on preventive measures for proactive cybersecurity such as password management. It also provides guidance on suspected malicious activity and breaches. 3. AUP’s promotes a culture of security minded personnel within the organization. In conclusion, the AUP supports the management of network security by focusing on the users, a potential security risk. Through education, acknowledgement, and awareness of proper computer usage and etiquette, the AUP is a policy every organization should use and enforce. Olavsurd, T. 2013. Most Data breaches caused by human error, system glitches. CIO. http://www.cio.com/article/2384855/comoliance/most-data-breaches-caused-by-human-error-system- alitches.html Ohlhorst, F. 2014. IBM says most security breaches are due to human error. TechRepublic. http://www. tech re public.com/a rti cle/ibm-says-most-secu rity-breaches-a re-eu e-to-h u rna n-erro r I •Assess the risks and threats that may occur if these policies are underdeveloped or unavailable. Recommend three technical appliances that may be used to implement a network security function within your assessment and justify your recommendations. Not having an AUP or having an underdeveloped policy can lead to problems. The AUP should be updated regularly to be applicable for current and potential threats. Also, user best practices should be included. The following are three technical appliances that may be used to support the network security function: 1. Password Management. Receiving auto messages signaling the user to change their password at the prescribed time. Ensuring the password is strong and meets organizational standards. Regular password changes also reminds the user the security is an ongoing process. 2. Configuration Management. Ensuring software is configured properly with security features enabled. 3. Firewalls establish the level of access all security levels (p.297).

Discussion 2

Determine three reasons why an organization should define the boundaries of control, identify personnel security functions based on risks, and manage change within the workforce. Select what you believe to be the most important reason and explain why. Boundaries of control need to be identified so that evezyone is clear on what is being protected, and what isn’t. This is true for both physical and virtual locations. It is also important to identify personnel security functions based on risk too. By doing so, job functions are provided with the ability to do their job, but not all jobs. Lastly, managing change to the workforce is important as well. Onboarding and offboarding employees is important so that they don’t retain access to resources when they are no longer working for the firm, and that they are given appropriate accesses when they join. These things are important for several reasons. By embracing these three solutions, security continues to be threaded throughout the working company and not just in a vision statement somewhere. Of all of them, however, I would rank boundaries of control the most important. Without identifying what you’re protecting and what you aren’t, the rest of them don’t mean as much. Propose three activities that could be performed by the Human Resources Department to screen and hire personnel effectively. Choose one activity you proposed and justify how it would support personnel security functions. They could perform a background check, an immigration status check, and a drug test. The background check would identify criminal and legal proceedings and help to identify whether they have a criminal or troublesome background.