SEC 402 Midterm Exam

Strayer SEC 402 Cyber Security, Midterm Exam, Cybersecurity: The essential body of knowledge
Exclusive and Original document Available only on Course Answer

Download Now
(sent via email)

Discussion 1

Identify three of the most important benefits derived from performing an effective risk assessment and explain the relationship between the risk assessment and the development of a preparedness plan. Explain why a preparedness plan is critical for operations. 1. Recognize and control hazards in your workplace. 2. Create awareness among your employees- and use it as a training tool as well. 3. Set risk management standards, based on acceptable safe practices and legal requirements. 4. Reduce incidents in the workplace. 5. Save costs by being proactive instead of reactive. The relationship between the risk assessment and development of the preparedness plan is that the risks will allow you to see where there are vulnerabilities. Each threat needs to be identified, addressed and detailed in the plan, along with the strategy to be taken. This plan is critical for operations because time equals money. Downtime to the company will mean loss of profits. Each threat is addressed and specific steps are spelled out for employees to follow when the crisis occurs. This will prioritize the events in the order of which poses the greatest harm to the company. In addition, the plan can be reviewed and updated as the company grows and new threats are determined. • Provide two examples that demonstrate how preparation plans could ensure effective crisis management operations. Describe two risks that could surge if crisis management is not planned adequately. Preparation plans would be effective in providing continuity for the business regarding hot and cold sites. It’s important for companies to have a data recovery option. Hot sites are more expensive but provide instant back-up and operate in parallel with the business. This would allow for an easy transition in the case of a hurricane or other natural disaster. A cold site is less expensive but will provide the company with the latest data back-up. There will be data lost but cold sites are less expensive. Either site will offer the company crisis management operation afterwards. Training in the way of drills and exercises is another important factor so everyone knows their role and what to do. If crisis management is not planned for adequately, one risk that could surge is the loss of business assets. This could affect the company’s stock price on the market and the company could face potential bankruptcy. Stiff fines or penalties could also arise if data was not available for auditing purposes.

Discussion 2

Provide three examples that demonstrate how a well-preoared incident resoonse team (IRT) may minimize damages that an oraanization may exoerience after a disaster. 1. Identifying where an attack came from and what sort of attack it was, through network protocol analysis. 2. Assuming control of all network assets that were compromised as a part of the attack and running digital forensic software on these assets. This will provide information on the where the attack came from and what the attackers were trying to do. 3. After action report. Provide an after action report to leadership. This will provide a lessons learned and this knowledge can be used to ensure that an attack of that magnitude does not occur again. Two measures that could be used in order to validate actions of the IRT would be, would be network auditing and grey hat penetration testing. Both would oversee the security of the network, by testing our network security stance. Three factors that should be anaylzed when planning for incident management would be, classification of data on the network, Identifying assets that hold higher classified information, and what personnel has the need to know certain types of information on the network. Three activities that should be performed when planning for incident management would be network scanning, network protocol traffic anaysis and categories that describe certain types of incidents. I would say categorizing the type of incident would provide the most effective response support because each incident would have a certain type of handling by the personnel on the IRT.