CYB 260 7-3 Project Three KOCH
.docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
260
Subject
Business
Date
Jun 22, 2024
Type
docx
Pages
5
Uploaded by CorporalGoldfish2212
7-3 Project Three: Service Level Agreement Requirement Recommendations
James Koch
August13, 2023
CYB-260 Legal and Human Factors of Cybersecurity
Instructor: Aubrian Smith
Introduction
This brief is written for the partnership between Helios Health Insurance (COMPANY) and Fit-vantage Technologies (CLIENT) for hosting services for product or custom software development. The service level agreement (SLA) defines the relationship, service scope, availability, management, exceptions, and reimbursement. The SLA also covers some CIS Controls, which are best practices for securing IT systems and data.
The purpose of this brief is to provide requirement recommendations for the SLA and the approach to meeting the requirements. The brief will focus on two controls related to social engineering attacks, which are cyberattacks that exploit human psychology and behavior. The brief will also describe a training program for a specific social engineering threat.
Control One: Controlled Use of Administrative Privileges
This sub-control is from CIS Control 4, which is covered by the SLA. This control reduces the risk of unauthorized access or misuse of sensitive data and systems by limiting administrative accounts. Administrative accounts have elevated privileges or permissions to perform tasks that regular users cannot. These accounts are often targeted by attackers who want to gain full control.
The recommended control type is policy, which is a formal document that defines the rules, roles, responsibilities, and expectations for managing administrative privileges. The implementation of this policy will meet the SLA requirements by:
Reducing the risk of unauthorized access or misuse of sensitive data and systems by limiting administrative accounts.
Enhancing the accountability and traceability of administrative actions by enforcing strong authentication and auditing mechanisms.
Aligning with industry best practices and compliance standards for securing administrative privileges.
Control Two: Train Workforce on Identifying Social Engineering Attacks
This sub-control is from CIS Control 17, Section 6, which is covered by the SLA. This control increases the awareness and skills of employees on how to recognize and respond to social engineering attacks, such as phishing, vishing, baiting, pretexting, etc. These attacks can take various forms, such as emails, phone calls, text messages, fake websites, etc. These attacks can cause serious damage, such as data breaches, financial losses, reputation harm, legal liabilities, etc.
The recommended control type is procedure, which is a step-by-step guide that describes how to perform a task or activity. The implementation of this procedure will meet the SLA requirements by:
Increasing the awareness and skills of employees on how to recognize and respond to social engineering attacks.
Testing the effectiveness and measuring the susceptibility of employees to social engineering attacks by using simulated campaigns and providing feedback and guidance.
Updating the training content and frequency based on the latest trends and techniques used by attackers, and incorporating lessons learned from real incidents.
Training Program: Social Engineering Spies
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
Alex owns a shop that sells customized BMX bikes. Each one is uniquely tailored to the rider. The products are unique one-offs, made by an outsourced company to individual designs agreed between Alex and a designer from the outsourced company.
In WEEK 26, Alex discusses with the manufacturer a design for a new bike. Alex and the manufacturer agree on a specification and an order is placed with the manufacturer.
A. Calculate how long it will take before the BMX bike is available for sale in Alex's shop. That is, what is the Lead-Time between Alex placing order with her manufacturer and being able to display the item for sale in her shop?
The information you need to calculate the Lead-Time is as follows:
To design the bike 2 weeks
To raise the order for the parts for the bike 1week
To manufacture and deliver all the parts of the bike 4 weeks
To assemble the bike 2 weeks
To deliver the finished product to Alex’s shop 1 week
B. What will be the week number when the Bike can be…
arrow_forward
Pls help ASAP for both
arrow_forward
Which of the following is a VOID contract?
Question 5 options:
A)
A contract by a 17 year old to purchase a computer.
B)
A contract by a repair shop to repair a car.
C)
A contract by an 18 year old to purchase a motorcycle.
D)
A contract by a 22 year old college student for the purchase of a vacation for a week when school is not in session.
E)
None of the selections is a void contract.
arrow_forward
None
arrow_forward
need the answers for 3.15 and 3.16
arrow_forward
A and B signed a contract according to which A will develop a system for B. The contract states the details of the system to be developed, the acceptance criteria, and the delivery schedule. It does, however, not state the amount to be paid by B. (a) Is the contract valid or not, and (b) why?
arrow_forward
1) Pre-tender planning:
a. Selection of site
b. Estimate and evaluate predicted risks in the project.
c. Pool the companies past experiences knowledge and
specialists.
d. None of the above
2) Project Consultant is responsible for:
a. Site preparation
b. Supervises and coordinates the work in the project
c. Writing Claims
d. None of the above
3) The estimated time required to perform an activity, is known as:
a. Total float time.
b. Independent float time.
c. Free float time
d. None of the above
4) Organizing of a project is:
a. Arrangement of resources
b. Directing of workers
c. A controlling system
d. None of the above
5) Project manager
a. Must have a signed contract
b. Can start before having a signed contract
c. Not responsible for this
d. all of the above
2
6) The total estimated cost required to perform a project , is known as
a. Budget
b. Fund
c. Cash flow
d. All the above
7) Subcontractor may be :
a. Electrical contractor
b. Specialist contractor
c. Painter
d. all of the above…
arrow_forward
What is the minimum cost of crashing the following project at Sawaya Robotics by 4 days?
NORMAL
TIME (DAYS)
CRASH TIME
(DAYS)
5
4
ACTIVITY
Design (A)
Wiring (8)
Chip install (C)
7
5
3
4
7
2
2
4
NORMAL
COST
300
900
500
CRASH
COST
1,100
1,200
350
975
575
Software (D)
Testing (E)
The minimum cost of crashing the following project at Sawaya Robotics by 4 days is $1,875 (enter your response as a whole number).
IMMEDIATE
PREDECESSOR(S)
1,300
1,650
A, B
с
arrow_forward
The management of Pearson Institute of Higher Education (PIHE) has decided to run a registrationpromotion to give students some discount on their fees. The promotion is as follows:• Complete Registration at least two weeks before resumption, 5% discount is given• Up to 70% payment and black south African, 5% discount is given• Complete payment onsite, 5% discount given
1.2 Draw a decision table to represent your decision tree
1.3 Represent your decision table in a structure English
arrow_forward
V
what is feasibility Report ?Define when and why we need it And also define who prepare this document.
arrow_forward
Activity 1 - My Consumer Product
Procedure
1. Choose a
communication, transportation and agriculture.
consumer product that is available in the field of medicine,
2. Fill-in the table with correct information.
Data and Results
Area or Field
Consumer
Some
Use
Level of
Cost
Product
Chemical
Safeness
Components
(Chemical
Formula)
Medicine
Communication
Transportation
RUFFA MAE C. DAGAMI
martija.ruffa0709@gmail.com
09267229472
Instructor
Agriculture
arrow_forward
A company is anxious to sign a 3-year software operation contract for an ERP (Enterprise Resource Planning) software package. The company has already acquired experience in the provision of software operation services for the ERP package. The multinational organization suggests paying a lump sum for user support, corrective and adaptive maintenance tasks, and a separate payment for functional improvements, based on the characteristics of each request. The pressure from the Sales Department to immediately sign the contract left little time to prepare a proposal, and practically no time for a contract review. What risks are entailed by neglecting to hold a contract review?
arrow_forward
oTB Midterm Exam Spring 2022 - Word (Unlicensed Product)
File
Home
Insert
Design
Layout
References
Mailings
Review
View
O Tell me what you want to do
A Share
Clipy
fomat Pter
AabbccDd AabbCeDd AaBbC AaBbCet AaB AabceD AatbceDd Aatbcod oro
I Normal 1 No Spac Heading 1 Heading 2
Pin
BIU
X, xA
Title
Subtitle Subtie Em Emphasis intense E
Cloboard
Fent
Paragraph
Shyles
O PRODUCT NOTICE Most.of the features of Word have been disabled becase it hasnbeen activated
Activate
18. What critical thinking mistake(s) are present in the following comment? "Our biggest
competitor is spending more on marketing than we are. They have a larger share of the
market. Therefore, we should spend more on marketing."
a. Non sequitur
b. False cause
c. Appeal to tra
d. None of these
(7)
Accessibity. Good to go
10:38 AM
P Type here to search
50'F Sunny A
BANG LOUS
arrow_forward
Warehouse:
5. Causes of accidents in a store and some suggestions for avoiding them.
arrow_forward
A valid contract:
Question 6 options:
A)
must be executed in duplicate.
B)
must be made between two corporations.
C)
must be for the same price that is charged in other similar contracts.
D)
All of the above.
E)
None of the above.
arrow_forward
Equipment ExpensesAnalyze the cost differences for a project that needs the use of a trencher Compare the cost differences between renting and buying—amortizing the purchase price over a five-year period Which would be the best approach, renting or purchasing?
Explain how equipment expenses differ from other installed construction items, such as lumber and steel What unique accounting aspects need to be considered when estimating equipment used in a construction estimate?
Submission Requirements:Submit a Word document with the following specifications:
Font: Arial, size 12, double-spacing
Citation style: APA
Length: 2–3 pages
arrow_forward
How can this situation be prevented from occurring again?
arrow_forward
Description of measures implemented/Please provide specific information per each contract (for PV plant) related to the following aspects: emergency response, site security, safety, construction facilities and temporary Services, hazardous materials, archaeological discoveries/chance finds, conduct of employees, human rights, forced labour, resettlement action plans, and any other relevant Environment ,Social ,Health and Safety aspect related with the contract (for PV plant) and measures implemented
arrow_forward
Your company has been awarded the contract for the construction of a 1km long cable-stayed bridge on a national highway crossing a river. Due to cultivation on both sides of highway, very restricted space of only 100m in width and 250m in length is available on both sides of highway. To mobilise the site, your management has asked you, as their Contracts Manager, to prepare your plan for the site documentation contract and subcontract management, including templates for detailed records to be maintained. 600 Words, with harvard reference style
(Contract Management question )
arrow_forward
I need help with 12.13.
Chapter 12, problem 13.
arrow_forward
Please describe the major clauses for aircraft lease agreement.
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Purchasing and Supply Chain Management
Operations Management
ISBN:9781285869681
Author:Robert M. Monczka, Robert B. Handfield, Larry C. Giunipero, James L. Patterson
Publisher:Cengage Learning
Related Questions
- Alex owns a shop that sells customized BMX bikes. Each one is uniquely tailored to the rider. The products are unique one-offs, made by an outsourced company to individual designs agreed between Alex and a designer from the outsourced company. In WEEK 26, Alex discusses with the manufacturer a design for a new bike. Alex and the manufacturer agree on a specification and an order is placed with the manufacturer. A. Calculate how long it will take before the BMX bike is available for sale in Alex's shop. That is, what is the Lead-Time between Alex placing order with her manufacturer and being able to display the item for sale in her shop? The information you need to calculate the Lead-Time is as follows: To design the bike 2 weeks To raise the order for the parts for the bike 1week To manufacture and deliver all the parts of the bike 4 weeks To assemble the bike 2 weeks To deliver the finished product to Alex’s shop 1 week B. What will be the week number when the Bike can be…arrow_forwardPls help ASAP for botharrow_forwardWhich of the following is a VOID contract? Question 5 options: A) A contract by a 17 year old to purchase a computer. B) A contract by a repair shop to repair a car. C) A contract by an 18 year old to purchase a motorcycle. D) A contract by a 22 year old college student for the purchase of a vacation for a week when school is not in session. E) None of the selections is a void contract.arrow_forward
- Nonearrow_forwardneed the answers for 3.15 and 3.16arrow_forwardA and B signed a contract according to which A will develop a system for B. The contract states the details of the system to be developed, the acceptance criteria, and the delivery schedule. It does, however, not state the amount to be paid by B. (a) Is the contract valid or not, and (b) why?arrow_forward
- 1) Pre-tender planning: a. Selection of site b. Estimate and evaluate predicted risks in the project. c. Pool the companies past experiences knowledge and specialists. d. None of the above 2) Project Consultant is responsible for: a. Site preparation b. Supervises and coordinates the work in the project c. Writing Claims d. None of the above 3) The estimated time required to perform an activity, is known as: a. Total float time. b. Independent float time. c. Free float time d. None of the above 4) Organizing of a project is: a. Arrangement of resources b. Directing of workers c. A controlling system d. None of the above 5) Project manager a. Must have a signed contract b. Can start before having a signed contract c. Not responsible for this d. all of the above 2 6) The total estimated cost required to perform a project , is known as a. Budget b. Fund c. Cash flow d. All the above 7) Subcontractor may be : a. Electrical contractor b. Specialist contractor c. Painter d. all of the above…arrow_forwardWhat is the minimum cost of crashing the following project at Sawaya Robotics by 4 days? NORMAL TIME (DAYS) CRASH TIME (DAYS) 5 4 ACTIVITY Design (A) Wiring (8) Chip install (C) 7 5 3 4 7 2 2 4 NORMAL COST 300 900 500 CRASH COST 1,100 1,200 350 975 575 Software (D) Testing (E) The minimum cost of crashing the following project at Sawaya Robotics by 4 days is $1,875 (enter your response as a whole number). IMMEDIATE PREDECESSOR(S) 1,300 1,650 A, B сarrow_forwardThe management of Pearson Institute of Higher Education (PIHE) has decided to run a registrationpromotion to give students some discount on their fees. The promotion is as follows:• Complete Registration at least two weeks before resumption, 5% discount is given• Up to 70% payment and black south African, 5% discount is given• Complete payment onsite, 5% discount given 1.2 Draw a decision table to represent your decision tree 1.3 Represent your decision table in a structure Englisharrow_forward
- V what is feasibility Report ?Define when and why we need it And also define who prepare this document.arrow_forwardActivity 1 - My Consumer Product Procedure 1. Choose a communication, transportation and agriculture. consumer product that is available in the field of medicine, 2. Fill-in the table with correct information. Data and Results Area or Field Consumer Some Use Level of Cost Product Chemical Safeness Components (Chemical Formula) Medicine Communication Transportation RUFFA MAE C. DAGAMI martija.ruffa0709@gmail.com 09267229472 Instructor Agriculturearrow_forwardA company is anxious to sign a 3-year software operation contract for an ERP (Enterprise Resource Planning) software package. The company has already acquired experience in the provision of software operation services for the ERP package. The multinational organization suggests paying a lump sum for user support, corrective and adaptive maintenance tasks, and a separate payment for functional improvements, based on the characteristics of each request. The pressure from the Sales Department to immediately sign the contract left little time to prepare a proposal, and practically no time for a contract review. What risks are entailed by neglecting to hold a contract review?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Purchasing and Supply Chain ManagementOperations ManagementISBN:9781285869681Author:Robert M. Monczka, Robert B. Handfield, Larry C. Giunipero, James L. PattersonPublisher:Cengage Learning
Purchasing and Supply Chain Management
Operations Management
ISBN:9781285869681
Author:Robert M. Monczka, Robert B. Handfield, Larry C. Giunipero, James L. Patterson
Publisher:Cengage Learning