CYB_400_Module_Four_Activity_Emily_Brooks

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

400

Subject

Business

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by emilyr.1497

CYB 400 Professor Said El Hamdani Emily Brooks 3/31/2024 Module Four Activity A. Assessing a network to maintain security is important for all organizations, this assessment typically includes assessment of multiple networks. How I would assess the enterprise is I would first identify where all the networks are and their locations so I would have a better understanding of the networks communicate with one another. Secondly, I would that all firewalls and anti-malware was implemented, up to date, and functioning properly. Another great way to improve network security is to use IDPS. By using IDPS in network routers it will help identify and prevent attacks that is a threat to the network. B. One way to account for who is on the network is by making sure every employee has their own user profile, this will allow the organization to make sure that every device has the proper firewall and anti-malwares on the devices and block certain websites that could contain adware. A way you can protect the physical security is making sure the server room is locked up with only limited access, keeping lock boxes on network ports in the wall, and making sure the offices are locked up with cameras on all the devices. Using certificates for the network so that only employees have access will add another layer of security for the network and help account for who is using the network.

C. The information I would need to collect for the big picture would be the network and how and what it uses to communicate, the users, devices names and mac addresses, database management, files, security controls, authentication, access control systems, antivirus, spam controls, and firewalls. By monitoring the network and understanding how it communicates I would be able to ensure that the proper tools are being used for protection. Knowing the users and what they have access to help me to ensure that the user only has access to what they need to do their job and their job only. Device names and MAC addresses helps me to identify what exactly is on the network and that it is compatible with our network and the protocols and has the proper antivirus and firewalls on the devices. Database management helps minimize errors established by processes and policies, so knowing how it processes and past errors will help assess the security. Testing for potential vulnerabilities will also help assessing security because it would show if there are any loop holes in the system. D. The biggest challenge would depend on the size of the company. For example, the company I work for has a division manager and under them are three-unit managers. One handles the network and cybersecurity, one handles the databases and testing, and the last keeps up with the assets. So, trying to collect all the information from each of them and making sure it would accurate and up to date would be challenging for sure. If information was not accurate or updated it would put a hold on the assessment until the errors where corrected.

References Performing a security risk assessment. (n.d.). Retrieved from https://www.isaca.org/resources/isaca-journal/past-issues/2010/performing-a-security-risk- assessment

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

CYB_400_Module_Four_Activity_Emily_Brooks

Related Documents