CIS-217ProjectPart3

pdf

School

Georgia Military College *

*We aren’t endorsed by this school

Course

217

Subject

Computer Science

Date

Dec 6, 2023

Type

pdf

Pages

Uploaded by xpexpert8

1 Project Part 3: Auditing, Monitoring, and Incident Handling Name Georgia Military College CIS 217-20101 Cyber Information Security Professor Veal November 16, 2023

2 Plans can be a lifesaver when a company or even a single person is trying to improve their security. Unauthorized activities, whether on purpose or accidentally, can cause panic, resulting in more harm than good. On a positive note, the damage and stress that stems from these activities can be lessened if plans are established beforehand. Even plans that simple explain the steps taken can be beneficial. Georgia Military College can improve their security process by providing an outlined plan for security auditing, providing an outlined plan for security monitoring, providing an outlined plan for handling a security incident, and describing how these plans could address confidentiality, integrity, or availability. The first plan in question is an outlined plan for security auditing. Before auditing can begin, one must be aware of how exactly the system or systems are supposed to work. Starting off for the auditing plan, the internet is a focus for the audit. This network connection can be accessed by staff and students who use the college’s computer labs, their own device s, and computers that the staff and professors were provided with. A foundation for the auditing progress is competence, which can greatly “affect the quality and the value of an audit” (Nearon, 2005, p. 32). Due to the already high demand for an internet connection, it is important that both students and staffs can access the internet to do their duties. Now that it is known that the internet connection is on the list to be audited, the next step to prepare for the audit is to see what is expected for the network. Since the internet is required for teachers to access Moodle, a website that Georgia Military College uses for classroom management, and for students to submit assignments, the WI-FI on campus grounds is expected to run smoothly, quick, and provide access to much needed websites. The next step would be to familiarize oneself with previous documents and logs to see if any issues had been recorded before. One important document that can be reviewed is the results of a penetration test. Since a report of weaknesses is

3 listed, the auditor can see what bases need to be touched on (Kim, 2016). The next step is to collect data by asking people who use the network about any issues to perform security testing. This step allows the auditor a little peak of what current issues that have arisen between audits. The last step is the actual audit process. Since the focus of the audit is on the internet connection, the antivirus software is the first to be checked on. After making sure that all antivirus software is updated, the auditor can check if the software is still running smoothly. One more area that should be checked is the access controls. It is possible to limit what websites a network can access, so if Georgia Military College has these controls set up, the auditor will be able to check if those websites are still locked behind a firewall. Security monitoring is meant to detect unwanted behavior so that they can be stopped and protect the network that students, staff, and teachers have access to. The “[f ailure] to protect network systems can lead to dangerous and unpleasant situations, such as a decrease in the speed of access..., the capture of personal data by criminals or... the commission of a cybercrime incident ” (Farkhad et al, 2023). The first tool to take advantage of when monitoring the network is baselines. As stated before, it is important to know how a system is supposed to work. When it comes to monitoring, it is important to know what is considered normal. After what is considered normal is identified, the next step is to set up alerts or alarms for when the normal changes. This provides a quick notification to reach the users when something might be wrong. The final step to security monitoring is setting up real-time or non-real-time monitoring. A real-time monitoring example that would be included is data loss prevention, which can help prevent human errors . Data loss prevention systems “prevent unauthorized end users from sharing [the data]” and “prevents users from using external storage services” (Kim, 2016). A monitoring system that is constantly running to prevent users from adding sensitive data to public clouds

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

4 will help prevent human errors. As for the other type of monitoring, keeping up with application logging is key. When sensitive data is altered, the application log keeps track of who edited the data. The first step of handling a security incident is to stay calm. Panicking will provide no help. Assuming the incident is an attack, the first move would be to identify it. Since internet access is important to Georgia Military College, using a DDoS (distributed denial of service) attack as the example can result in great practice for the future. After identifying the incident as a DDoS attack, the next steps to follow would be to contact the ISP, understand the nature of the attack, monitor other network assets, and use mitigations ( “Understanding and Responding ,” 2022). Contacting the ISP would allow the college to see if the internet provider was the target or if the college was the target. Understanding the attack's nature will allow an understanding of it which can be used to stop the DDoS attack. By monitoring other network assets, it allows to see if the attack was meant to put a stop to the network or if it could be used as a distraction for something else. Finally, using mitigations is meant to reduce the severity and seriousness of the situation which would make it more controllable. Each plan is meant to address confidentiality, integrity, or availability. The security auditing plan focuses on availability since Georgia Military College needs an internet connection. The security monitoring plan addresses integrity due to the non-real-time tool that keeps track of who edited data. S ince confidentiality “is disclosed to those authorized,” the final plan of how to handle a security incident would best match it (Fanelli, 2016). When there are issues with security, it is not a very public matter. The issue is kept quiet to avoid a panic and only those that could help are involved.

5 In conclusion, an outlined plan for security auditing, monitoring, and handling issues allows a detailed look into how to process the situation at hand. The comparison of the security plans to the CIA Triad shows that having a plan allows one to know how to handle security issues before and after they happen will pay off. By having a plan of action ready, panic will not have a significant impact when trying to fix the issue. The plans listed previously allow Georgia Military College to improve their security which keeps sensitive data that was been collected safe.

6 Reference Fanelli, R. (2016). Cyberspace Offense and Defense. Journal of Information Warfare , 15 (2), 53 – 65. https://www.jstor.org/stable/26487531 Farkhad, D. R., Firdus, E., Firdus, M. G., Kamal, A. V., & Terlan, A. T. (2023). Wi-Fi Networks. Cyber Security Monitoring System. Journal of Pharmaceutical Negative Results , 14 (2), 1027 – 1031. https://web.s.ebscohost.com/ehost/pdfviewer/pdfviewer?vid=4&sid=65158547-a68a- 4812-b03b-b108ce4220a7%40redis. Kim, D. (2016). Fundamentals of Information Systems Security, Bundle (3rd ed.). Jones & Bartlett Learning. https://bookshelf.vitalsource.com/books/9781284128567 Nearon, B. H. (2005). Foundations in Auditing and Digital Evidence. CPA Journal , 75 (1), 32 – 33. https://web.s.ebscohost.com/ehost/pdfviewer/pdfviewer?vid=4&sid=a6222793-fc2e- 4808-894e-304316c93215%40redis. PDF File. “Understanding and Responding to Distributed Denial -of- Service Attacks.” (2022). CISA . https://www.cisa.gov/sites/default/files/publications/understanding-and-responding-to- ddos-attacks_508c.pdf. PDF File.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Related Documents

IT234_Jose Gonzalez_Unit6.docx

Midterm Marketing Project Instructions_V1 (2).docx

[Lab-Pentest] Metasploit RAT.docx

Practice Q&A Questions.pdf

CIS-217ProjectPart1.pdf

Assignment 5 - Jonatan.pdf

Discussion 7 post.docx

CIS-217ProjectPart2.pdf

F23_HW6_arule_student.docx

6.2.11 Practice Questions.pdf

merkle trree.docx

ques1btree.docx

Recommended textbooks for you

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

Fundamentals of Information Systems

Computer Science

ISBN:9781305082168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Information Technology Project Management

Computer Science

ISBN:9781337101356

Author:Kathy Schwalbe

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning