CYB 200 Module Three Case Study Template_KOCH

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

200

Subject

Information Systems

Date

Jun 22, 2024

Type

docx

Pages

6

Uploaded by CorporalGoldfish2212

James Koch January 17, 2023 CYB 200 MODULE THREE CASE STUDY TEMPLATE Instructor: Jillian Seabrook
CYB 200 Module Three Case Study Template After reviewing the scenario in the Module Three Case Study Activity Guidelines and Rubric document, fill in the table below by completing the following steps: 1. Specify which Fundamental Security Design Principle applies to the control recommendations by marking the appropriate cells with an X . 2. Indicate which security objective (confidentiality, availability, or integrity) applies best to the control recommendations. 3. Explain your choices in one to two sentences with relevant justifications. Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) Deploy an automated tool on network perimeters that monitors for unauthorized transfer of sensitive information and blocks such transfers while alerting information security professionals. X C Preventing the transfer of data will prevent the information from being moved. The next step would be to alert the admin to investigate. Monitor all traffic leaving the organization to detect any unauthorized use. X C Monitoring all data helps build a baseline, which will make it easier to anything out of the ordinary and deal with it promptly.
Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) Use an automated tool, such as host- based data loss prevention, to enforce access controls to data even when data is copied off a system. X X C/I This would help find security breaches while ensuring that only approved individuals are allowed access to sensitive information. Physically or logically segregated systems should be used to isolate higher-risk software that is required for business operations. X I Isolation would create a gap between high-risk software and a public system. Make sure that only the resources necessary to perform daily business tasks are assigned to the end users performing such tasks. X A Limiting access to those who need it will help keep the system from getting bogged down and maintain their operational status. Install application firewalls on critical servers to validate all traffic going in and X I App firewalls will ensure all data moving in and out
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help