CYB_250_MODULE5SHORTRESPONSE_SABRINA_WYMAN

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

250

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

4

Uploaded by ProfessorOxideSnake114

Report
Wyman 1 Module 5 short response CYB 250 Sabrina Wyman 02/17/2024 In the given situation we was able to conduct a routine security audit in which a breach was then identified. When it comes to trying to explain the
Wyman 2 given situation to senior management we would need to detail the information into terms that can be relatable to the staff and not just those trained within the IT fields. This scenario could be best described as a break- in at the store using this example will allow the management to understand the situation they are facing. By using terms and examples that are more relatable to other non-IT employees we are able to deal with the situation in a timely manner instead of spending more time just trying to explain the IT terminology of it all. When looking over this breach there are two CIS controls that I would suggest in implementing. These CIS controls are CIS control 6 and CIS control 10. I chose these two controls because CIS control 6 is an access control management where as CIS control 10 concerns the use for malware and ransomware technology. CIS control 6 is a critical component when it comes to maintaining information and system security as well as restricting the access to assets based on their role and need. This alone would allow for a greater security control over information and restricts the number of users that are able to destroy or simply corrupt sensitive information. With the addition of CIS control 10 we are able to have something that would lay out the minimum requirements when it comes to security to ensure the companies malware defenses are up to the job. In today’s world implementing and maintaining any form of malware protection is essential for any business’s technology outlook. All businesses could fall victim to
Wyman 3 threat actors in order to steal sensitive data. Having the proper protection would not only protect the company but also the clients of that company. Two-factor authentication has also become a very reliable security blanket in today’s world as it allows for an extra layer of protection on all business and personal related information. Putting in an RSA encryption tool like key fobs would add that extra layer between the hacker and the information that is being protected. To add onto the use of a key fob companies can even add on another two-factor authentication by requiring a unique pin making cracking the system just that much harder. Using multiple methods of two- factor authentication secures the information more making it less likely to even be attacked as it would be impenetrable. When it comes to security there are so many possibilities as you could even add on a virtual private network also known as VPN. VPN’s allows for a private connection on its own network so that only people with access to that VPN has access to such sensitive information. VPN software employees its own encryption known as the handshake encryption also known as RSA encryption in order to ensure that the connection to the VPN is truly secure. Many VPN servers today have adopted the RSA-2018 encryption which allows for leverage against decryption due to the larger size. Finally, when it comes to TLS/SSL connections a secure hash algorithm is used to authenticate the data and if the authentication was to fail then those connection would be exposed to being a victim of an attack.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Wyman 4 Works Cited Center for Internet Security . (n.d.). Retrieved from CIS Critical Security Control 6: Access Control Management: https://www.cisecurity.org/controls/access-control-management Center for Internet Security . (n.d.). Retrieved from CIS Critical Security Control 10: Malware defenses: https://www.cisecurity.org/controls/malware-defenses Kaspersky . (2024). Retrieved from What is VPN? How it works, types of VPN: https://usa.kaspersky.com/resource-center/definitions/what-is-a-vpn

Related Documents

SMTP Project.docx
CMGTCB 554 IT Infrastructure International Plastics Inc Network Diagrams.docx
CYB 250_STEPPINGSTONETWO_SABRINA_WYMAN.docx
IT 226 4.1 Activity Blog Post for Revision(1).docx
CMGTCB 554 IT Infrastructure International Plastics Systems Management Plan.docx
CYB_250_FINALPROJECTMILESTONE_SABRINA_WYMAN.docx
CYB_250_MODULE2SHORTRESPONSE_SABRINA_WYMAN.docx
Mario Crosby - Chapter 3 Labs.docx
CYB 230 Module Four Lab Worksheet finished.docx
CYB 230 Module Five Lab Worksheet finished.docx
top 10 cloud computing.docx
CMGTCB 554 IT Infrastructure IT Infrastructure Overview Part 1.docx