CYB 200 Module Four Activity V.Thibodeaux

docx

School

CUNY John Jay College of Criminal Justice *

*We aren’t endorsed by this school

Course

MISC

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by VET0003

Report
CYB 200 Module Four Activity Template User name Patient information Employee information Access to the SaaS Access to backup logs Norman None None View , Create, Modify, Delete (User Accounts) View Ryhead None None View (Demo Only) None Simone None View View None Janet None None View, Create, Modify, (User Accounts); View, Modify, Delete (Backup Logs) None Dale View, Create, Modify None View None Ethan View None View View After you have completed the table above, respond to the following short questions:
1. What changes could be made to user roles through implementation of least privilege to better support that security design principle? (Hint: Refer to the characteristics in the user job roles and characteristics table in the scenario, and consider the characteristics that may be contradictory.) Several changes could be made to better support the least privileged: Norman: Remove the ability to delete user accounts without an override code. Ryhead: Limit dummy user accounts to view only. Simone: Keep employee records private unless necessary. Janet: Limit ability to view, modify, and delete backup logs. Dale: Provide access to patient information but restrict the ability to modify it without an override code. Ethan: Keep the system and backup logs restricted to view only, without editing or deleting. 2. What is the importance of this tool to you as a security analyst in managing and protecting the environment? Provide an example.
Providing a clear representation of user roles and their access rights is crucial for managing and protecting the environment. The tool allows me to identify and manage potential access conflicts, ensure compliance with the least privilege principle, and mitigate the risk of unauthorized access. I can assess Ryhead's access in the matrix, for instance, in order to prevent unintended changes to patient information and backup logs. I can also review user access privileges to ensure that they are only able to access the information they need. Furthermore, I can track changes in the access matrix and investigate any suspicious activity.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

1 - ICTNWK540 Student Assessment Guide.docx
ICTNWK537 A1 - AjayY#1 .docx
lab_10_worksheet.docx
CYB_200_Project_Two_Victoria_Thibodeaux.docx
CYB 200 Module Three Case Study V. Thibodeaux.docx
CYB_200_Project_One_Victoria_Thibodeaux.docx
Assignment 1 2023.docx
Data base assignment.docx
Assignment_2.docx
Unit 2 Activity - Part 1.pdf
Homework #14- Excel Illustration #3.pdf
W7A3 Converting codes using Data Mapping tool.docx