CYB_220_7-2
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
220
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
2
Uploaded by JusticeJellyfishPerson10226
CYB 220 Module Seven Project Three
CYB-220
15 October 2023
The employment of the Fundamental Security Design Principles is essential for
designing security mechanisms for a procedure and assisting in preventing security flaws
and unwanted access. Least privilege is the assurance that an entity only has the minimal
amount of privileges to perform their duties. There is no extension of privileges to senior
people just because they are senior; if they don’t need the permissions to perform their
normal everyday tasks, then they don’t receive higher privileges (Tjaden, 2015). Based
on this I am employing least privilege because I believe it is the best design to keep data
secure by keeping the chance for human error down with role-based security mechanisms
and segments for data.
A recommended network protection approach to properly secure the network would
be using both a host-based and network-based firewall due to the vast amount of
employees and various segmented networks with sensitive information that requires
protection. I recommend a network-based intrusion prevention system (NIPS) combined
with a host-based intrusion detection system (HIDS). NIPS could have potential problems
if it's not configured properly like network outage, disruption, or slowdown therefore has
a high complexity and time needed to set up correctly but only takes moderate skill
development to maintain. The reason to go with NIPS as our intrusion prevention system
is that it is good for various types of systems in a network when having the ability to
identify and discern. Also when paired with the detection system we need anything on the
network to be stopped instead of just found as sometimes when the detection system finds
the problem it's too late to take action. The cost for this would be high but I believe it to
be worth its effectiveness. HIDS is not as effective as a prevention system but it will save
on the overall cost of the deployment and HIDS can handle encrypted data flows which is
extremely important when dealing with sensitive data.
Recommended resources for NIPS would be using Snort as it is a free open-source
application that will help lower the overall cost. Using Snort to perform real-time traffic
analysis will allow us to see who is trying to access unauthorized areas and provide
packet logging. These features actively block any malicious activity. There is also an
option for rules subscription which comes with pre-configuration rules and priority
response if the budget is higher. Resources for HIDS I recommend would be an open-
source Wazuh that combines anomaly and signature-based technologies in a hybrid
method that can be installed on any OS and configured with the same policies as other
users. It also has implemented modules that help the security administrator find
anomalies in the network on the IDS server and are easy to configure on host devices.
References
Network Intrusion Detection & Prevention System
. Snort. (n.d.).
https://www.snort.org/
Tjaden, B. C. (2015). Appendix 1: Cybersecurity first principles. Retrieved from
https://users.cs.jmu.edu/tjadenbc/Bootcamp/0-GenCyber-First-Principles.pdf
Wazuh. (2023, August 29).
Open source XDR. open source siem.
https://wazuh.com/?
gclid=CjwKCAjwjuqDBhAGEiwAdX2cj7NbsQZBIDOj0fZ7q51lB1aOFMNjz7JcyJW4f
E1IP6Vz_67GpAKfOBoCV8QQAvD_BwE
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help