Blumenstein_E_CST610_Project_4

docx

School

University of Maryland *

*We aren’t endorsed by this school

Course

610

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

9

Uploaded by afeeblemind

Report
CST 610 Project 4 Cyberspace and Cybersecurity Foundations Technical Controls Report for FICBank Prepared By: Elliott Blumenstein Version 1.0
CST610 Page ii Table of Contents Table of Contents ....................................................................................................................... ii 1. Executive Summary .......................................................................................................... 3 2. Technical Control Scope ................................................................................................... 3 3. Technical Control Implementation Details ....................................................................... 3 4. Test and Evaluation Methodology .................................................................................... 3 5. T&E Findings .................................................................................................................... 3 6. Conclusion ......................................................................................................................... 3
CTEC610 Page 3 1. Executive Summary Provide a brief summary of what you were asked to do, what did, and what results were obtained. Be certain to indicate how many controls you implemented, how many passed your test and evaluation. The advancement of technology has improved society significantly. But, with the advancement comes the risks. Technical controls are a necessity for any company. FICBank is looking to determine what technical controls would be the most appropriate. 2. Technical Control Scope Also, include your Predictions here in a separate paragraph. The scope of my technical control implementation for FICBank would encompass a range of measures designed to ensure security, compliance, and efficient operations. The common elements of this scope would include: 1. Cybersecurity measures: a. Firewall and Intrusion Detection system to monitor and protect the network from unauthorized access. b. Installing and maintaining antivirus and anti-malware programs to protect the systems. c. Conduct security audits and vulnerability assessments to identify and reduce potential risks. 2. Data Protection and Privacy: a. Encryption of sensitive data, both in transit and at rest, to safeguard customer information. b. Implement data privacy policies in compliance with relevant regulations (like GDPR, if applicable). c. Secure data backup and disaster recovery procedures to prevent data loss and ensure business continuity. 3. Access Controls: a. Strong authentication mechanisms, possibly including multi-factor authentication, to control access to systems and data. b. Role-based access controls to ensure employees have only the necessary access rights to perform their duties. c. Regularly review and update access rights, significantly when employees change roles or leave the bank. 4. Compliance with Banking Regulations: a. Compliance with financial regulations such as Basel III, Sarbanes-Oxley Act, or local banking regulations. b. Regular reporting and audits to demonstrate compliance with these regulations. 5. Network Management and Monitoring: a. Continuous monitoring of network traffic to detect and respond to unusual activities that could indicate a security threat. b. Regular updates and patches to network infrastructure to address security vulnerabilities. c.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
CTEC610 Page 4 6. Employee Training and Awareness: a. Regular training programs for employees on cybersecurity best practices and awareness of phishing and other social engineering attacks. b. Policies and procedures for reporting security incidents. 7. Customer-facing Technologies: a. Secure online banking platforms with robust authentication methods. b. Implementation of secure mobile banking apps with regular updates for security enhancements. 8. Vendor and Third-Party Risk Management: a. Procedures to assess and manage risks associated with third-party vendors, especially those who handle sensitive data or critical banking functions. b. 9. Incident Response Plan: a. A well-defined incident response plan to address and mitigate the impact of security breaches or data loss incidents. b. System Services/Application EC2AMAZ-O8AHUB0 Cloud Computing CodeMeter Runtime Web application: Used for software licensing and protection X-Server Display graphical problems from a UNIX/Linux machine on your local computer. X11 server Remote Desktop Protocol Cipher Suites Set of cryptographic algorithms; create keys and encrypt information Splunk-free detection system Intrusion Detection System: The infrastructure monitoring tool runs on the remote host and is protected using default administrator credentials. Transport Layer Security Security protocol designed to facilitate privacy and data security. SSH Secure Shell MSRPC Microsoft Remote Procedure Call NETBIOS-SSN Network BIOS Session Service MICROSOFT-DS Used by Server Message Block; network protocol used in Windows networks for sharing resources over a network SENTINELSRM Software license protection system VMRDP Virtual Machine Remote Desktop Protocol MS-WBT-SERVER Microsoft Web Based Terminal Server VNC-HTTP Virtual Network Computing remote desktop protocol for use over HTTP VNC Virtual Network Computing HTTP-ALT Alternate HTTP port
CTEC610 Page 5 3. Technical Control Implementation Details Refer to previous project reports for indications of where systems within the control scope have vulnerabilities or indicators of attack. For each control, you must include the following: Control number: start at 001 and increment Type: preventative, detective, recovery System: the system name, ip address, and operating system Application or Service: the application or service name, version number Implementation Procedure: list the exact steps followed to implement the control 4. Test and Evaluation Plan Write a concise test plan for each control listed in the previous section. Document the plan using the following outline: Control number: use the control number from section 3 above Test procedure: use a numbered list containing the exact steps to be followed in carrying out the control test 5. Test and Evaluation Findings Document how you tested each control after implementation and the results of the test . You can use the following outline: Control number: use the control number from section 3 above Test outcomes: indicate the set of possible test outcomes Screenshot: include a screenshot of the test results with the current day and time clearly visible Testing the technical controls of a small bank involves a combination of regular audits, simulations, and continuous monitoring to ensure that the controls are effective and compliant with industry standards and regulations. Here’s a structured approach to testing these controls: Vulnerability Assessment and Penetration Testing (VAPT): Conduct regular vulnerability assessments to identify potential weaknesses in the bank's systems and network. Perform penetration testing by simulating cyber attacks to test the effectiveness of security measures. Security Audits: Engage external auditors to conduct comprehensive security audits. This includes reviewing policies, procedures, and technical controls. Ensure the audit covers compliance with relevant regulations and standards, like PCI DSS for payment
CTEC610 Page 6 processing, GDPR for data protection, etc. Access Control Reviews: Periodically review and verify access controls and privileges to ensure they are appropriate and adhere to the principle of least privilege. Conduct mock scenarios to test the effectiveness of role-based access controls. Disaster Recovery and Business Continuity Testing: Test the disaster recovery plan to ensure the bank can quickly resume operations after an incident. This may include simulated drills of various scenarios (e.g., data center outage). Review and test backup systems to ensure data integrity and recoverability. Network Security Monitoring and Analysis: Regularly monitor network traffic and analyze logs to identify unusual patterns or potential breaches. Use intrusion detection systems (IDS) and intrusion prevention systems (IPS) to test real-time security monitoring. Employee Training and Phishing Simulation: Conduct regular training sessions on cybersecurity best practices. Simulate phishing attacks to test employees’ awareness and response to social engineering tactics. Application Security Testing: Perform security testing on internal and customer-facing applications, including static and dynamic application security testing (SAST and DAST). Check for common vulnerabilities like SQL injection, cross-site scripting, and ensure secure coding practices are followed. Physical Security Checks: Test physical access controls to data centers and other sensitive areas to ensure they are secure and functioning as intended. Conduct regular inspections of facilities for compliance with physical security measures. Compliance Review: Regularly review compliance with banking and financial regulations. Update and test controls in response to changes in regulatory requirements. Incident Response Drill: Conduct simulated cybersecurity incident response drills to test the effectiveness and timeliness of the bank’s incident response plan. Review and improve the incident response plan based on drill outcomes. Third-Party and Vendor Risk Assessment: Evaluate the security and compliance postures of third-party vendors and partners, especially those with access to sensitive data. Customer Feedback and Interface Testing: Collect and analyze customer feedback on online banking services to identify potential security or usability issues. Test the security of customer interfaces, including online and mobile banking platforms. Regular testing and updating of these controls are crucial for maintaining a robust security posture in the rapidly evolving landscape of cybersecurity threats and regulatory requirements.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
CTEC610 Page 7 6. Conclusion Document your reflections here in a numbered list. Refer back to your predications! Also, include the source question with your response in the format: What is a reflection question? A reflection is an opportunity.
CTEC610 Page 8
CTEC610 Page 9
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Module 4 Mini Case 2.docx
CYS103 WK 1 CIA TRIAD ASSIGMNMENT CYS 103.docx
Blumenstein_E_CST610_Project_3 (1) (2).docx
ElliottBlumenstein_CST610_Project_1_SARS (2).docx
BlumensteinElliott_CST610_Project2 (3).docx
Blumenstein_E_CST610_Project_4.edited (1).docx
Blumenstein_E_CST610_Project_3.docx
Module_3.2.docx
Module_2.2.docx
Module 7_1.docx
Week 5 Discussion.docx
Week 6 Discussion.docx