Unit 9 Lab Recommend It Security Policies To Help Mitigate Risk

350 words - 2 pages

Unit 9 Lab Recommend IT Security Policies to Help Mitigate Risk

1. Which IT assets did you prioritize as critical to administrative or student computing?
I prioritize the file servers and the teachers’ notebook as critical to administrative and student computing.
2. List your top five (5) risk exposures for which you believe this school should have specific risk mitigation strategies.
- No firewall
- Unauthorized access to school computers
- Open connections on the WLAN.
- The principals traveling notebook can carry a virus
- wireless access ...view middle of the document...

This includes students, teachers, physical access, layout of the school and property, security measures as defined by FERPA, HIPAA, etc. A password policy needs to be in place that stresses complexity, minimum length (recommendations) and recycling or expiring passwords. This could be accomplished with a minimum length of 8 characters, one being a capital letter, one being a number, and one being a special character. Physical security should be setup in a way that there are locked, secured doors to all entrances of the school (roof, side, non-viewed storage or work areas, etc.)

4. True or False. FERPA compliance law is about protecting the primary data of students including personal information, grades, and transcripts. The law itself defines a privacy requirement but it does not specifically address security controls and security countermeasures.
5. Given that student privacy data is typically housed within administrative computers, systems, and databases, what can you do to mitigate the risk exposure that student or someone on the student or school’s network can access these systems?
A multilayered strategy combats new threats and can reduce costs while keeping students safe.


Other assignments on Unit 9 Lab Recommend It Security Policies To Help Mitigate Risk

Project Proposal Essay

1718 words - 7 pages reduce the risk, the Sleep Lab will be a safer work environment. Outputs Stakeholders Stakeholders involved in this project include: All staff in the Sleep Lab as employees of AHS AHS and their values WHS advisor as content expert Andrea, unit manager, as coach and key project coordinator Clients who are indirectly affected Activities In order to successfully complete this project, a series of chronological activities must

Document Essay

315 words - 2 pages strategy to ensure data integrity? True 5) Organizations that require customer-service representatives to access private customer data can best protect customer privacy and make it easy to access other customer data by using which of the following security controls? 6) The _______ is the weakest link in an IT infrastructure. 7) Which of the following security controls can help mitigate malicious e-mail attachments? 8) You can help


310 words - 2 pages Larry Brown IS3350 Unit 9 Assignment 1 24 May 2914 Risk Mitigantion The most effective risk management practices used by project management in the public and private sectors. The methods described here are appropriate for public- and private-sector project owners’ representatives, including senior managers, program managers, project directors, and project managers. The primary objective of this report is to provide DOE project directors

Lab 3

252 words - 2 pages Lab 3 Assessment Questions & Answers 1. What two access controls can be set up for Windows Server 2003 folders and authentication? Authentication & Access Control 2. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? Security Policy 3. What is the Windows tool that allows you to administer granular policies and

Safety Analysis Of A High Voltage Test Lab

5236 words - 21 pages to identify potential safety and health hazards within the lab and apply engineering controls, administrative controls and personal protective equipment to mitigate the hazard. This assessment was accomplished through the use of risk assessment, deviation analysis, job safety analysis, HAZOP and fault tree analysis following a five step method. Each hazard was quantified based on the consequence and the probability of occurring and classified

It General Controls Risk Assessment Report

1551 words - 7 pages Security, the FCC IT audit team has set the overall assessed level of ITGC risk as medium. The presence of an IT strategic plan, which has been developed by a cross-departmental committee, helps mitigate the high level of risk associated with the amount of deficiencies that were found within BCP and Data Security. But considering the importance of Data Security to the integrity of the financial statements and to the firm as a whole, we can not recommend the audit team take a fully controls-based audit approach.


3778 words - 16 pages those assessment questions that you identified as “Not Complete” and “In Progress” on the Security Questions worksheet. iii) After entering the Likelihood level and magnitude of Impact levels, the spreadsheet will automatically calculate the Risk Level. iv) It is common for organizations to first review and mitigate the High & Moderate Risk levels identified. 4) Risk Mitigation Implementation Plan. Excel Document. It is the sixth

Wgu Capstone

8774 words - 36 pages perpetuated by the companies neglect in maintaining basic industry standards when it comes to security. The new ISMS plan will help alleviate the gaps that are present by providing written policies and documentation that users can readily access. The implementation of ISMS will put in place the security controls that will help secure access to customer’s information and documentation. Project Design Scope All organizations

Risk Management

421 words - 2 pages This paper covers the basics of IT risk assessment. To learn more about this topic we recommend taking the SANS SEC410 IT Security Audit and Control Essentials course, available both online and via live classroom training. 2 Introduction The fundamental precept of information security is to support the mission of the organization. All organizations are exposed to uncertainties, some of which impact the organization in a negative

Information Systems Security

3283 words - 14 pages needs strong security and access controls because users can access company-wide systems, applications and data from the LAN Domain. This is where the third layer of defense is required. This defense protects the IT infrastructure and the LAN Domain and helps mitigate certain risks, threats and vulnerabilities that it detects. The most commonly found risk and threats that are found within the LAN Domain are unauthorized access to the LAN itself

Lab Four

639 words - 3 pages Lab #4 – Assessment Worksheet Implement Organizational-Wide Network and WLAN Access Controls Lab 4 Assessment Questions & Answers 1. What risk exposure are you subjecting your Microsoft Windows systems to by opening up ports on your internal firewall? Buy opening ports in your firewall it is allowing people access to you network and if anybody that trys to get in figures out the port they can potentially gain access to your

Similar Documents

Unit 9 Lab 1 Essay

586 words - 3 pages Task 1 1. The Cisco RV220W Firewall is a hardware firewall that doubles as a router. It has VPN security to allow safe access from remote computers and offices. It also protects against cloud based threats. ZoneAlarm is a software two-way firewall and also comes with backup software. It monitors your programs constantly and should a virus or malicious program make it through it catches it immediately. Task 2 1. Panda, Norton, and

It Securityspecialization Essay

567 words - 3 pages stringent access controls and encryption for connectivity to corporate resources from home? 8. Which domain requires annual security awareness training and employee background checks for sensitive positions to help mitigate risks from employee sabotage? 9. Which domains need software vulnerability assessments to mitigate risk from software vulnerabilities? 10. Which domain requires acceptable use policies (AUPs) to minimize unnecessary

Ethical Hacking And Network Defense Unit 2 Assignment

1705 words - 7 pages _____________________________________________ Lab #6 Design and Implement IT Security Policies to Help Mitigate Risk – FERPA Compliance Case Study Course Name: Computer and Network Security Student Name: Instructor Name: Lab Due Date: 05/07/2013 Lab Assessment Questions & Answers 1. There are 5 steps to the ethical hacking process. The first step is reconnaissance, which involves gaining information about the target system

Lab #3: Case Study On Pci Dss Non Compliance: Cardsystems Solutions

559 words - 3 pages 6. What security policies do you recommend to help with monitoring, enforcing, and ensuring PCI DSS compliance? They should have had the firewalls in place that had monitoring built in to it, their website should have watched much more closely, and antivirus that would have protected their servers. Also they should have blocked all ftp ports 7. What security controls and security countermeasures do you recommend for CardSystems