Question

In: Computer Science

You are the Chief of Cybersecurity Operations at a National Palace. Your organization will host a...

You are the Chief of Cybersecurity Operations at a National Palace. Your organization will host a Gala for distinguished visitors. Discuss how you would plan and what you would consider in order to keep the event Cyber secure.

*2 page answer

Solutions

Expert Solution

The cybersecurity operations plan which I would like to operate under my leadership is as below:

Guidelines For Security Policies:

For the security policies, there are certain things to be always taken into consideration, we will discuss all of them as we dive in deep. So here we go,

  1. Knowing The Risks:
    • It is the most important part while creating security policies to know what risks are there in the system.
    • How the information is been manipulated at the client as well as the server end. Hence, making the process more secure as data is the part for which security is always compromised.
  2. Knowing The Wrongs Done By Others:
    • Knowing that the organizations who have been gone through the certain risks which reside in your system. Learning from the mistakes made by others is always the most effective way of setting guidelines.
    • The guidelines to the security policy consist of the most probable wrong things that each and every organization with similar risks are been doing.
  3. Keeping Legal requirements in mind:
    • Many times organizations completely forget about the legal requirements that are been required by the officials.
    • Hence, keeping the legal jurisdictions, data holdings and the location in which you reside is also most important.
    • Recently, this has been the case with Facebook's most controversial data theft.
  4. Setting the level of security:
    • The level of the security that is been planned must always be kept in mind with the level of risks that are been residing in the system.
    • Excessive security in the system can also cause hindrance to the smooth business operations and hence, overprotecting oneself can also be a cause to the problem.

Hence, this is the cyber strategy operation plans that must be pertinent to the above situation.

Port Security:

Maintaining the ports according to the needs is one of the most important things which one should consider while listing down the systems to be secure. As it is going to be one of the most important and major parts of port security.

There are certain steps which one should follow for port security which I believe works for every organization:

  • Limiting the number of devices on most of the switch ports is to be done in each organization.
  • Also using MAC ADDRESSES in the organization must be limited to a certain level of work procedure.

Now, coming to the techniques in securing ports are as follows:

  • Making Use of Dynamic MAC Addresses:
    • It becomes important to dynamically configure and also secure the MAC addresses of the devices which are been connected to the certain ports.
    • The addresses must always be stored in the address table so as to keep the data secure and also in working mode.
    • In this technique, we also stay away from forwarding traffic from unspecified devices or devices which are not known to the network.
  • Using Static MAC Addresses:
    • It is one of the most useful methods as it secures the MAC addresses by statically configuring each of them with the switch port.
    • The MAC Addresses are also stored in the address table.
    • The static configuration of the network is been stored by default while using port security.
    • The table which stores addresses can be made permanent by actually saving them to the startup configuration.
  • Using Sticky MAC Addresses;
    • In this, a technique the MAC addresses are used as hybrid addresses which are being dynamically learned from most of the devices which are being connected with the switch port.
    • The addresses are also being put in the address table and are also been entered into most of the running configuration that is static secure MAC addresses.
    • The MAC addresses are also lost if they are not saved in the startup configurations.

Hence, these are technologies that can be used to reduce port vulnerability.

How can encryption be used to ensure the integrity and maintain data privacy?

  • Encryption is one of the best techniques which can be used by a user so that the data gets encrypted and decrypting is not the thing which is easy and also with certain attacks it could take a lot of time to even decrypt single encryption.
  • It will help in managing the integrity of the data by keeping the data consistent with the help of the encryption that takes place in the systems. It takes a lot of time and brain to break the code which most of the attackers don't like doing unless and until it is juicy enough to get them millions of bucks.

The basic encryption algorithm and how it works.

  • The most basic encryption algorithm that is been used is AES(Advanced Encryption Standard). It is one of the most standard algorithms which is been trusted a lot and follows the standards that are been set by the American Standards.
  • The main advantage of the algorithm is that it uses very less RAM and works very efficiently. It can be used for many variants which include 128,192,256 bits.
  • In AES, there are basically 10 rounds which are been used for 128-bit keys. The same key is used for encryption as well as decryption of the data. According to the data, until now there are no attacks which are been discovered to be effective in AES.
  • Hence, it remains the safest algorithm for encryption and is been used on certain devices and transmission technologies. It is mostly used for wireless connections authentication.
  • While going on with the encryption one must always be sure about what is being used and what is to be encrypted. The user base is going to handle the data.
  • The more important the data, more security for the data. This means that the algorithm like Triple DES etc. must be used if data is too confidential and can harm a lot of people if leaked.
  • There are also certain factors to which the system relies on. Hence, the algorithm must be full proof of attacks and the security must be to the ultimate level.

Security Implementation:

  • The system must implement a firewall with honeypots for advanced security. In the firewall, there must be both the hardware and software version installed as both the version have some disadvantages over each other.
  • Hence, it will nullify each of the disadvantages and can be used for different calibers in the system. As the software firewall can be used for adding rules and all the administrator stuff.
  • And, the hardware firewall can be used to gain security for the packets that are entering the network and exiting the network. The honeypots will come in action before the firewall.
  • What honeypots actually do in such conditions, the honeypots acts as a real system faking the attacker as, if, his attack has been a success. Honeypots can be considered as a mirage to our actual system.
  • Hence, the attacks information can be later on used for upgrading the actual system and securing it from the discovered vulnerabilities or loopholes.

Hence, this is what one must do for ensuring the illegal activities in the network as serving the network to a large number of people becomes difficult to manage while making use of the above techniques can prove to be a big success in maintaining the cybersecurity in the premises.


Related Solutions

You are an intern in the Cybersecurity Operations Office for the new National Youth Social Media...
You are an intern in the Cybersecurity Operations Office for the new National Youth Social Media Administration. You just graduated from the Webster University Cybersecurity Program and you want to impress your supervisors in order to have a greater opportunity for a promotion. Discuss your proposal for a Cybersecurity strategy for this new national office.
In an organization there are four Hosts (i.e. Host A, Host B, Host C and Host...
In an organization there are four Hosts (i.e. Host A, Host B, Host C and Host D) connected to a Router (i.e. Router0). Explain in your own words (a) what happens when each of the four Hosts send a broadcast (b) How many broadcast domains are on the Router0? (c) If the Router (i.e. Router0) is replaced by a hub, how many broadcast domains are on the hub? (d) If the Router (i.e. Router0) is replaced by a switch, how...
If you are the Chief Executive Officer of a successful organization and the shareholders tell you...
If you are the Chief Executive Officer of a successful organization and the shareholders tell you in order increase the profits by another $260M over forecast, you need to layoffs 9 people. What will you do? Explain the pros and cons of your actions for a. yourself, b. employees, and c. shareholders. Write (typed) 2-3 good paragraphs about it and it should be in favor of layoffs. Thank you
If you are the Chief Executive Officer of a successful organization and the shareholders tell you...
If you are the Chief Executive Officer of a successful organization and the shareholders tell you in order increase the profits by another $260M over forecast, you need to layoffs 9 people. What will you do? Explain the pros and cons of your actions for a. yourself, b. employees, and c. shareholders. Write (typed) 2-3 good paragraphs about it and it should be in favor of layoffs. Thank you
Describe what is National Initiative for Cybersecurity Education (NICE) Framework? As a leader, how can you...
Describe what is National Initiative for Cybersecurity Education (NICE) Framework? As a leader, how can you use a NICE framework at your place of work? Do provide two examples to support your points.
Scenario: You are the Chief Executive Officer [CEO] of a health services organization. This organization has...
Scenario: You are the Chief Executive Officer [CEO] of a health services organization. This organization has inpatient and outpatient facilities, home healthcare services, and other services that meet your patient population’s needs. It also has a world-renowned AIDS treatment center. The organization has always enjoyed an excellent reputation and its quality of care is known to be excellent. Unfortunately, your organization has recently been featured in every media vehicle known to man. The reason: Someone downloaded the names of 4,000...
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements...
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements and system test cases with pass/fail criteria. Refer to the "Framework for Improving Critical Infrastructure Cybersecurity," located within the Course Materials. Then, include the following in a report:(Hint..The professor wants us to use table 2 of the cybersecurity framework(CSF) to answer this question.I know the question has to do how some of the controls of the protect function of CSF cannot work for mobile...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a large courier company in Ghana. Your company has 16 regional offices (terminals) scattered around the country in each of the regional capitals and a main office (hub) located in the capital city of the country. Your operations are strictly domestic. You do not accept international shipments. The day at each terminal begins with the arrival of packages from the hub. The packages are loaded...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a large courier company in Ghana. Your company has 16 regional offices (terminals) scattered around the country in each of the regional capitals and a main office (hub) located in the capital city of the country. Your operations are strictly domestic. You do not accept international shipments. The day at each terminal begins with the arrival of packages from the hub. The packages are loaded...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a...
You are the Chief Operations Officer responsible for overall company operations in ATCHULO Company Ltd, a large courier company in Ghana. Your company has 16 regional offices (terminals) scattered around the country in each of the regional capitals and the main office (hub) located in the capital city of the country. Your operations are strictly domestic. You do not accept international shipments. The day at each terminal begins with the arrival of packages from the hub. The packages are loaded...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT