Question

In: Computer Science

Question 1 Describe the roles of change management, security enforcement, accountability, monitoring, and auditing for a...

Question 1

Describe the roles of change management, security enforcement, accountability, monitoring, and auditing for a successful security operations management. Provide real-world examples.

Question 2

List and describe common technical and regulatory steps of a forensic investigation from beginning to the end.

Solutions

Expert Solution

1. Roles can be understood as follows:

Change management:

This is the core of security operations and all other strategies that go with it. Change management deals with firewall changes, rules and regulations, updating them and editing them when needed. It also deals with modifications of configuration of the systems. This helps in ensuring that security operations are being executed in collaboration.

For example, if there is a need for warehouse distribution, the organization will have to create placement for the current situation and make sure that new distribution is secure.

Security enforcement:

It makes sure that networks and servers along with databases and applications are not compromised. It deals with incidents related to security and other analysis activities.

For example, in case of computer breach, the enforcement team will make sure that all the systems are shut down and the network doesn't accept any data from the outside.

Accountability:

This is a very significant part of security operations. The teams working with the operations should know certain roles and responsibilities that make sure that security is assured. They should also be aware of the guidelines and expectations from the systems.  

For example, while deciding for a new network infrastructure for the organization, it is essential that everyone understands their roles and who to contact in case of emergency.

Monitoring:

Regular monitoring helps keep the posture of security operations in check. It not only helps in detecting the threats but also fixing them and preventing them from further occuring in the future.

For example, in an organization where there are supply chains, monitoring will help in understanding if the solutions are delivered to the clients on time.

Auditing:

Auditing, if defined properly, can help understand the potential threats. It also helps in assessing the performance of security operations. The risks can be identified and prioritized.

For example, in financial organizations, external auditing is also critical because there is a need for ways to ensure that internal regulations are met.

2. Three main Forensic investigation steps:

Identification:

There are different types of investigations in forensics. It is important to identify the type and purpose. Based on the goal of investigation, the resources are identified. There can be memory related resources, screen related, and so on.

Preservation:

Once the resource and type is identified, the data is extracted from the resource. It is ensured that it is kept separately and isolated from other outside influences. It is secured in a protected way and preserved for further analysis.

Analysis:

Analysis would mean that data is analysed by identifying the tools and strategies to be used. It also includes processing data and getting some output. The results or output is again analysed and interpreted.

Documentation:

The results of analysis are documented along with the camera shots. Sometimes sketches are made and mapped to the original devices. Photographs of subcomponents are taken as well.

Presentation:

Once documentation is done, a summary is prepared and it is presented in understandable form with facts.


Related Solutions

"IT Security Policy Enforcement and Monitoring" Please respond to the following: Describe how monitoring worker activities...
"IT Security Policy Enforcement and Monitoring" Please respond to the following: Describe how monitoring worker activities can increase the security within organizations.  Describe the rationale that managers should use to determine the degree of monitoring that the organization should conduct. Explain the extent to which you believe an organization has the right to monitor user actions and traffic. Determine the actions organizations can take to mitigate the potential issues associated with monitoring user actions and traffic.
Describe the various roles of the nurse and the ways in which these roles facilitate change.
Describe the various roles of the nurse and the ways in which these roles facilitate change.
Describe the various roles of the nurse and the ways in which these roles facilitate change....
Describe the various roles of the nurse and the ways in which these roles facilitate change. Leading & Management in Nursing 5th Ed. Author: Patricia S. Yoder-Wise
Q1. Define information security Q2. Describe the information security roles of professionals within an organization
Q1. Define information securityQ2. Describe the information security roles of professionals within an organizationQ3. Explain these Necessary tools: policy, awareness, training, education, technologyQ4. Explain why a successful information security program is the responsibility of both an organization’s general management and IT managementQ5. Identify the threats posed to information security and differentiate threats to the information within systems from attacks against the information within systemsQ6. Differentiate between laws and ethicsQ7. Explain the role of culture as it applies to ethics in...
Enterprise Risk Management (ERM) is directly related to auditing. Describe the relationship between ERM and auditing....
Enterprise Risk Management (ERM) is directly related to auditing. Describe the relationship between ERM and auditing. Why is ERM important to an organization?  
Briefly describe the role of credit ratings and monitoring as methods of asset management for a...
Briefly describe the role of credit ratings and monitoring as methods of asset management for a bank. Are these methods aimed at solving the adverse selection or moral hazard problem? Explain briefly.
1. List and describe the extended characteristics (Six Ps) of information security management.
1. List and describe the extended characteristics (Six Ps) of information security management.
Identify and Describe the four functions of management. planning, organizing, Controlling/ Monitoring, and Leading. 
Identify and Describe the four functions of management. planning, organizing, Controlling/ Monitoring, and Leading. 
1. Critically discuss the importance of monitoring and evaluation in project management.
1. Critically discuss the importance of monitoring and evaluation in project management.  2. According to the characteristics of a project, it is said that a project should have a primary sponsor. Discuss the responsibilities and qualities of great sponsor. 
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security...
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security Engineering and 2) IETF SACM. Consider for your Analysis and Conclusions utilizing the NIST enterprise levels: • Level 1: Organization • Level 2: Mission/Business Processes • Level 3: System
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT