Question

In: Computer Science

You will need to divide yourselves into one of three groups by choosing one of these...

You will need to divide yourselves into one of three groups by choosing one of these functional areas. Sign into a Security Plan Group. Then you will create an entry where you will post its specific plan

THE THREE GROUPS: PICK ONE
- The protection of intellectual property (Remember Module 3)
- The implementation of access controls (Remember Module 2)
- Patch and change management (See this module)

Describes what processes you would put in place and write 2 - 3 paragraphs

Solutions

Expert Solution

The functional area chosen is,
Security Plan Group:
The implementation of access controls:

Description of processes I would put in place for the implementation of access controls:
In general and from a broad perspective, one should implement access control systems successfully in his/her organization and even everywhere for safety and security of- systems, IT infrastructure, services, etc. Any and all processes involving the implementation of access controls should be strong, simple, easy, useful, helpful, effective, efficient, convenient, safe, secure, adequate, relevant, appropriate, and proper. Access controls should be based on the least privileged access. One (either administrator, user, or a system) should allow access (privileged) to either inside or outside of the organization- users, administrators, partners, customers, contractors, etc., based only on their respective roles, who accesses it, why he/she accesses it, what exactly they want to login in, access, and use it for, what exactly they want to do after they log in and access, what their intention or purpose is to access the systems, how many and much they are trying to do so, when they are doing so, from where they are trying to do so, on which device they are trying to do so, etc. The access provided to someone should be as minimum as possible or the least, and by default they should not be given access to any other systems, services, accounts, resources, subscriptions, machines, etc., not relevant, not useful, not required to perform their respective tasks. This gives administrators, forensic security officers, audit officers, etc, to investigate on the incidents, events, issues, breaches, and make them administer, monitor, manage, and control systems, servers, network, devices, services, accounts, etc., better, effectively, efficiently, easily, and makes it simple for them.

Access control is one of the important elements of security implementation. The typical, important, and common access control process includes, involves, and revolves around identification, authentication, authorization, verification, auditing, and reporting. The different access control types are: logical, administrative, technical, and physical. The main categories for access control are deterrent, directive, preventative, detective, corrective, recovery, and compensating. The different types of access control systems required to be implemented are Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Rule-Based Access Control (RBAC).

One should use Multi-Factor Authentication (MFA), single sign-on (SSO), and Bio-Metric authentication and verification steps or checkpoints for the authentication process. Access control should be used as a measure in order to mitigate an organization's security risks. In general, access control security steps should be applied at every level of the system, IT infrastructure, devices, machines, networks, services, etc., and if possible, should be applied before every action meant to be performed. Understanding, education, and awareness of access control, its importance; its management implications; consequences; breaches and attacks, methods; and techniques, tools, systems, applications, software, hardware, etc., should be made available and should be implemented for everyone associated to the systems and resources.

More technically speaking, Network Access Control (NAC), Identity Management (IDM), Web access control, remote access control, and device or endpoint access control- different, important, and required access control types are needed to be implemented. User identity, device identity or resource identity, and network identity should be implemented. It should be ensured users have access to the right data, systems, and other corporate resources they are authorized to access and use. Proper rules, checkpoints, permissions, approvals should be set, possess, and be met before a user actually accesses a resource. The access control implementation process should address, handle, and reduce false-positive and false-negative cases. Irrespective of login and access success or failures, all logs for the same should be stored and audited. There are many other steps, systems, processes, and technologies that can be implemented and applied for access control. Finally, processes for access control implementation should work based on the very basic, and yet very important principles i.e., Confidentiality, Integrity, and Availability (CIA) of systems, data, and resources.


Related Solutions

You will need to divide yourselves into one of three groups by choosing one of these...
You will need to divide yourselves into one of three groups by choosing one of these functional areas. Sign into a Security Plan Group. Then you will create an entry where you will post its specific plan THE THREE GROUPS: PICK ONE - The protection of intellectual property (Remember Module 3) - The implementation of access controls (Remember Module 2) - Patch and change management (See this module) Describes what processes you would put in place and write 2 -...
There are many ways to decide how to divide advertising groups. Provide a list of three...
There are many ways to decide how to divide advertising groups. Provide a list of three different methods. If you had a product such as a beach ball, what considerations would you make when determining how you were going to divide your ad groups? Please explain in detail.
Divide the data into three groups according to age: under 25, 26 to 49, and over...
Divide the data into three groups according to age: under 25, 26 to 49, and over 50. Use ANOVA to test the claim that all three of these groups have the same mean balance on their Visa card. Be sure to write down the mean and standard deviation for each group! Age <25                                26-49                                      over 50 n =                                          n =                                          n =                 x =                                           x...
, you will need to observe three separate groups (3-5 people) interacting. You can do this...
, you will need to observe three separate groups (3-5 people) interacting. You can do this at a restaurant, a mall, on campus or wherever you can observe a group of people interacting for at least 15 minutes each.You are going to be watching their body language. You are looking for things like differences in status, relationship negotiation, business exchanges or conflict (that one is always fun). Try to establish what the nature of the relationship or exchange is about...
Describe the three main reasons why multicellular organisms need their cells to divide. Which of these...
Describe the three main reasons why multicellular organisms need their cells to divide. Which of these are accomplished by mitosis and which are accomplished by meiosis? In which types of cells do mitosis and meiosis each take place? Does either mitosis or meiosis change the number of chromosomes in a cell? Describe the structure of chromosomes. Define and distinguish the following terms: unduplicated (single-stranded) chromosome, duplicated (double-stranded) chromosome, chromatid, and centromere. What process needs to occur before any cell division...
Divide the compartments of the body into 2 and then divide one of them into 2...
Divide the compartments of the body into 2 and then divide one of them into 2 more divisions (hint: ICF & ECF) Where does our body water come from? And how does it leave? In _______________________________________________________________ OUT ____________________________________________________________ Name 3 hormones important in the homeostasis of body sodium levels and describe what they do. __________________________________________________________ ____________________________________________________________ _____________________________________________________________ What is a buffer? _________________________________________________ ________________________________________________________________________ Write the equation for carbonic acid, carbon dioxide and bicarbonate.
a.) Why do cells divide or why do cells need to divide? b.) The differences in...
a.) Why do cells divide or why do cells need to divide? b.) The differences in cell division process(es) between prokaryotic and eukaryotic organisms. Be sure to provide details of the differences in a logical manner.
Define the digital divide and explain Nielsen’s three stages of the digital divide.
Define the digital divide and explain Nielsen’s three stages of the digital divide.
I need 5 groups examples of in-groups.
I need 5 groups examples of in-groups.
You have leased a Class C network whose network ID is 204.188.89.0. You need to divide...
You have leased a Class C network whose network ID is 204.188.89.0. You need to divide it into three subnets to correspond to three different departments in your organization. For each of the four subnets enter the usable Host Address range: NOTE: enter the host address range using the following format 0.0.0.0-0.0.0.0 Notice the single dash between each IP address. Host addresses for the first subnet: Host addresses for the second subnet: Host addresses for the third subnet: Host addresses...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT