Question

In: Computer Science

*Goal: Design a Security Awareness Training module forprivileged users.-You need to document what will...

*Goal: Design a Security Awareness Training module for privileged users.

-You need to document what will go into it, and explain how it will be enforced/monitored/administered.

-talk about the components specific for Privileged Users and how the company will ensure they have proper training on how to use/access/safeguard their credentials.

-Talk about what the dangers are associated with Privileged users. Why would it be different than how a company needs to address regular user credentials?

**This is a tabletop excercise.

Look into Privileged Identity Credential Management.

Solutions

Expert Solution

The answer to the above problem is as follows:

SECURITY AWARENESS TRAINING PROGRAM:

First of all, we need to understand the importance as well as risk associated with privelged users. Privileged users are those that have access to that have access to every nook and corner of organisation's network, resources, devices and servers. While this may be an inevitable need for modern organisations we can never ignore how much risk is associated with this.

Privileged users pose a great threat to the company. They have access to all the users accounts and sensitive client information which is what cyber criminals crave for in order to breach the organisation's network.Many of the researches have found that more than 80% of cyber criminal activities in huge organisations have taken place due to privileged users.

This is largely due to unawareness of the responsibility by the privileged users. Yes we do have technical solutions like few tools here and there to keep a check on the access, but to uproot the issue, the awaress of privileged user has to be instilled within everyone. That is why this module has been created. And the awarenss program must include what is a privileged user, the threats posed by an insider, actions that must be condemed and prohibited, managing the access power of privileged users and the consequence of not complying with the rules.

The awareness program can be enforece/monitored/administered by-

Having a tailor made training for different set of end user of the company like the employee end users, the top tier management or executive team, the team of IT and cyber security professinals, and temporary workers. Their methodology and set of work is different and as such it becomes imperative to have customized training for all of them.

We need to assemble the team, determine the roles for security awareness by identifying the level of responsibilty,establish the minimum requirement for awareness and content of training required by their level of work. Also training has to be mandatory for all and it should be regulated from time to time.


Related Solutions

Q1: What is a design document? What is included in a design document? How is it useful for training?
Q1: What is a design document? What is included in a design document? How is it useful for training? Q2: How might a course design differ for Baby Boomers compared to Gen Xers? Q3: How does a concept map help learners?
Outline the documentation that you would suggest creating to document the system, training, and support users.
Outline the documentation that you would suggest creating to document the system, training, and support users.
What is a design document? What is included in a design document? How is it useful...
What is a design document? What is included in a design document? How is it useful for training? Customer service training involves far transfer. What design features would you include in a customer service training program to ensure that transfer of training occurred? What is a curriculum road map? Why is it important?
What is a design document? What is included in a design document? How is it useful...
What is a design document? What is included in a design document? How is it useful for training?
What is a design document? What is included in a design document? How is it useful...
What is a design document? What is included in a design document? How is it useful for training?
In this project, you’ll create a security infrastructure design document for a fictional organization. The security...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted...
You’ll create a security infrastructure design document for a fictional organization. The security services and tools...
You’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. You’ll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. The following elements should be incorporated into your plan: *Authentication system *External website security *Internal website security *Remote access solution *Firewall and basic rules...
What is a network design document?
What is a network design document?
What is the goal of the design phase?
What is the goal of the design phase?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT