Question

In: Computer Science

Scenario For this final project, put yourself in the role of a security analyst who is...

Scenario For this final project, put yourself in the role of a security analyst who is performing an audit of your company. Your organization is a mid-sized manufacturing company that released its own smart headset. The headset has the ability to project important documents on an optical screen for the technicians in the field. The documents could be product schematics, invoices, emails, text messages, or any documents put in the shared drive on the server. The headset has constant communication with the server that resides in the central office; the connection is made through the technicians’ cell phones via the Bluetooth connection.

I. Personnel or human factor trend Select a personnel or human factor trend and discuss the following critical elements: A. Describe how the trend or strategy provides protection to an organization. B. Defend the trend as a credible solution based on your analysis of the threat model for the scenario. 2 II. Data protection strategy or technology trend Select a data protection strategy or technology and discuss the following critical elements: A. Describe how the strategy or technology provides protection to an organization. B. Defend the strategy or technology as a credible solution based on your analysis of the threat model for the scenario. III. System protection trend Select a technology in one of the following areas: ● Network protection technologies ● Endpoint/server protection technologies ● Software code protection strategies and technologies For your selected technology, discuss the following critical elements: A. Describe how the selected technology provides protection to an organization. B. Defend the technology as a credible solution based on your analysis of the threat model for the scenario..

Solutions

Expert Solution

Q. I.Personnel or Human factor trend:

The human factors of cyber security represents the actions or events when a human error results in a successful hack or data breach. As research suggests, human error is the weakest link for data breach in an organisation. One of the most common form of human factor trend that leads to security breach of data of an organisation is through providing access to confidential data of the organisation to unauthorised external personnel either by sharing the hardware device or the password to access the device which connects directly to the organisational data server.

Q. I. A.  How the trend or strategy provides protection to the organization:   

In the scenario of the organisation under discussion, the manufacturing company has provided the smart headset to its technicians in the field which has constant connection to the server at the central office to display important documents on the optical screen of the smart headset through the Bluetooth connection of the technician's cell phone. In this scenario, a security breach of data might occur if the technicians allows any other unauthorised or external personnel to use that device for whatever reason. In order to achieve protection against this, the organisation can carry out the following security steps to minimise security breach of data:

a. Provide appropriate training on cyber security to all authorised technician before the headset is allocated to them

b. Enable software asking for login credentials and password of suitable complexity whenever the device is switched on before the technician can start working with important information.

c. Ensure the device is allocated to authorised technicians only after proper validation

These strategies will ensure preliminary protection to the organisation against any security breach.

Q. I. B. The trend as a credible solution based on the analysis of the threat model:  

Although the precautionary steps mentioned above should ensure preliminary protection to the organisation against any security breach, certain additional steps as below might ensure muche higher security against any attempt of data breach in the scenario under consideration:

a. Organise regular refreshment or catch up training for technicians to explain the necessity of cyber security and their respective role in doing so in order to mainain their high level of awareness.

b. Enable retinal or biometric scan of the authorised employees to enable the device.

c. Ensure mandatorily changing the password with suitable complexity at regural intervals, say weekly or biweekly for all technicians.

d. Make the authorised technicians enter into legal contractual obligation not to share either the device or the password to anyone else and violation of which could draw a strict penalty in any suitable form.

Q.II. Data Protection strategy or technology trend:

The human factor is the weakest link in both prevention and mitigation of cyber breaches, while the best defense is use of technology and tools in addition to test and train people on security policies. In the light of the previous discussions and appropriteness of implementation in the current scenario of the organisation, the best technological trend in case of the technicians using the smart headset in the field could be to use continuous retinal scan of the user and monitoring the data read by the retinal scanner attached to the smart headset to the previousely captured retinal scan data of the authorised technician stored at the server at the central office. Additionally, the server should be capable to shut down the connection with a suitable message or alarm tone or both in case any mismatch is detected when the device is tried to be used by any other person. It would be easy to monitor the data as continuos connection with the server is essentially maintained to display important information on the optical screen of the smart headset. This will also nullify the disadvantages of storing the retinal scan data of the authorised user in a small chipset attached to the headset as that too can be tampered with by unauthorised personnel at the field.

This concludes the answer to the first 4 subparts of the question and the discussions above can provide a guideline to answer the reamining subparts following.


Related Solutions

Put yourself in the role of a healthcare leader (a position of your choosing based on...
Put yourself in the role of a healthcare leader (a position of your choosing based on your career interests). What force(s) operating in the healthcare delivery system do you see that might serve as barriers to culturally sensitive care and achieving social justice? How about opportunities? Where do you see the US in the future in the next 1-5 years in terms of attaining a socially just healthcare system that is inclusive of diversity? identified specific action steps you can...
Put yourself in the position of an entrepreneur who is developing a new product to introduce...
Put yourself in the position of an entrepreneur who is developing a new product to introduce into the market. Briefly describe the product. Then, develop the segmentation, targeting and positioning strategy for marketing the new product. Be sure to discuss (A) the overall strategy(B) Characteristics of the target market (C) Why that target market is attractive, and (D) the positioning stratedy. Provide justification for yout decision.
Topic: Facilities Coordinator 1 ) The Facilities coordinator is a critical role. Put yourself in the...
Topic: Facilities Coordinator 1 ) The Facilities coordinator is a critical role. Put yourself in the position of the facilities coordinator. 2) Determine and list the qualities you have that would make you an excellent candidate for this position 3) Determine and list the qualities this position demands that you lack 4) Write a proposal for upper management on why you think you are qualified for this position
For this project, you will place yourself in the role of HR manager or executive of...
For this project, you will place yourself in the role of HR manager or executive of a medium-large company. Your responsibility is to communicate important information throughout your organization in response to ONE of the following scenarios: Changes you are making in the company’s health insurance plan will now require a significant financial contribution from employees in the form of payroll deductions. This type of change is being necessitated due to rising insurance costs, which is costing the company important...
Imagine yourself as a nurse student who is taking the leader role in a clinical day...
Imagine yourself as a nurse student who is taking the leader role in a clinical day and answer the following questions. How would you describe your leadership style? Provide an example of how you displayed that during your leadership experience. How did you help to provide a caring environment for your fellow student nurses and their patients? What was your role in ensuring a safe environment both for your fellow student nurses and their patients? What did you learn by...
After completing a project analysis, an analyst should rely on which tool to make a final...
After completing a project analysis, an analyst should rely on which tool to make a final recommendation on the project? NPV Break-even analysis Decision trees Sensitivity analysis
Put yourself in the shoes of the hiring manager, and research yourself in every online format...
Put yourself in the shoes of the hiring manager, and research yourself in every online format that you can access. Google your name. What is out there in cyberspace that may prevent a potential employer from extending an offer to you? Post strategies you can offer to address/correct information that is associated with your name/likeness, such as images, on the internet.
Your final project will satisfy the following scenario: You are writing a program that will act...
Your final project will satisfy the following scenario: You are writing a program that will act as an ATM machine by the end of this course. In order to access the ATM, the customer must enter their user name and their passcode. After 3 incorrect attempts at entering the user name and password, the program will end. The list of legitimate users along with their user ID, passcode, and account balance will be provided to you. There are only 5...
An analyst is interested to value put options on the stock of Bulls Inc. The analyst...
An analyst is interested to value put options on the stock of Bulls Inc. The analyst has accumulated the following information: • The price of the stock is $40. • The strike price is $38. • The option matures in 2 months. • The variance of the stock’s returns is 0.25. • The annual risk-free rate is 6%. Using the Black-Scholes model, what is the value of the put option?
Why is it impossible to put yourself in someone else's shoes? Or is it? Watch the...
Why is it impossible to put yourself in someone else's shoes? Or is it? Watch the videos (located below). What do these videos teach you about putting yourself in someone else's shoes? How can we learn to do this? How Cultures are Studied https://www.youtube.com/watch?v=72oSUzZT2sU Strange Beliefs: Sir Edward Evans-Pritchard http://www.youtube.com/watch?v=8q9HyONL_10&feature=relmfu
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT