Homework 1
After reviewing the material your group has prepared so far, the management team has returned with a list of five specific concerns. They include:
1. Access control
2. Security enterprise
3. Impact of implementing a change management system
4. Mitigation
5. Risk management
6. Management has asked you to address concerns with a visual presentation. Address concerns by providing the following information:
7. An overview of the access control
8. Required mitigation steps for each concern
9. Prioritize concerns
10. Concerns with vendor relations from the enterprise security standpoint
11. Description of how the organization can apply risk management principles in its efforts
12. Description of iterative maintenance effort, including audits and frequency
13. Include at least two references formatted according to APA guidelines.
Present the information in one of the following ways:
1. A detailed chart along with a brief 1-2 page executive summary explaining the decisions made
2. A 12- to 14-slide multimedia-rich presentation with speaker notes
Homework 2 - Security Vulnerability Report
A security vulnerability report identifies the areas of the organization that are at risk of losing data, outages, etc. Typically, organizations categorize the report to focus on specific areas and highlight the level of risk per area. Based on the vulnerability report, organizations are able to plan appropriately for budgeting and resource improvements.
Write a 3 to 4 pages security vulnerability report in Microsoft Word based on the organization you chose. An internal review of your organization was previously conducted and found the following vulnerabilities:
1. A formal Password Policy has not been developed that meets your organization's regulatory requirements.
2. The organization only uses single factor authentication using weak passwords.
3. Vulnerability Severity: High
4. Impact: Threats could easily guess weak passwords allowing unauthorized access.
5. Software configuration management does not exist on your organization's production servers.
6. There are different configurations on each server and no operating system patching schedule.
7. Vulnerability Severity: Moderate
8. Impact: With ad hoc configuration management, the organization could inadvertently or unintentionally make changes to the servers that could cause a self-imposed denial of service.
9. An Incident Response Plan has not been developed.
10. There is not a formal process for responding to a security incident.
11. Vulnerability Severity: High
12. Impact: In the event of a security incident, an ad hoc process could allow the security incident to get worse and spread throughout the network; the actual attack may not be recognized or handled in a timely manner giving the attacker more time to expand the attack.
13. Consider people, processes, and technology that can be exploited by the source of a threat.
Format your homework according to the give formatting requirements:
• The answer must be using Times New Roman font (size 12), double spaced, typed, with one-inch margins on all sides.
• The response also includes a cover page containing the student's name, the title of the homework, the course title, and the date. The cover page is not included in the required page length.
• Also include a reference page. The references and Citations should follow APA format. The reference page is not included in the required page length.