Critical Thinking Exercises about Defense in Depth You are employed as an Inform

Question

Critical Thinking Exercises about Defense in Depth  

You are employed as an Information Security Analyst in a high security private research firm that handles government contracts. Due to the nature of the research conducted dissemination of data is highly controlled. The network currently has filters in place to ensure that incoming and outgoing emails as well as other network communications do not contain any protected information. It has come to your attention that certain lab users are transferring files on non-encrypted USB drives between labs and possibly even off site. Using the concept of defense in depth, describe the layers that would be utilized to prevent data from migrating off site via USB and how these layers would protect the data? (This is a two-part question, not just listing affected layers.)

Explanation / Answer

The layers which protect the data to prevent from migrating to offsite via USB is Data Centric Security Layer and Firewalls.

Data Centric Security:- This data centricn security is the approach to provide security to the data rather than to the system , network, etc. In this Data centric security approach security is directly imposed to on data which is stored so that no un-authorized access can be done.

Now a days all the organizations mostly rely on digital information to run their business and also data storage is rapidly increasing, so that it is very much important to provide security to this data without un-authorized access.

The functionality of this approach is it restricts the accessibility of the data, which means restricting data access to all and gives limited access to the one who are authorized ie. viewing, Editing or using the data is limited to their access.

Here in the present case certain lab users are tranferring data to the offsite through USB. So in this case by using this approach we can restrict the data access by just giving the viewing access to the lab users so that they cant thasfer files.

Firewall:- A firewall is a security system which provides security to the system in the two different ways which we implement i.e. network Security and Hardware Security. In this case now we need hardware security.

Firewall gives hardware security in the form, by scanning all our hardware which we connect to the system and by checking for the vulnarabilities. If it found anything it repairs automatically and the other functionality of this hardware security is by restricting access to connect the devices to the system. i.e. Firewalls can block the USB ports of the system to provide security.

By implementing this hardware security and then by blocing the ports we can provide the security to the data. In this if any users want to connect the USB they need to enter the password and to pass the authentication process. By implementing this 2 process we can prevent the data to migraate to offsite.

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.