Goal 1.Identify security events and baseline anomalies that might indicate suspi

Question

Goal

1.Identify security events and baseline anomalies that might indicate suspicious activity.

2.Identify policy violations and security breaches and appropriately monitor threats and control activity across the network.

Refer to the handout entitled “Testing and Monitoring Security Controls.” It contains information on security events or breaches and baseline anomalies.

After studying the handout, address the following in the form of a summary report:

1.Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.

2.Given a list of policy violations and security breaches, select three and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.

Required Resources Text sheet: Testing and Monitoring Security Controls

Explanation / Answer

Answers)

1.Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.

Answer)

Security events such as trying to break in to a computer or trying to attacks a computer in getting access indicates suspicious activity and can be tracked in real time as well as can be found in the computer logs. Other security issues and baseline anomalies include abrupt changes in the administrative policies of the system or the network. Also, traffic movement throughout the network has to be monitored and any abnormality in the traffic flow of the network has to be suspicious.

2.Given a list of policy violations and security breaches, select three and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.

Answer)

There is not list given here.

Let the list of policy violations and security breaches be:

Predictable passwords - The password is the preliminary defensive mechanism of the first. And thus setting a long, complicated and string password is necessary for the user and also the company's data security so that anyone trying to break the computer's security cannot do that very easily and mostly fails.

Removable storage devices - The use of Removable storage devices should be monitored as attackers can install the virus or other malware using physical pen-drives in the systems or computer connected to the network where the malware will spread to other systems.

Sensitive laptop data - We all know that laptops contain sensitive and is used by the users to travel and work according to their comfort and requirement. Thus there is always a need of securing the user's data and the organizational data in the laptop as they are full of confidential information. Thus physical security of the laptop is as necessary as maintaining the laptop using the latest version of the security software.

Related Questions

Navigate

• Browse (All)
• Browse G
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.