Writer’s choice

Posted: December 10th, 2013

Q1: Assessment phase1: Assessment phase is the evaluation of the risk assessment, which is considered as a step in a risk management. Risk assessment plans consist of knowing how to handle a risk and have a treatment plan for such a risk, knowing the effect of risks that might be on the program of YGT. Some of risk assessments goals are to know are information or data should be protected from any harm, doing an evaluation of effects, and describing the overall risks.

Mitigation phase 2:Mitigation phase is the process of reducing risks. In YGT, the IT manager will have to identify some control types to reduce the level of the risk.  For example, the IT security manager can implement a security control such as firewall or intrusion detection system to reduce the large number of threats that the system might get. Some of the major activities that might be introduced in YGT are evaluating some controls, implementing the appropriate controls, and developing an implementation plan.

Validation phase 3: validation phase is the process of ensuring that the program meets all the specifications or the requirements that were made for its intended purpose.  There are so many requirements that YTG might need to ensure that our programs are on the right track. For example, two way validations process will be required on any sensitive data. In order to do that, we have to validate the effectiveness of our security programs by testing our programs and making sure our programs are working properly.

Sustainability phase 4: Sustainability phase is the final phase of the security program. In this phase, YTG will have to make sure that network, applications, software, and computer systems are up and running in a secure and protected environment. In order for YGT to have to have the program sustainable, YGT will have to assign a security team to do a daily check up for the company’s system to keep the system running in a secure environment.

Q2: Definitions of key terms:

1. Vulnerability: vulnerability is the weakness of the system’s information, which may allow a system to be exploited.
2. Risk: a risk is the possibility of an effect that might be happening to a computer system due to some viruses or weaknesses that computer system is facing.
3. Risk management: risk management is the process of identifying the vulnerabilities of a system followed by designed approaches to reduce the risk to an acceptable level.

The concept of risk management is the process of identifying the weaknesses and threats of YGT system, then having a designed approaches to reduce the level of the risk and gain the best results. For YGT to gain the best result, we have to follow some specific factors such as having a security policy, maintain acceptable level of risk, identify asset threats and vulnerabilities, evaluate the importance of organization assets, identify assets for review, and define the scope of the analysis.

Risk assessment is the evaluation phase of the risk management process. Also, the structure of the risk assessment is to have an established rules for what is assessed, who needs to be involved, beside IT security manager, how the assets of an organization is evaluated, the terminology used in discussing risk, and comparing degrees of risk, and the documentation that must be collected and produced as a result of assessments and follow-on activities.

There are some goals the company needs to approach to have a good risk management such as establishing an objective measurement of risk that will allow the company to have an understanding of the business risk. Some of the risk assessment that have to be preformed are a determination of a risk-reduction plan, vulnerability scan, penetration testing, and risk profile development for the company’s environment.

Q3: A: Defense in depth concepts is about how to protect your system against all types of attacks by using numerous techniques. the idea in defense in depth is to have security considerations and services present in each level. When it comes to the security infrastructure of the company, we always assume that one full layer will fail, so that we have to present security consideration on each level.

In other words, defense in depth will require the organization to establish sufficient security controls and safeguards so that an attacker will face multiple layers of controls to reduce the risk that the system might get. Some of the components that the company will need are firewall, intrusion detection system, and demilitarized zone. The company will also need to educate its employees and train them to be aware of information security.

B: There are so many security controls that may be employed in a defense in depth strategy. Two levels of security controls are logical controls, and physical controls.

Some examples of logical controls are (a) access control list, (b) intrusion detection system, and (c) firewall.

Some example of physical controls are (a) cameras, (b) alarm system, and (c) cable locks.

C: Physical controls are designed to deny access to any unauthorized access from physically accessing the building, resources, or a data information storage. It is a protection for a network, data, programs, and hardware from being physically accessed by unauthorized people. The company needs to be protected from such access to not cause any losses or damages.

Q4:  The high-level components of this strategy are:

a) business continuity planning b)Incident response planning C)Disaster recovery planning

Business Continuity Planning is the planning process associated with ensuring that critical business functions continue if a catastrophic incident or disaster occurs and it occurs concurrently with DRP when the damage is major or long term, requiring more than simple restoration of information and information resources.

Incident response planning is the planning process associated with the identification, classification, response, and recovery from an incident. This component focuses on instant response, but if the attack escalates the process will  change to disaster recovery and BCP.

Disaster recovery planning is the planning process associated with the preparation for and recovery from a disaster, whether natural or man-made. This component focuses on recovering or restoring the systems after disaster, and as such it is closely associated with BCP.

Q5: There are so many steps that can be taken under physical security for instance, safeguarding all the personal records and all the sensitive information that the company held. This step can be done by providing locks, cabinets, and tracking devices. All sensitive information should be placed on cabinets, and any access to any kind of these information should be recorded by the tracking device. The tracking device will continuously monitor all the confidential information. Before giving any employee an access to the sensitive data, their name and employee’s number should be recorded.

The goal of physical security is to provide a secure and safe measure to accomplish integrity of all sensitive information. To have a good physical security in YGT we should use the concept of defense in depth, so that it will be so hard for an attacker or unauthorized personal to have access to sensitive information.

A process-improvement measure can be taken by the IT manager to have a security-awareness and improve the physical security. The IT manager can train the employees to follow a certain methods to save all confidential information. For example, the IT manager can have a list of vulnerabilities that exist and then train the employees to how safeguard against such a vulnerability.  In addition to that, we could have a check in and checkout system that records all accesses to sensitive information.

Q6: One of the most important phases is validation of security program. Validation of security program will include some steps that the company needs to consider such as, information classification, information protection, password management, and communication. In order to properly validate the effectiveness of the security program, it must be tested against various types of threats and susceptibilities.

One security policy should be considered which states access and security should be strictly enforced and monitored. Any kind of services requested by anyone should be double checked regardless of who has requested these information and what position they may have. Requests should be checked at the relevant service level to determine whether the requests that have been made are legitimate or if they are beyond scope. If they are found to be beyond the scope, they must be declined.

Other step that can be considered in order to further this effort is monitoring activates and having a scheduled management activates to determine whether control procedures are performed effectively and consistently. What we need in YGT is internal controls to provide reasonable assurance. Compliance with regulations such as SOX, YGT compliance with security policies, and YGT internal controls are effective against any type of threats.

Q7: In order to keep the information security program functioning and improving over time, YGT will have to keep an eye on the security program and make sure that the company’s network and environments are running in a secure and protected manner. Security program should be managed by using management model to operate  ongoing security programs. These models are the frameworks that structure task of managing particular set of activates.

To further explain the management model, it is a five layer approach structure to the management of network and systems, the five approaches are fault management, configuration and name management, accounting management, performance management, and security management. The company’s system should always keep up with the security fixes.

Fault management is the process of identifying, tracking, diagnosing, and resolving faults in system. Configure and change management is the administration of the configuration of the components of the security. Change management involves two strategies technical and nontechnical changes. Accounting management involves how a particular component in a system is monitored. Performance management is all about monitoring the performance of a system.

please rewrite the whole documents