• Home Page
  • Case Study: Sysadmin, Audit, Network And Security Institute

Case Study: Sysadmin, Audit, Network And Security Institute

Decent Essays
Show More
SANS (Sysadmin, Audit, Network and Security) Institute is a privatized company by the United States, which is specialized in 400 training courses including cybersecurity training and information security for security professionals providing proper certification. SANS was established in 1989. The SANS 11 supported programs in the security program publication of 2003 “The many facets of an information security program” by Robert L Behm Jr. Will be discussed below.

The information security program is a task for the ISSO. The supporting programs are all in best interest of the organizations security of its information and credibility received for its advance security system. The following is a list forming a suitable security program.

• Security Policies: The purpose of an information security program is to reach out beyond most information technology …show more content…
SANS computer security incident handling step by step was published with a proper listening of an IRP.

• System Security Plan: An overview of the security requirements are listed out. This includes expected behavior and targets to be achieved by individuals while using the system. The requirement of the system security plan is vital as it lays down the ground rules to be followed to avoid issues.

• System Development Life Cycle: It is a traditional process applying a set of logical systematic activities, phases, to develop, implement and operate the system. Each phase ensures reduction of cost of security required by integrating and implementing security in to the life cycle process of the system. NIST identifies five common phases in the SDLC process that have some security related actions. • Initiation Phase • Acquisition/Development Phase • Implementation

Related Documents

  • Improved Essays

    Nt1330 Unit 2
    • 369 Words
    • 2 Pages

    Nt1330 Unit 2

    Based on the findings obtained from the analysis of security information then compiled recommendations for improvement of the condition of the company. Some recommendations are: 1. Describe in detail the confidentiality agreement and specifically including maintaining the confidentiality of the password 2. Reexamination of the access rights of each and updating access rights in case of transfer of part or advancement in accordance with their respective access rights. 3.…

    • 369 Words
    • 2 Pages
    Improved Essays
    Read More
  • Improved Essays

    Nt1330 Unit 6 Part 1 Assignment
    • 730 Words
    • 3 Pages

    Nt1330 Unit 6 Part 1 Assignment

    The vulnerabilities identified in part 1 assignment was mitigated by recommending the right solutions. In part2, the network security analyst identified and proposed solutions for the right network devices to protect the accounting firm's network from intruders and external cyber threats. In this final assignment section, the network security analyst of the accounting firm will propose the application/end-user security recommendation to protect the company’s sensitive information. The analyst will also ensure that the proper procedure and policies are in place to take care of network security and employees should be trained and aware of those policies from possible threats including cyber-attacks.…

    • 730 Words
    • 3 Pages
    Improved Essays
    Read More
  • Improved Essays

    Ba501 Week 1 Assignment
    • 740 Words
    • 3 Pages

    Ba501 Week 1 Assignment

    II Abstract Security is a need that is increasing at a rapid rate especially with a large organization and constant changes seem to be the norm.…

    • 740 Words
    • 3 Pages
    Improved Essays
    Read More
  • Decent Essays

    Nt2580 Unit 7
    • 395 Words
    • 2 Pages

    Nt2580 Unit 7

    Written Assignment – Unit 7- Ecommerce ________________________________________ Submit a written paper which is at least two pages in length, double spaced in Times New Roman (or its equivalent) font which is no greater than 12 points in size. After referring to Chapter 3 of Information Security for Non-Technical Managers, discuss the three main areas of accountability regarding information security. When discussing each area, provide an example from outside the textbook. Information security is about all that an organization can involve in, it comprises the data stored by the security center whether in an electronic machine or in a vast area room.…

    • 395 Words
    • 2 Pages
    Decent Essays
    Read More
  • Improved Essays

    HGC Case Study
    • 1025 Words
    • 4 Pages

    HGC Case Study

    A1: Business Objective: Healthy Body Wellness Center (HBWC) Office of Grants Giveaway (OGG) business objective is to offer a proficient methodology that promotes improvement in the quality and usefulness of medical grants. HBWC disburses several medical grants through federally supported health research, and implemented the Small Hospital Grant Tracking System (SHGTS) to automate assignment and tracking of the grant disbursement, streamline review of completed evaluation submitted by grant seekers and promote sharing of health information among healthcare professionals. A2: Security Principle The guiding security principle that HBWC should use to meet Federal Information Processing Standards (FIPS) is an ISO 27002 security framework, accompanied…

    • 1025 Words
    • 4 Pages
    Improved Essays
    Read More
  • Improved Essays

    Information Security In Healthcare
    • 782 Words
    • 4 Pages

    Information Security In Healthcare

    Developing data analytics to monitor and screen cybersecurity threats and react to threat attacker episodes and review log activities (Bergquist, 2016). Technical recommendations to boost security without significantly increasing personnel management can be achieved by incorporating security frameworks reviews, examining any area(s) of weakness or vulnerabilities and implementing security controls. Business partners of ABC Healthcare such as banks, vendors, and collection agencies will continue to thrive with the integration of proper security measures without introducing significant overhead and complexity. Integrating data sharing polices can protect the information and ultimately reduce the level of access to individuals information. To tackle information security infringements, ABC healthcare business partners must concentration on the collaboration of security control with ABC Healthcare to enforce security regulations such as data encryption, data sharing and disposal policies, and educate personnel by…

    • 782 Words
    • 4 Pages
    Improved Essays
    Read More
  • Improved Essays

    M4d1 Unit 1 Case Study
    • 556 Words
    • 3 Pages

    M4d1 Unit 1 Case Study

    The S-SDLC again starts with getting the requirements, but adds security requirements, the setting up phase gates (dividing into stages or phases) and a risk assessment. The design phase identifies requirement from security viewpoint, after which there are architecture/design reviews and then threat modeling is conducted. As in the standard SDLC, the coding is where the meat of the work will be done using coding best practices and static analysis performed. The final and most essential phases are the software testing via vulnerability assessment and fuzzing (testing technique used to uncover coding mistakes and security gaps in software, operating systems or networks by entering enormous amounts of random data (Stallings & Brown, 2015)), and then the software is deployed with server/network configuration with a final…

    • 556 Words
    • 3 Pages
    Improved Essays
    Read More
  • Superior Essays

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity
    • 1084 Words
    • 5 Pages

    Types Of Security Events And Baseline Anomalies That Might Indicate Suspicious Activity

    Identify strategies to control and monitor each event to mitigate risk and minimize exposure Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. One type of a security event that might indicate supicious activity is an authentication failures found in audit logs. Audit logs contain a high volume of events so particular attention on which events that should be specifically tracked and managed require consideration. An audit log can identify patterns of activity that can signal a security a potential breach. Whether the attack was successfull or not the audit information should be stored in a central respository for future forensic refernce if ever needed.…

    • 1084 Words
    • 5 Pages
    Superior Essays
    Read More
  • Improved Essays

    Aizoon's 5-Day It Audit Case
    • 102 Words
    • 1 Pages

    Aizoon's 5-Day It Audit Case

    Midstate’s Network Administrator and I attended a Cybersecurity Training session in Winslow a few weeks ago. Our understanding of these requirements is limited since this is the company’s first exposure to NIST 800-171, and, customers are now imposing Cybersecurity requirements -- a December 31, 2017 deadline is looming. Many of the requirements are now in place, however, those remaining are dependent upon a 3rd party IT Audit requirement; making your offer of a 5-day IT Audit of Midstate Machine exceedingly attractive.…

    • 102 Words
    • 1 Pages
    Improved Essays
    Read More
  • Improved Essays

    Host Based Security System Case Study
    • 303 Words
    • 2 Pages

    Host Based Security System Case Study

    Mr. Todd Finney led his team of Host Based Security System (HBSS) administrators through a successful Command Cyber Readiness Inspection (CCRI). Thanks to Mr. Finney’s superb leadership, guidance, organizational skills, and technical abilities, he was able to take on the challenge of bringing up the overall compliance score of less than 50% to an exceptional score of 85.6%. This score ranked amongst the top 3% in the Army. Mr. Finney’s team addressed HBSS-related security vulnerabilities on over 19,000 workstations and 1,400 servers across the Recruiter Services Network.…

    • 303 Words
    • 2 Pages
    Improved Essays
    Read More
  • Improved Essays

    101.5 Case Study: IT Audit Director
    • 355 Words
    • 2 Pages

    101.5 Case Study: IT Audit Director

    As long as the IT Audit director meets AT §101.51, they should have the ability to reject any change. If the IT audit director can provide sufficient evidence to prove a reasonable basis for wanting to delay implementation of a change, she should have that power. With that said, there needs to be a policy in place to govern changes to production. Changes need to be properly evaluated and authorized before implemented. This is not an appropriately designed control procedure.…

    • 355 Words
    • 2 Pages
    Improved Essays
    Read More
  • Decent Essays

    Nt1310 Unit 3 Information Security Policy
    • 342 Words
    • 2 Pages

    Nt1310 Unit 3 Information Security Policy

    Information security policy is to protect the data and assets. We can apply policies to the users. What to access and what not to access. These security policies can protect the networks, computers, applications of the company.…

    • 342 Words
    • 2 Pages
    Decent Essays
    Read More
  • Improved Essays

    P2 Explain The Principles Of Information Security Essay
    • 1392 Words
    • 6 Pages

    P2 Explain The Principles Of Information Security Essay

    7/A. P2: Explain the principles of information security when protecting the IT systems of organizations 7/A. P3: Explain why organization must adhere to legal requirements when considering IT system Security. 7/AB. D1: Evaluate the effectiveness of the technique used to protect organisations from security threats whilst taking account of the principles of information security and legal requirements. Principles of information security…

    • 1392 Words
    • 6 Pages
    Improved Essays
    Read More
  • Superior Essays

    Mcafee Company Case Study
    • 962 Words
    • 4 Pages

    Mcafee Company Case Study

    Ly Ngo ID 41736748 Tutorial for novice McAfee Company is founded by John McAfee in 1987 and then he resigned the company in 1994. Intel Security Group and TPG Capital (Texas Pacific Group) now own the company. McAfee is an antivirus software that is intended for home users, small business, and big industry. The antivirus helps users protect personal information in computer and mobile devices.…

    • 962 Words
    • 4 Pages
    Superior Essays
    Read More
  • Decent Essays

    Cybersecurity Research Paper
    • 188 Words
    • 1 Pages

    Cybersecurity Research Paper

    As more business activities are being automated and an increasing number of computers are being used to store sensitive information, the need for secure computer systems becomes more apparent. This need is even more apparent as systems and applications are being distributed and accessed via an insecure network, such as the Internet. The Internet itself has become critical for governments, companies, financial institutions, and millions of everyday users. Networks of computers support a multitude of activities whose loss would all but cripple these organizations. As a consequence, cybersecurity issues have become national security issues.…

    • 188 Words
    • 1 Pages
    Decent Essays
    Read More

Related Topics

Ready To Get Started?
Discover
Company
Follow
©2024 Cram.com
Privacy Policy |  About Ads |  Site Map |  Advertise  | 
  • Cookie Settings