Part B: Communications and Operations Security

Answer the following based on the above given scenario.

Task B.1: Is communication and operation security related to cybersecurity? Explain and give

reasons.

Task B.2: Identify potential threats and corresponding risks associated with communication and operation security.

Task B.3: For each risk identified in the previous task, suggest a control strategy for each. Task B.4: Develop SOP for accessing sensitive information from the server located in Room

132.

Task B.5: Recently, the intrusion detection system identified a threat on a machine located in Room 125. Submit a Request for Change (RFC) using a standard template (W3S2_Slide#17) to upgrade the intrusion detection system and submit it for approval.

Task B.6: Develop policy documents for the following two business operations:

The policy statement for the teacher to conduct online teaching sessions.

The policy statement for the network administrator to do Activity Monitoring

and Log Analysis.

CASE STUDY Introduction The given scenario is associated with a school building. The school deals with a number of stakeholders such as students, teaching staff, administrative staff, and other internal and external entities. This is a public school building where any visitor can enter by showing their identification. The school administration wants to ensure the security of their valuable assets and to be vigilant in detecting threats. Therefore, the school administration hires you to prepare a security plan that specifically secures the site from four perspectives as follows: i. Physical Security ii. Environmental Security iii. Communication Security iv. Operations Security Building Structure As shown in Figure-1, the first layer of security is directed at the perimeter of the school both securing the perimeter during the school day but also during non-school hours. This layer of security consists of solid walls or fencing, blending security and aesthetics. In conjunction with walls and fences, clear signage is an important key at this level of security. Proper locking devices on perimeter gates are part of the basic security of the school. So many times, the unauthorized entry onto campus is not because of the failure of the lock, it is the failure of a person to lock the gate. Delivery Gateway Classroom Classroom PARKING LOT Play Field Classroom Admin Building Staff/Visitor Gate Main Entry Figure-1: Overall Structure of the Building In addition, the following Figure-2 and Table-l represent rooms of the Admin Building and the sensitive assets or information located in some of the rooms. Rm. 124 Rm. 128 Rm 130 Lobby Rm 132 Comp. Facility Rm. 123 Rm. 125 Rm. 129 Figure-2: Structure of Admin Building Room Room 123 Table-l: Critical Assets Information Sensitivity & Sensitive Assets Critical Class or Info Privileged, Computer Lab: Vital Computers, Printer Privileged, Classroom: Vital Computers, Projector Confidential, Servers and Critical Critical/sensitive information Room 125 Room 132 CASE STUDY Introduction The given scenario is associated with a school building. The school deals with a number of stakeholders such as students, teaching staff, administrative staff, and other internal and external entities. This is a public school building where any visitor can enter by showing their identification. The school administration wants to ensure the security of their valuable assets and to be vigilant in detecting threats. Therefore, the school administration hires you to prepare a security plan that specifically secures the site from four perspectives as follows: i. Physical Security ii. Environmental Security iii. Communication Security iv. Operations Security Building Structure As shown in Figure-1, the first layer of security is directed at the perimeter of the school both securing the perimeter during the school day but also during non-school hours. This layer of security consists of solid walls or fencing, blending security and aesthetics. In conjunction with walls and fences, clear signage is an important key at this level of security. Proper locking devices on perimeter gates are part of the basic security of the school. So many times, the unauthorized entry onto campus is not because of the failure of the lock, it is the failure of a person to lock the gate. Delivery Gateway Classroom Classroom PARKING LOT Play Field Classroom Admin Building Staff/Visitor Gate Main Entry Figure-1: Overall Structure of the Building In addition, the following Figure-2 and Table-l represent rooms of the Admin Building and the sensitive assets or information located in some of the rooms. Rm. 124 Rm. 128 Rm 130 Lobby Rm 132 Comp. Facility Rm. 123 Rm. 125 Rm. 129 Figure-2: Structure of Admin Building Room Room 123 Table-l: Critical Assets Information Sensitivity & Sensitive Assets Critical Class or Info Privileged, Computer Lab: Vital Computers, Printer Privileged, Classroom: Vital Computers, Projector Confidential, Servers and Critical Critical/sensitive information Room 125 Room 132