Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Risk / Threat Solution / Preventative Action 1 . Security policy violation 2 . Compromised confidentiality of data transmissions via WLAN 3 . Unauthorized network

Risk/Threat Solution/
Preventative Action
1. Security policy violation
2. Compromised confidentiality of data transmissions via WLAN
3. Unauthorized network probing and port scanning
4. IP router, firewall, and network appliance operating system software vulnerability
5. Private data or confidential data compromised remotely
6. A mobile workers laptop may be stolen
7. Infection of a users workstation or laptop computer by viruses, malicious code, or malware
8.Insecure cloud computing virtual environments by default
9.Downtime of IT systems for an extended period after a disaster
10.Attacks on the organization or acts of sabotage by disgruntled employees
11.Vulnerable to DoS, DDoS, TCP SYN flooding, and IP spoofing attacks
12.Employees and users want to use their own smartphone or tablets
Solutions or Preventative Actions
A. Implement encryption between workstation and WAP to maintain confidentiality.
B. Encrypt the data on the hard drive if the user has access to private or confidential data. Apply real-time lockout rules when told of a lost or stolen laptop by a user.
C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
D. Apply filters on exterior Internet Protocol (IP) stateful firewalls and IP router wide area network (WAN) interfaces.
E. Develop a Bring Your Own Device (BYOD) policy and procedure. BYOD policies and procedures typically permit the organization to data-wipe the users smartphone or mobile device if it is lost or the employee is terminated.
F. Implement virtual firewalls and server segmentation on separate virtual LANs (VLANs). A virtual firewall is a software-based firewall used in virtual environments.
G. Define a strict zero-day vulnerability window definition. Update devices with security fixes and software patches right away.
H. Disable ping, probing, and port scanning on all exterior IP devices within the LAN-to-WAN Domain. Ping uses the Internet Control Message Protocol (ICMP) echo-request and echo-reply protocol. Disallow IP port numbers used for probing and scanning and monitor with IDS/IPS.
I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
J. Develop a disaster recovery plan (DRP) specific to the recovery of mission-critical applications and data to maintain operations.
K. Encrypt all confidential data within the database or hard drive.
L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Administration The Complete Guide To Dba Practices And Procedures

Authors: Craig S. Mullins

2nd Edition

0321822943, 978-0321822949

More Books

Students also viewed these Databases questions

Question

My opinions/suggestions are valued.

Answered: 1 week ago