Discuss your reasoning behind the controls, how they can work together, and any other pertinent information you feel would make a strong case for implementing the controls.

You need to write a security control plan outlining the components of the network and security controls

you would put in place given the systems in the diagram. Discuss your reasoning behind the controls,

how they can work together, and any other pertinent information you feel would make a strong case for

implementing the controls. Ensure that you cover the topics from this course and include them in the

final plan. Research additional security controls outside of what has been covered and include them as

well.

Some things to think about as you brainstorm security controls:

 Vulnerability management and patching

 Open ports and protocols

 Malware detection and prevention

 Firewall rules

 Intrusion Detection

 Backup Strategy

 Network and machine authentication

 Industry compliance standards and mandates (Finance in this case)

 OS and Application Hardening Guides (CIS, STIG, etc.)

Requirements: 5 pages

CST 610 Project 4

Cyberspace and Cybersecurity Foundations

Technical Controls Report

Template

Prepared By: Firstname Lastname

Version 1.0

Table of Contents

Executive Summary

Provide a brief summary of what you were asked to do, what did, and what results were obtained. Be certain to indicate how many controls you implemented, how many passed your test and evaluation.

Technical Control Scope

Describe the scope of your technical control implementation. This should include a table of systems with the services and applications present on each.

Also, include your Predictions here in a separate paragraph.

Technical Control Implementation Details

Refer to previous project reports for indications of where systems within the control scope have vulnerabilities or indicators of attack. For each control, you must include the following:

Control number: start at 001 and increment

Type: preventative, detective, recovery

System: the system name, ip address, and operating system

Application or Service: the application or service name, version number

Implementation Procedure: list the exact steps followed to implement the control

Test and Evaluation Plan

Write a concise test plan for each control listed in the previous section. Document the plan using the following outline:

Control number: use the control number from section 3 above

Test procedure: use a numbered list containing the exact steps to be followed in carrying out the control test

Test and Evaluation Findings

Document how you tested each control after implementation and the results of the test. You can use the following outline:

Control number: use the control number from section 3 above

Test outcomes: indicate the set of possible test outcomes

Screenshot: include a screenshot of the test results with the current day and time clearly visible

Conclusion

Document your reflections here in a numbered list. Refer back to your predications! Also, include the source question with your response in the format: What is a reflection question? A reflection is an opportunity.

Above is the diagram of the FICBANK network architecture.

You need to write a security control plan outlining the components of the network and security controls you would put in place given the systems in the diagram. Discuss your reasoning behind the controls, how they can work together, and any other pertinent information you feel would make a strong case for implementing the controls. Ensure that you cover the topics from this course and include them in the final plan. Research additional security controls outside of what has been covered and include them as well.

Some things to think about as you brainstorm security controls:

Vulnerability management and patching

Open ports and protocols

Malware detection and prevention

Firewall rules

Intrusion Detection

Backup Strategy

Network and machine authentication

Industry compliance standards and mandates (Finance in this case)

OS and Application Hardening Guides (CIS, STIG, etc.)

9/17/23, 11:10 PMStep 2: Technical Control Testing Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070143/View2/5Testing and evaluating (otherwise known as assessing) is as important asimplementing those controls. There are a variety of technical control test andevaluation methodologies. Some methodologies are related to specificgovernance or regulatory frameworks (i.e., PCI-DSS) while others are generalguidelines. In any case, the important points are (a) test and evaluatecontrols immediately after implementation; (b) re-test and re-evaluateperiodically; (c) document evidence of control effectiveness.An example of a general framework aligned with the general implementationcontent from the previous section:Start with obtaining a general understanding of the security risks facinginformation processing, through a review of relevant documentation,inquiry, observation, and risk assessment and evaluation techniques.Document and evaluate controls over potential access paths into thesystem to assess their adequacy, efficiency, and effectiveness byreviewing appropriate hardware and software security features andidentifying any deficiencies or redundancies.Test controls over access paths to determine whether they arefunctioning and effective by applying appropriate testing techniques.Evaluate the AC environment to determine if the control requirementsare achieved by analyzing test results and other evidence.Evaluate the security environment to assess its adequacy by reviewingwritten policies, and observing practices and procedures, and comparingthem with appropriate security standards or practices and proceduresused by other organizations.Familiarization with the IT environment:This is the first step of the evaluation and involves obtaining a clearunderstanding of the technical, managerial, and securityenvironment of the information system processing facility. Thistypically includes interviews, physical walk-throughs, review ofdocuments, and risk assessments, as mentioned above in thephysical security control area.

9/17/23, 11:10 PMStep 2: Technical Control Testing Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070143/View3/5pyyDocumenting the access paths:The access path is the logical route an end user takes to accesscomputerized information. This starts with a terminal/workstationand typically ends with the data being accessed. Along the way,numerous hardware and software components are encountered.The assessor should evaluate each component for properimplementation and proper physical and logical access security.Interviewing systems personnel:To control and maintain the various components of the access path,as well as the operating system and computer mainframe, technicalexperts often are required. These people can be a valuable sourceof information to the assessor when gaining an understanding ofsecurity. To determine who these people are, the assessor shouldinterview with the IS manager and review organizational charts andjob descriptions. Key people include the security administrator,network control manager, and systems software manager.Reviewing reports from AC software:The reporting features of AC software provide the securityadministrator with the opportunity to monitor adherence tosecurity policies. By reviewing a sample of security reports, theassessor can determine if enough information is provided tosupport an investigation and if the security administrator isperforming an effective review of the report.Reviewing Application Systems Operations Manual:An Application Systems Manual should contain documentation onthe programs that generally are used throughout a data processinginstallation to support the development, implementation,operations, and use of application systems. This manual shouldinclude information about which platform the application can runon, database management systems, compilers, interpreters,telecommunications monitors, and other applications that can runwith the application.

9/17/23, 11:10 PMStep 2: Technical Control Testing Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070143/View4/5Log-on IDs and passwords:To test confidentiality, the assessor could attempt to guess thepassword of a sample of employees’ log-on IDs (though this is notnecessarily a test). This should be done discreetly to avoidupsetting employees. The assessor should tour end user andprogrammer work areas looking for passwords taped to the side ofterminals or the inside of desk drawers, or located in card files.Another source of confidential information is the wastebasket. Theassessor might consider going through the office wastebasketlooking for confidential information and passwords. Users could beasked to give their password to the assessor. However, unlessspecifically authorized for a particular situation and supported bythe security policy, no user should ever disclose his/her password.Controls over production resources:Computer ACs should extend beyond application data andtransactions. There are numerous high-level utilities, macro or jobcontrol libraries, control libraries, and system software parametersfor which AC should be particularly strong. Access to these librarieswould provide the ability to bypass other ACs. The assessor shouldwork with the system software analyst and operations manager todetermine if access is on a need-to-know basis for all sensitiveproduction resources. Working with the security administrator, theassessor should determine who can access these resources andwhat can be done with this access.Logging and reporting of computer access violations:To test the reporting of access violations, the assessor shouldattempt to access computer transactions or data for which access isnot authorized. The attempts should be unsuccessful and identifiedon security reports. This test should be coordinated with the dataowner and security administrator to avoid violation of securityregulations.Follow up access violations:

9/17/23, 11:10 PMStep 2: Technical Control Testing Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070143/View5/5 To test the effectiveness and timeliness of the securityadministrator’s and data owner’s response to reported violationattempts, the assessor should select a sample of security reportsand look for evidence of follow-up and investigation of accessviolations. If such evidence cannot be found, the assessor shouldconduct further interviews to determine why this situation exists.Identification of methods for bypassing security and compensatingcontrols:This is a technical area of review. As a result, the assessor shouldwork with the system software analyst, network manager,operations manager, and security administrator to determine waysto bypass security. This typically includes bypass label processing(BLP), special system maintenance log-on IDs, operating systemexits, installation utilities, and I/O devices. Working with thesecurity administrator, the assessor should determine who canaccess these resources and what can be done with this access. Theassessor should determine if access is on a need-to-know/havebiiftidttitlitYou have viewed this topic Last Visited Sep 13, 2023 9:09 PMActivity Details

9/17/23, 11:09 PMStep 1: Technical Control Implementation Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070142/View2/5Implementing technical controls requires installing, configuring, or modifyingcomponents of a computing system. It also entails continuous updates andpatching to keep operating systems, external tools, applications, databasemanagement systems, and others up to date. Depending on the nature ofthe industry or organization, it may be required to adhere are many technicalcontrol frameworks, guides, and checklists available. Some use cases requirewe follow a specific framework (e.g., PCI-DSS), while a variety of instancessimply necessitate having technical controls for prevention and remediationpurposes. Absent a specific regulatory or legal requirement, the importanttakeaway is to select an appropriate technical control and stick to it.For example:Logical Access ControlsLogical ACs are the primary means of managing and protecting resources toreduce risks to a level acceptable to an organization. They are tools used foridentification, authentication, authorization, and accountability. They aresoftware components that enforce AC measures for systems, programs,processes, and information. The logical ACs can be embedded withinoperating systems, applications, add-on security packages, or database andtelecommunication management systems. In applying management-designedpolicies and procedures for protecting information assets, logical ACs are theprimary means of managing and protecting these resources to reduce risks toa level acceptable to an organization. For example, the concept of AC relatesto managing and controlling access to an organization’s informationresources residing on host- and network-based computer systems. Assessorsneed to understand the relationship of logical ACs to management policiesand procedures for information security. In doing so, assessors should beable to analyze and evaluate a logical AC’s effectiveness in accomplishinginformation security objectives.Inadequate logical ACs increase an organization’s potential for lossesresulting from exposures. These exposures can result in minorinconveniences up to a total shutdown of computer functions. Exposures

9/17/23, 11:09 PMStep 1: Technical Control Implementation Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070142/View3/5pppthat exist from accidental or intentional exploitation of logical ACweaknesses include technical exposures and computer crime. For assessorsto effectively assess logical ACs within the system under review, they firstneed to gain a technical and organizational understanding of theorganization’s IT environment. This is to determine which areas from a riskstandpoint warrant special attention in planning current and future work.This includes reviewing all security layers associated with the organization’sIT information system architecture.These layers are as follows:Network layerOperating system platform layerDatabase layerApplication layerPaths of Logical AccessAccess or points of entry to an organization’s information systeminfrastructure can be gained through several avenues. Each avenue is subjectto appropriate levels of access security. For example, paths of logical accessoften relate to different levels occurring from either a back-end or a front-end interconnected network of systems for internally or externally basedusers. Front-end systems are network-based systems connecting anorganization to outside untrusted networks, such as corporate websites,where a customer can access the website externally in initiating transactionsthat connect to a proxy server application which in turn connects, forexample, to a back-end database system in updating a customer database.Frontend systems can also be internally based in automating business,paper-less processes that tie into back-end systems in a similar manner.General Points of EntryGeneral points of entry to either front-end or back-end systems relate to an

9/17/23, 11:09 PMStep 1: Technical Control Implementation Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070142/View4/5organization’s networking or telecommunications infrastructure incontrolling access into their information resources (e.g., applications,databases, facilities, networks). The approach followed is based on a client–server model where, for example, a large organization can literally havethousands of interconnected network servers. Connectivity in thisenvironment needs to be controlled through a smaller set of primary domaincontrolling servers, which enable a user to obtain access to specificsecondary points of entry (e.g., application servers, databases). Generalmodes of access into this infrastructure occur through the following:Network connectivityRemote accessOperator consoleOnline workstations or terminalsLogical Access Control SoftwareIT has made it possible for computer systems to store and contain largequantities of sensitive data, increase the capability of sharing resources fromone system to another, and permit many users to access the system throughinternet/intranet technologies. All of these factors have made organizations’information system resources more accessible and available anytime andanywhere.To protect an organization’s information resources, AC software has becomeeven more critical in assuring the confidentiality, integrity, and availability ofinformation resources. The purpose of AC software is to preventunauthorized access and modification to an organization’s sensitive data anduse of system critical functions.To achieve this level of control, it is necessary to apply ACs across all layersof an organization’s information system architecture. This includes networks,platforms or operating system, databases, and application systems.Attributes across each commonly include some form of IA, accessauthorization, checking to specific information resources, and logging and

9/17/23, 11:09 PMStep 1: Technical Control Implementation Explained – CST 610 9041 Cyberspace and Cybersecurity Foundations (2235)https://learn.umgc.edu/d2l/le/content/770922/viewContent/31070142/View5/5 reporting of user activities.The greatest degree of protection in applying AC software is at the networkand platform/ operating system levels. These layers provide the greatestdegree of protection of information resources from internal and externalusers’ unauthorized access. These systems are also referred to as generalsupport systems, and they make up the primary infrastructure on whichapplications and database systems will reside.Operating system AC software interfaces with other system software ACprograms, such as network layer devices (e.g., routers, firewalls), that manageand control external access to organizations’ networks. Additionally,operating system AC software interfaces with database and/or applicationsystem ACs to protect system libraries and user datasets.Logical Access Control Software FunctionalityGeneral operating system AC functions include:1. Apply user IA mechanisms.2. Restrict log-on IDs to specific terminals/workstations and specificYou have viewed this topic Last Visited Sep 14, 2023 10:12 AMActivity Details

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.