Hi I am having a difficult time with this project. Can you please help? Scenario

Hi I am having a difficult time with this project. Can you please help?

 

Scenario:

The security team at your organization receives an alert from your organization’s cloud storage provider, DataStore. DataStore is a popular cloud-based data hosting service that your organization has contracted with to store public-facing information such as product briefs and advertisements in a “shared” platform with many other customers. Your organization has a policy against transferring confidential data to the cloud and has asked DataStore to alert your security team if they detect unusual data-transfer activities. DataStore noticed that an active connection transferred large numbers of files to their platform and promptly investigated. Upon closer inspection, the DataStore employee recognized that customer names and social security numbers were clearly displayed in the uploaded files.

 

The security team, with the help of DataStore, discovered that an intern was responsible for the large data transfer. The intern accidentally saved confidential email attachments to a folder on his system that synchronized with DataStore. The intern apologized and stated that he would delete the data from the cloud storage location. However, the problematic files were available for public download for a short period of time.

 

Prompt:

After reading the scenario above, complete the Fundamental Security Design Principles mapping table in the Case Study Template and answer the short response questions. You’ll notice that the Fundamental Security Design Principles listed differ from those presented in previous activities. In the cybersecurity trade, there are many different design principles and frameworks. Successful practitioners learn to work with many different (but conceptually similar) principles to achieve their security goals.

 

Specifically, you must address the critical elements listed below:

 

I. Fundamental Security Design Principles Mapping: Fill in the table in the Module Three Case Study Template by completing the following steps for each control recommendation:

A. Specify which Fundamental Security Design Principle applies to the control recommendations by marking the appropriate cells with an X.

B. Indicate which security objective (confidentiality, availability, or integrity) applies best to the control recommendations.

C. Explain your choices in one to two sentences with relevant justifications.

 

After reviewing the scenario in the Module Three Case Study Activity Guidelines and Rubric document, fill in the table below by completing the following steps:

 

Specify which Fundamental Security Design Principle applies to the control recommendations by marking the appropriate cells with an X.
Indicate which security objective (confidentiality, availability, or integrity) applies best to the control recommendations.
Explain your choices in a few sentences with relevant justifications.

Control Recommendations

Isolation

Encapsulation

Complete Mediation

Minimize Trust Surface (Reluctance to Trust)

Trust Relationships

Security Objective Alignment (CIA)

Explain Your Choices

(1-2 sentences)

Deploy an automated tool on network perimeters that monitors for unauthorized transfer of sensitive information and blocks such transfers while alerting information security professionals.

 

 

 

 

 

 

 

Monitor all traffic leaving the organization to detect any unauthorized use.

 

 

 

 

 

 

 

Use an automated tool, such as host-based data loss prevention, to enforce access controls to data even when data is copied off a system.

 

 

 

 

 

 

 

Physically or logically segregated systems should be used to isolate higher-risk software that is required for business operations.

 

 

 

 

 

 

 

Make sure that only the resources necessary to perform daily business tasks are assigned to the end users performing such tasks.

 

 

 

 

 

 

 

Install application firewalls on critical servers to validate all traffic going in and out of the server.

 

 

 

 

 

 

 

Require all remote login access and remote workers to authenticate to the network using multifactor authentication.

 

 

 

 

 

 

 

Restrict cloud storage access to only the users authorized to have access, and include authentication verification through the use of multi-factor authentication.

 

 

 

 

 

 

 

Make sure all data-in-motion is encrypted.

 

 

 

 

 

 

 

Set alerts for the security team when users log into the network after normal business hours, or when users access areas of the network that are unauthorized to them.

 

 

 

 

 

 

 

II. Short Response Questions:

A. Is it possible to use DataStore and maintain an isolated environment? Explain your reasoning.

B. How could the organization have more effectively applied the principle of minimizing trust surface with DataStore to protect its confidential data? Explain your reasoning.

C. How can the organization build a more security-aware culture from the top down to prevent mistakes before they happen? Explain your reasoning.

Complete Answer:

Get Instant Help in Homework Asap
Get Instant Help in Homework Asap
Calculate your paper price
Pages (550 words)
Approximate price: -
Open chat
1
Hello 👋
Thank you for choosing our assignment help service!
How can I help you?