You work as the IT security administrator for a small corporate network. As part of an ongoing program to improve security, you want to implement an audit policy for all workstations. You plan to audit user logon attempts and other critical events. Show In this lab, your task is to configure the following audit policy settings in WorkstationGPO: Edit Audit Policies as follows: 1. Using Group Policy Management, access
CorpNet.local's Group Policy Objects > WorkgroupGPO. 2. Access the WorkstationGPO's Security Settings Local Policies. 3. Modify Local Policies. 4. Modify the Event Log. 5. Modify Advanced Audit Policy Configuration. You are the IT security administrator for a small corporate network. You need to enable logging on the switch in the networking closet. In this lab, your task is to: Complete this lab as follows: 1. Access the Log Settings for the switch. 2. Enable Logging and Syslog Aggregator. 3. Configure RAM and Flash memory logging: 4. Select Apply. Compliance with local, national, and international security regulations and laws is now part of daily operations. These requirements cover close to all data that is collected, used, stored, and shared. These requirements have many variables that include but are not limited to: industry, size of company, types of PII, and the use of data. Substantial financial penalties are levied when a company is found non-compliant. The services of legal advisors is highly recommended to ensure compliance. The two most important laws in recent memory are the GDPR, or the General Data Protection Regulation of the European Union, and the California Consumer Protection Act The Cloud Security Alliance (CSA) is a relatively new, ten-year-old security framework. With the exponential growth of cloud computing, the need for a cloud security framework was crucial. Along with best practices in cloud security, CSA also introduced the first cloud-centric individual certification. It works because it aggregates best security practices from all business and educational verticals. This ensures that the individual framework needs of each company are met using relevant, up-to-date information. Within CSA, there is a Cloud Control Matrix (CCM). This matrix is a guide to assist prospective cloud users in evaluating a cloud provider's security risk. This matrix also helps cloud providers integrate fundamental security principles into their services. It works with frameworks like NIST, ISO 27001, and ISO 27002. The function of CSA and CCM are: > CSA *It is important that, as a security professional, you keep current with changes to laws, regulations, and frameworks. Deterrent The deterrent control type discourages malicious actors from trying to breach a network. The more deterrents are implemented, the less likely it is that anyone tries. These could include internal security policies, access-protected doors for a server room, entry-point access restriction, biometric sensors, man traps, security cameras, security training, and security guards. Detective controls monitor network activity and inform the security team of a potential security event. Detective controls also log activities and provide artifacts to help investigate the event. Intrusion detection systems are an example of detective controls. Physical deterrents keep unauthorized people from physically accessing a company's assets. Locked doors, proximity cards, fences, cameras, and guards are all ways to physically protect a network. Preventative controls, such as an IPS, are used to prevent security breaches. Personally identifiable information (PII) Personally identifiable information (PII) is information that can be used on its own or with other information to identify, contact, or locate a single person. This information includes: > Full name (if not common) Proprietary information is information that a company wishes to keep confidential. Private internal information is restricted to individuals within the organization and can include personnel records, financial records, and customer lists. Private restricted information is restricted to limited authorized personnel within the organization and can include trade secrets, strategic information, and highly sensitive information. HIPAA In the US, you must follow laws dictated by three government acts: HIPAA stands for Health Insurance Portability and Accountability Act. HIPAA protects medical records and personal health information. Companies that provide healthcare insurance handle HIPAA-protected information. And, of course, companies that provide health-related services also handle HIPAA-protected information. FACTA (Fair and Accurate Credit Transactions Act) was created to protect against identity theft. The act applies to the disposal of consumer reports and related information. FACTA includes credit reports, credit scores, employment history information, check writing history, insurance claims, residential or tenant history, and medical history. Every business handles FACTA-protected information, and every business must comply with FACTA laws. FISMA (Federal Information Security Management Act) protects government information. It is primarily concerned with proper data destruction and has detailed disposal requirements. ACA is the Affordable Care Act, often referred to as Obamacare. Which type of control is used to discourage malicious actors from attempting to breach a network?IPS. A network security technology that monitors network traffic to detect anomalies in traffic flow. IPS security systems intercept network traffic and can quickly prevent malicious activity by dropping packets or resetting connections.
Which of the following are control categories select three quizlet?Control categories define techniques used to protect network data and security. Three major categories have been defined for network security: managerial, operational, and technical.
Which of the following best describes compensating controls?Which of the following BEST describes compensating controls? Partial control solution that is implemented when a control cannot fully meet a requirement.
Which of the following is the primary purpose of change control?The primary purpose of change control is to monitor the lifecycle of all changes, ensuring minimal project disruption.
|