18) The remote workplace infrastructure represents another challenge for cybersecurity professionals. Security policies have to be adjusted to accommodate remote workers such that cyber policies and principles are applicable.
Research remote workspace policies.
Design a 7-10-minute presentation of 15-20 slides for upper management who dont know much about IT that focus on cybersecurity issues related to remote work.
Use the following bullet points
-Describe eight security failures.
-Relate the security failures to the principles of cybersecurity (CIA triad).
-Explain specific design principles that have been violated.
-Recommend the design principles needed for remote workers.
-Title slide and reference slide.
-Include graphics/charts or design
-Support your presentation with a minimum of three scholarly resources.
19) In your own words, what do you understand by exception management.
Discuss why this type of management is both required and risky if improperly used by your technical managers.
Provide a real-world example to support your ideas.
20)Describe a Disaster Recovery Plan (DRP) including why it is an important function within IT and how it could be used.
Explain how a DRP differs from a BCP(Business Continuity Plan).
Describe three key points that would be covered in a DRP that would not be included within a BCP.
21)patching is the set of changes conducted to a server or system in order to improve, update, shore up security vulnerabilities, and remove bugs. This action, usually put forward by the vendor, is often automatic in client operating systems.
Create a patch management policy. The 250-750-word policy must include the following:
a)Quality Assurance Plan:
Be clear and concise, utilize position title, and provide detailed instructions on requirements.
Include events, timelines, and management requirements.
Include a timeline, notifications, and supporting departments.
Identify at least two levels up and include organizational notification requirements.
e)Time of Day:
Identify maintenance window and exceptions to the policy.
22) The security team has been tasked to create a draft for a security policy for the director. From the list of 12 topics provided, SELECT ONE TOPIC.
Summarize what the policy is and any key points you would implement within the company. Explain why you chose those points and how they work to protect your organization.
a)Acceptable Use Policy for End-Users
b)Remote Access Policy
e)Limitations of Liability
h)Physical Access Control Policy
i)Operating System Updates
l)Data Classification Standards.
23) In order to succeed in any program in the professional world we must plan.
Select any industry that is of interest to you. It may be retail, education, telecommunications, health care, finance, etc.
Create a fictional business within this industry to be the basis for your project.
You are either the Chief Intelligence Officer for Master of Science in Information Technology and MBA in Cybersecurity students,
the Chief Information Security Office for Master of Science in Information Assurance and Cybersecurity and Master of Science in Cybersecurity students.
It is important to remember that according to the definition provided in ISO 32302, a BCP is “documented procedures that guide organizations to respond, recover, resume, and restore to a pre-defined level of operation following disruption.”
A)Complete the first stage of your Business Continuity Plan (BCP) by developing the primary outline for a BCP to identify key aspects of the organization.
Resources associated with ISO 27001 and NIST SP 800-53 and conduct your own research about each to prepare for this assignment.
Reference the “FEMA Small Business Continuity Plan Template” and “Risk Assessment Matrix”. The FEMA template can be used but copying and pasting any section of the document for the assignment constitutes plagiarism and will be treated as such. Use your own words when filling out each section of the BCP.
B)Develop the content for your company’s BCP.It should include all the following:
Be precise and detailed and provide a detailed understanding of the program.
2) Document Change Control:
Chart should be completed.
Include the Overview, Plan Scope, and Applicability that evaluates the appropriateness of cybersecurity frameworks for developing a cybersecurity program to align with business needs, Plan Objectives, and Plan Assumptions.
4)Risk Assessment Matrix Template: Complete the “Risk Assessment Matrix Template” provided as this element is not shown in the sample BCP template.
5)Critical Business Functions Overview: Detail components that are critical to business operations and provide a clear understanding of what the program is designed to address.
6)Company Organizational Chart: Create your own as this is not shown in the sample template. Include the following key positions: CEO, CFO, CIO, CISO, and COO.
Submit the BCP including the completed “Risk Assessment Matrix Template” and Company Organizational Chart.
Support the BCP with a minimum of three scholarly resources.
24) 16) CHOOSE ONE of the following principles of cybersecurity:
Simplicity of design (economy of mechanism)
Minimization of implementation (least common mechanism)
Fail-safe defaults/Fail secure
Least astonishment (psychological acceptability)
Minimize trust surface (reluctance to trust)
Imagine you are the department head for a local business and your director has asked you to explain in simplistic terms the core concepts of the selected principle. Provide a clear and precise definition and example of the concept and how it is used in your systems for the organization where you work.