Module 5 Module 05 Content As a portion of security compliance, one of the board members used SANS security controls at a former business and was very p

Module 5 Module 05 Content

As a portion of security compliance, one of the board members used SANS security controls at a former business and was very p

Click here to Order a Custom answer to this Question from our writers. It’s fast and plagiarism-free.

 

Module 05 Content

  1. As a portion of security compliance, one of the board members used SANS security controls at a former business and was very pleased with its outcomes. Based on this knowledge and to meet the needs of the board members, you have decided on implementing a few monitoring rules to help meet the requirements of five of the SANS Top 20 Controls.
    For this part of your project, you will be addressing the following SANS Security Controls:

    • Asset Inventory of Authorized and Unauthorized Devices
    • Software Inventory of Authorized and Unauthorized Devices
    • Malware Defenses
    • Boundary Defense
    • Controlled use of Administrative Privileges
    • For each of these controls below, create a document that details the following information for each monitoring rule:
    • Brief description of the monitoring used and the alerting processes
    • Devices to pull log data from in order to satisfy the monitoring rule.
    • Frequency of the log data collection: (Real-Time, Hourly, Weekly, Monthly, Annually)
    • At least two ways this monitor could be tested to validate any false positives or negatives
    • Your reports should use professional tone and vocabulary, APA format, and proper spelling and grammar.
      Submit your completed assignments by following the directions linked below. Please check the Course Calendar for specific due dates.
      Save your assignments as a Microsoft Word document. (Mac users, please remember to append the “.docx” extension to the filename.) The name of the file should be your first initial and last name, followed by an underscore and the name of the assignment, and an underscore and the date. An example is shown below:
      Jstudent_exampleproblem_101504

Sheet1

Brief description of the monitoring used and the alerting processes Devices to pull log data from in order to satisfy the monitoring rule. Frequency of the log data collection At least two ways this monitor could be tested to validate any false positives or negatives
Asset Inventory of Authorized and Unauthorized Devices Reduces the ability of attackers to find and exploit unauthorized and unprotected systems. Uses active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the business network, including servers, workstations, laptops, and remote devices. Spiceworks, Colasoft MAC Scanner, or Angry IP Scanner Monthly Physical device search, Mac address search, or port ping search
Software Inventory of Authorized and Unauthorized Devices Identify vulnerable or malicious software to mitigate or root out attacks. Devise a list of authorized software for each type of system, and deploy tools to track software installed. Require administrative login for all software. CIS Controls or Spiceworks Monthly Physical device search or Administrative login approval
Malware Defenses Block malicious code from tampering with system settings or contents, capturing sensitive data, or spreading. Use automated anti-virus and anti-spyware software to continuously monitor and protect workstations, servers, and mobile devices. AVG Business Internet Security or Total AV. If running Windows then Windows Defender Real Time Real time and Weekly scans of all devices. Montoring rules set in place for all incoming and outgoing data.
Boundary Defense Control the flow of traffic through network borders, and police content by looking for attacks and evidence of compromised machines. Firewalls, Proxies, and various network tools. Weekly Regular scans from outside the trusted network boundary and remote logging into organization network.
Controlled use of Administrative Privileges Protect and validate administrative accounts on desktops, laptops, and servers by running security audits on all devices connected to the network. Admin workstation, Admin devices for work, and server Quarterly Use audit software and physically check all device log files.

Place your order now for a similar assignment and have exceptional work written by one of our experts, guaranteeing you an A result.

Need an Essay Written?

This sample is available to anyone. If you want a unique paper order it from one of our professional writers.

Get help with your academic paper right away

Quality & Timely Delivery

Free Editing & Plagiarism Check

Security, Privacy & Confidentiality