Security Tools Assignment Damon Terry II

.docx

School

Central Washington University *

*We aren’t endorsed by this school

Course

248

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by AdmiralCrane92

Report
Security Tools, SIEM Assessment – Module 10 Objective: It takes a variety of cybersecurity tools working in conjunction to feed into a SIEM and ingest the logs so that the SOC engineer can use the data to make decision on what is happening on the network. The reality of today’s defense-in-depth is that many companies are moving to the cloud. However, many are still working with a variety of environments and ensuring that they all provide inputs to the SIEM is important. On-premise hardware is still a viable environment along with data stored in datacenters as well as cloud environments. This lesson provides the learner an opportunity to research various security tools being used. The list is long of all the various security companies who provide such protections. Another objective for this assignment is for the learner to understand various domains and functions in those domains to ensure a holistic security posture for the company or organization. Instructions: 1) Go out to the internet and research various security tools in each one of these domains: Application Security Device Protection Network Security Data Protection Identity and Access Management Cloud Governance, Risk and Compliance Provide a list of what you found and what domain they go with. Application Security -Web application firewalls (WAF), Static Application security testing. Device Protection – Antivirus software, Device encryption, Find my device. Network Security – Network scanners, Network access control. Data Protection - Firewalls, Data Encryption Identity and Access Management Single sign on(SSO), Multi factor authentication, User provisioning and deprovisioning. Cloud – Access controls, Firewalls. Governance, Risk and Compliance Risk assessment and management, policy management, Audit management. 2) Next pick one or two functions that protect that domain. For example, for Network Security; Remote Access is a function to protect the network. Or for data protection, you have the function of file encryption. There are many functions for each tool; however, choose at least 1 or 2 to add to your table.
The cloud to protect the domain there are many security measures like encryption, access controls and regular backups. Device protection includes security by including strong password requirements and biometric authentication. 3) Pick a tool or tools that would like to see deployed in “your” company. List the tool/tools next to the functions you listed above. Make sure you have defense in depth and cover all the domains which could be affected by either an insider or external attacker. A table would be the easiest way to list them out. You do not need to list a tool for each function unless you want to. If you go this route, you are building a function catalog which every company should have one to reference at all times. If I had to choose security tools for my company, I would aim for a defense in-depth approach to cover various domains and protect against both insider and external threats. Here's a table listing the tools and their corresponding functions. Domain Security Tools Network Security Firewall, IDS/IPS, VPN Device Protection Antivirus Software, Device Encryption Application Security Web Application Firewall (WAF) Data Security Data Loss Prevention (DLP) Physical Security Access Control Systems User Awareness Training Security Awareness Training By implementing these tools, we can establish multiple layers of security to safeguard our company's network devices applications, data, and physical premises. Additionally user awareness training will help educate employees about potential risks and best practices. a. Example: Cloud Cloud Web Application Firewall (WAF) 4) After you have listed out the tool of choice, research for each tool how they provide the necessary protections for your domain. For example, Palo Alto Next Generation Firewalls can provide IDS/IPS for your perimeter, and list how they do this – special signatures or behavior based. Firewall - A firewall, such as Palo Alto Next Generation Firewalls, can provide IDS/IPS for the network perimeter. They use a combination of special signatures and behavior-based analysis to detect and prevent unauthorized access, malicious activities, and potential threats.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help