CYB_100_3-3

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

100

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

9

Uploaded by DrTree1894

Report
CYB 200 Module Three Case Study Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) Deploy an automated tool on network perimeters that monitors for unauthorized transfer of sensitive information and blocks such transfers while alerting information security professionals. X X C Transfers are being checked to ensure they are not of a sensitive nature and are allowed to be transferred. This is limiting the amount of information that is entrusted to the third-party cloud. Monitor all traffic X C All data is being
Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) leaving the organization to detect any unauthorized use. checked to ensure it is allowed. Essentially the definition of complete mediation. Use an automated tool, such as host- based data loss prevention, to enforce access controls to data even when data is copied off a system. X C The cloud has a has a copy of the trust relationships of who can access what. Physically or logically X C + I Higher-risk
Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) segregated systems should be used to isolate higher-risk software that is required for business operations. Software is being isolated to protect data from unauthorized use or changes. Make sure that only the resources necessary to perform daily business tasks are assigned to the end users performing such tasks. X X A End users are only trusted with the information essential for their job tasks. Data is available to those who need it but not
Control Recommendations Isolatio n Encapsulatio n Complet e Mediatio n Minimize Trust Surface (Reluctance to Trust) Trust Relationship s Security Objectiv e Alignme nt (CIA) Explain Your Choices (1–2 sentences) to users who do not need it to perform their job. Install application firewalls on critical servers to validate all traffic going in and out of the server. X X C Firewalls default to not allow data through unless it is explicitly allowed through. Require all remote login access and remote workers to authenticate to the network using multifactor X X A Multifactor authentication allows for establishing which users are trusted with which type of
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help