After reading this week\'s materials, please respond to TWO (2) of the following
ID: 3817405 • Letter: A
Question
After reading this week's materials, please respond to TWO (2) of the following questions. PROVIDE CITATION IN APA
1. Describe the controls contained within the three Access Control categories that can be integrated within a defense-in-depth model and give an example of one that you have read about or have knowledge of from your own experience.
2. Describe three threats to Access Control from what were covered within the reading and give an example of each.
3. Describe three of the intrusion detection system types used in access control monitoring covered within the reading. What is a honeypot and what are the legal concerns with using them?
4. What are the challenges that an Identity and Access Management system helps overcome? What benefits does it provide?
5. Describe the process of Identification, Authentication, Authorization, and Accountability. What is a race condition?
6. Discuss the single sign-on technologies Kerberos, security domains, directory services and thin clients. What does federation provide?
Explanation / Answer
Question 1
Introduction
The most important requirement of any information management system is protect data and resources against unauthorized disclosure (secrecy) and unauthorized or improper modifications (integrity), ensure availability only to legitimate users (no denials-of-service) and for enforcing these protections requires that every access to a system and its resources to be controlled, all and only authorized accesses can take place and this process is access control. The development of an access control system requires the definition of the regulations accordingly access to be controlled and implementation as such functions executable by a computer system. This development process is usually carried out with a multi-phase approach based on the following concepts.
Security Policy
Security policy defines the high-level rules according to the access control must be regulated.
Security Model
Security Model provides a formal representation of the access control security policy and working. The formalization this security model allows the proof of properties on the security provided by the access control system being designed.
Security Mechanism
Security mechanism defines the low level functions of software and hardware that implement the controls imposed by the policy and formally stated in the model.
The above three concepts correspond to a conceptual separation between different levels of abstraction of the design and provides the traditional advantages of multiphase software development and the separation between policies and mechanisms introduces an independence between protection requirements to be enforced on the one side and mechanisms enforcing them on the other. Now it is possible to discuss protection requirements independently of their implementation, compare different access control policies as well as different mechanisms that enforce the same policy and design mechanisms able to enforce multiple policies.
PKWARE’s Smartcrypt is a revolution in enterprise data centric security management enabling companies to maintain complete control over their protected data. The Smartcrypt solution combines the strength and reliability of PKI-based encryption with the ease and simplicity of passphrase-based security utilizing quantum key generation technology. Smartcrypt targets protecting the core of an organization's asset, its data. The Smartcrypt Platform consists of an end-user application and a web-based manager console and also includes a Software Development Kit (SDK) that is available in every major programming language. The robust security solution offers both data and field level protection that can be added right into workflows, repeatable processes and applications with minimal effort, and also used independently when needed.
Question 2
Threats to Control Access
Introduction
Information Technology advancements have raised many concerns about the risks to data associated with weak IT security, including vulnerability to viruses, malware, attacks and compromise of network systems and services and inadequate IT security may result in compromised confidentiality, integrity, and availability of the data due to unauthorized access. Staying ahead of the ever-evolving threat of a data breach requires diligence on the part of the community in understanding and anticipating the risks.
Non-Existent Security Architecture
Some of the organizations not established the security architecture and leaving networks vulnerable to exploitation and the loss of personally identifiable information, due to lack of resources or qualified IT staff, organizations’ networks are connected to the internet directly, or are connected using out-of-the-box network appliances with default configurations attached, with no additional layer of protection. It is important to note that having a firewall alone is not sufficient to ensure the safety of a network. Inadequate network protection results in increased vulnerability of the data, hardware, and software, including susceptibility to malicious software (malware), viruses, and hacking. If the network contains sensitive information such as students’ social security numbers, it is critical that even in a very limited resource environment, minimal user, network and perimeter security protection mechanisms (such as anti-virus) are implemented, including making sure that anti-virus software is properly configured and robust security architecture is essential and provides a roadmap to implementing necessary data protection measures.
Example: Intel will continue to deliver guidance to McAfee with a 49 percent stake in the security company. The new McAfee will be more nimble and more agile to easily adapt to the new dynamic security landscape. It is a great outcome for channel partners and end customers to solve the new challenges with solutions. The channels can be the security architect for their customers and partners can play a big role in crafting the architect story for organizations, by either delivering directly, or on the cloud, or from vendor services. Being in control of customer’s security architecture is the biggest evolution for channels.
Un-patched Client Side Software and Applications
Variety of software applications run by computers and these includes older versions may contain vulnerabilities and that can be exploited by malicious actors. Keeping up with software updates and upgrades and in addition to applying manufacturer-recommended patches to minimizes many of these vulnerabilities.
Example: Released last June, Microsoft SQL Server 2016 has been available for about eight months, even longer if using one of the CTP versions as far back as 2015 and now well most infrastructure teams and management will soon be evaluating the costs, benefits, and risks of upgrading to SQL Server 2016.
Phishing and Targeted Attacks (Spear Phishing)
One way malicious individuals or criminals (hackers) target individuals and organizations to gain access to personal information through emails containing malicious code and this is referred to as phishing. Once infected emails are opened, the user’s machine can be compromised.
Example: A new report has revealed that China-based cyber gang has compromised UK firms as part of a systematic global hacking operation. The attacks found to have breached a wide variety of secret data ranging from personal data to intellectual property, in what the report described as one of the largest ever sustained global cyber espionage campaigns.