Testing and Monitoring Security Controls & Security Audits and Assessments
Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.
* Authentication failures are one type of security event. A baseline anomalie that may indicate suspicious activity are unauthorized access attempts that can be found within log files. The log files contain records of all types of security events such as logon events, changes in system configuration and attempted ...view middle of the document...
Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.
* Problem: Removable storage drives introduce malware filtered only when crossing the network.
Solution: Limit user privileges that only include those that are required by the duties that are assigned to that individual. This will hopefully make it clear that no removable storage devices are to be connected to the network, no matter the circumstances unless they are screened first.
* Problem: Predictable passwords meet minimum requirements but remain easily guessable.
Solution: Create a recurring change of passwords, say once every few months, for your company. Have the passwords require a combination of numbers and letters, as well as a special character.
* Problem: Sensitive laptop data is unencrypted and susceptible to physical theft.
Solution: An obvious solution to this problem is to encrypt the drives on the laptop as well as any other kind of sensitive information. Also, you could monitor the laptop for port scanning and any possible malware.