Assessment matrix | Human Resource Management homework help

For the scenario below, choose appropriate security controls from the SAN’s 20 critical security controls and choose the remainder of controls that are needed to secure this system from the listing of controls provided from NIST 800-53 rev 4 (see webliography). You will select a total of 10 security controls. List the control by type, mapping them as best as you can to the NIST Control Families (i.e. PE-3, etc. and provide a one sentence description of the function of this control). NOTE: You will address each control in the 20 critical security controls document and determine whether or not the control is appropriate to security the system in the scenario. You will provide a sentence or two on why or why not it should be selected. The 20 critical security controls must be addressed for the scenario but not necessarily selected for the scenario. The rest of the 10 controls you will select can be chosen from the NIST SP 800-53, Rev. 4 controls, from the Access Controls Family (I’ve provided a list, below, however you will review each of the controls in the document provided in Course Content). For example, if you choose two of the twenty SANS controls, you will select eight of the Access controls for a total of ten controls. Scenario: The following illustration shows an example of a public, unsecured Windows Communication Foundation (WCF) client and server. The system is not secure. This is a small business. It is a client/server system. The system is located in an unlocked room within the main building of the business. The business only has two buildings. One building houses all the computer equipment plus the data about their customers. How would you secure this system?

Connect with a professional writer in 5 simple steps

Please provide as many details about your writing struggle as possible

Academic level of your paper

Type of Paper

When is it due?

How many pages is this assigment?

 

Assessment Matrix

Name:

Date: July 3, 2014

SANS Critical Controls

Explain selection rationale

Enter  Y for selected and N for not selected

Inventory of Authorized and Unauthorized Devices

 

 Y

Inventory of Authorized and Unauthorized Software

 

 

Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

 

 Y

Continuous Vulnerability Assessment and Remediation

 

 Y

Malware Defenses

 

 Y

Application Software Security

 

 

Wireless Access Control

 

 

Data Recovery Capability

 

 

Security Skills Assessment and Appropriate Training to Fill Gaps

 

 

Secure Configurations for Network Devices such as Firewalls, Routers, and Switches

 

 

Limitation and Control of Network Ports, Protocols, and Services

 

 

Controlled Use of Administrative Privileges

 

 

Boundary Defense

 

 

Maintenance, Monitoring, and Analysis of Audit Logs

 

 

Controlled Access Based on the Need to Know

 

 

Account Monitoring and Control

 

 

Data Protection

 

  Y 

Incident Response and Management

 

 Y

Secure Network Engineering

 

 

Penetration Tests and Red Team Exercises

 

 

 

Security Control Assessment

Name of Control

Purpose

 Access Control Policy and Procedure

 

Account Management 

 

Least Privilege 

 

 Data Protection

 

 Inventory of authorized and unauthorized devices

 

Continuous Vulnerability Assessment and Remediation

   

 Incident Response and Management

 

 Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

 

 Malware Defense

 

 

 

 

 

 

 

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more