Security awareness lab 5 | Computer Science homework help

Lab 5
1. From your computer workstation, create a new text document called Security Awareness Lab #5.
2. Review the following Web addresses, and in your text document, first list the name of the security awareness policy you reviewed, and then discuss the policy’s main components (do this for each document you research at these Web addresses):
• Health care: State of North Carolina Department of Health and Human Services (http://info.dhhs.
state.nc.us/olm/manuals/dhs/pol-80/man/06security_training_and_awareness.pdf)
• Higher education: University of Massachusetts (http://www.massachusetts.edu/policyfaq/faq.cfm)
• Health care: Community Health Plan of Washington (http://chpw.org/assets/file/Security-
Awareness-and-Training-Policy.pdf)
3. Review the following risks and threats found in the user domain:
• Dealing with humans and human nature
• Dealing with user or employee apathy toward information systems security policy
• Accessing the Internet and opening “Pandora’s box”
• Surfing the Web, a dangerous trek into unknown territory
• Opening e-mails and unknown e-mail attachments, which can lead to malicious software and codes
• Installing unauthorized applications, files, or data onto organization-owned IT assets
• Downloading applications or software with hidden malicious software or codes
• Clicking on an unknown URL link that has hidden scripts
4. In your text document, identify a security control or countermeasure to mitigate each risk and threat identified above for the user domain. Draw from what you read at the Web addresses in Step 2.
5. Review the following risks and threats found in the workstation domain:
• Unauthorized access to workstations
• Operating system software vulnerabilities
• Application software vulnerabilities
• Viruses, trojans, worms, spyware, malicious software, and malicious code
• A user inserting CDs, DVDs, USB thumb drives with personal data and files onto organization-
owned IT assets
• A user downloading unauthorized applications and software onto organization-owned IT assets
• A user installing unauthorized applications and software onto organization-owned IT assets
6. In your text document, identify a security control or countermeasure to mitigate each risk and threat identified above for the workstation domain. Draw from what you read at the Web addresses in Step 2.
7. In your text document, create an organization-wide security awareness training policy for the XYZ Credit Union/Bank:
• The organization is a regional XYZ Credit Union/Bank that has multiple branches and locations throughout the region
• Online banking and use of the Internet are the bank’s strengths, given its limited human resources
• The customer service department is the organization’s most critical business function
• The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT
security best practices regarding its employees
• The organization wants to monitor and control use of the Internet by implementing content
filtering
• The organization wants to eliminate personal use of organization-owned IT assets and systems
• The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls
• The organization wants to implement security awareness training policy mandates for all new hires
and existing employees. Policy definitions are to include GLBA and customer privacy data require-
ments, in addition to a mandate for annual security awareness training for all employees
Using the following template, in your text document, create a security awareness training policy for the XYZ Credit Union/Bank organization (this should not be longer than three pages):
XYZ Credit Union
Security Awareness Training Policy
Policy Statement
{Insert policy verbiage here.}
Purpose/Objectives
{Insert the policy’s purpose as well as its objectives; use a bulleted list of the policy definition.}
Scope
{Define whom this policy covers and its scope.
Which of the seven domains of a typical IT infrastructure are impacted?
What elements, IT assets, or organization-owned assets are within the scope of this policy?}
Standards
{Does this policy point to any hardware, software, or configuration standards?
If so, list them here and explain the relationship of this policy to these standards. In this case, workstation domain standards should be referenced; make any necessary assumptions.}
Procedures
{Explain how you intend to implement this policy across the organization and how you intend to
deliver annual or ongoing security awareness training for employees.}
Guidelines
{Explain any roadblocks or implementation issues that you must address in this section and how you will overcome them per defined policy guidelines.}
8. Submit the text document to your instructor as a deliverable for this lab.

Lab Assessment Questions & Answers
1. How does a security awareness training policy impact an organization’s capability to mitigate risks, threats, and vulnerabilities?

2. Why do you need a security awareness training policy if you have new hires attend or participate in the organization’s security awareness training program during new hire orientation?
3. What is the relationship between an acceptable use policy (AUP) and a security awareness training policy?

4. Why is it important to prevent users from engaging in downloading or installing applications and software found on the Internet?

5. When trying to combat software vulnerabilities in the workstation domain, what is needed most to deal with operating system, application, and other software installations?

6. Why is it important to educate users about the risks, threats, and vulnerabilities found on the Internet and World Wide Web?
7. What are some strategies for preventing users or employees from downloading and installing rogue applications and software found on the Internet?
8. What is one strategy for preventing users from clicking on unknown e-mail attachments and files?

9. Why should you include organization-wide policies in employee security awareness training?

10. Why does an organization need a policy on conducting security awareness training annually and periodically?

11. What other strategies can organizations implement to keep security awareness top of mind with all employees and authorized users?
12. Why should an organization provide updated security awareness training when a new policy is implemented throughout the user domain or workstation domain?

Calculate your paper price
Pages (550 words)
Approximate price: -

Why Choose Us

Quality Papers

We value our clients. For this reason, we ensure that each paper is written carefully as per the instructions provided by the client. Our editing team also checks all the papers to ensure that they have been completed as per the expectations.

Professional Academic Writers

Over the years, our Acme Homework has managed to secure the most qualified, reliable and experienced team of writers. The company has also ensured continued training and development of the team members to ensure that it keep up with the rising Academic Trends.

Affordable Prices

Our prices are fairly priced in such a way that ensures affordability. Additionally, you can get a free price quotation by clicking on the "Place Order" button.

On-Time delivery

We pay strict attention on deadlines. For this reason, we ensure that all papers are submitted earlier, even before the deadline indicated by the customer. For this reason, the client can go through the work and review everything.

100% Originality

At Essay USA, all papers are plagiarism-free as they are written from scratch. We have taken strict measures to ensure that there is no similarity on all papers and that citations are included as per the standards set.

Customer Support 24/7

Our support team is readily available to provide any guidance/help on our platform at any time of the day/night. Feel free to contact us via the Chat window or support email: support@acmehomework.com.

Try it now!

Calculate the price of your order

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Essay USA has stood as the world’s leading custom essay writing services providers. Once you enter all the details in the order form under the place order button, the rest is up to us.

Essays

Essay Writing Services

At Essay USA, we prioritize on all aspects that bring about a good grade such as impeccable grammar, proper structure, zero-plagiarism and conformance to guidelines. Our experienced team of writers will help you completed your essays and other assignments.

Admissions

Admission and Business Papers

Be assured that you’ll definitely get accepted to the Master’s level program at any university once you enter all the details in the order form. We won’t leave you here; we will also help you secure a good position in your aspired workplace by creating an outstanding resume or portfolio once you place an order.

Editing

Editing and Proofreading

Our skilled editing and writing team will help you restructure you paper, paraphrase, correct grammar and replace plagiarized sections on your paper just on time. The service is geared toward eliminating any mistakes and rather enhancing better quality.

Coursework

Technical papers

We have writers in almost all fields including the most technical fields. You don’t have to worry about the complexity of your paper. Simply enter as much details as possible in the place order section.