Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.

QUESTION

Final deliverable should be a comprehensive report that addresses several security domains.Authentication (both administrative and end user) Auditing and accounting for user actions Encryption for

Final deliverable should be a comprehensive report that addresses several security domains.

  • Authentication (both administrative and end user)
  • Auditing and accounting for user actions
  • Encryption for data at rest and in flight
  • Mechanisms to detect attacks (outsider vs insider) This includes provisions for social engineering/phishing. 
  • An incident response plan (identify stakeholders, responses to different levels of events, testing)
  • Physical security at HQ and physical security requirements for vendors. 

The format is to open with a purpose statement. Then include a scope statement outlining the boundaries followed by a statement to define who is responsible for the document and the systems and a definition of stakeholders. And a response for each subject area. Any frameworks or methodologies used should be clearly stated as well.  Any dependencies or controls that are inherited from the vendors should also be clearly stated.  

Show more
Files: CRADLE3.jpg
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question