Commander Garrett requests you to complete an analysis of operating system and DBMS features and how well they are leveraged in your enterprise.
Accordingly, Chief Information Security Officer (CISO) Yao sends over additional information on two topics that you should have mastery over before you proceed:
· Access Control Support in Operating Systems
· Data Protection Features in Database Management Systems
· Security Technical Implementation Guide (STIG)
From reading the STIG learning topic you determined there are multiple Operating and Database system guides available. For this step, consider using the Canonical Ubuntu STIG for Linux or the Microsoft Windows Server STIG and the Database SRG. There are often multiple versions for each STIG so be sure to select the most recent version.
Read through the findings of the STIGs that are labeled as a “High” Severity and identify any finding that fits into the security-related areas of Access Control or Authentication. For example, the following findings in the Canonical Ubuntu 16.04 LTS could be considered to fall under these areas.
· V-75479 – The Ubuntu operating system must not have accounts configured with blank or null passwords
· V-75549 – The root account must be the only account having unrestricted access to the system
Create an Excel (or Word) table to store each finding ID, labeled as High severity fitting into the Access Control or Authentication area along with finding title, description, and how the test if the finding is present in the system. For each finding, discuss if the test could be automated using scripts or a scanner program to quickly determine compliance.
Prepare a report to summarize your findings from the STIG analysis. Be sure to include the table of STIG findings in the report.
Understanding and knowing who has access to what resources and whether various users and administrators continue to need that type of access are critical considerations for any company or agency as requirements and trends are fast changing.
Commander Garrett is heavily involved in monitoring the actions of a current adversary. While she is deciding best approaches for our counter measures, she has requested that I gather Risk Analysis Summaries from each of you.
Her requirements for you are as follows:
· Write a 1-2 page (minimum) document that summarizes the Risk Analysis, and provides a gap analysis of the enterprise’s Information Systems, with a particular focus on two infrastructure components: operating systems and database management systems The report will assess the current security aspects of the database management systems and operating system(s) and make recommendations for controls that will improve/enhance the security posture of the enterprise.
· Include and discuss additional High severity STIG findings, not previously discussed, to enhance your report
-research paper writing service
Why Work with Us
Top Quality and Well-Researched Papers
Professional and Experienced Academic Writers
Free Unlimited Revisions
Prompt Delivery and 100% Money-Back-Guarantee
Original & Confidential
24/7 Customer Support
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.