Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

ISSC471 Creating Compliance Within User Domain Discussion

ISSC471 Creating Compliance Within User Domain Discussion

ISSC471 Creating Compliance Within User Domain Discussion
Question Description
I need to respond to the below two students discussions with 150 words minimum for each. Below in bold are the questions the students are answering.
1. What are the functional control types? provide an example for each type.
2. What is the principle of least privilege? Why is it important to implement?
3. List and briefly discuss the User Domain Compliance Requirements.
Student one answers:
Hello Everyone,
For this week’s forum post we are to discuss three questions given to us by out instructor.
What are the functional control types? provide an example for each type.
First one our books states is Preventative controls: these are the basics of controls that you can see and feel.These are things like locks doors or especially locked door to a server room would be important.
Detective Controls: I think the better description with the potential environment we all maybe working in is are log analysis tools.Many employees use the organizations computers for many different things.An employee whom would work a Monday through the log analysis tools among an array of tools.
Corrective Controls: This is more of a software tool for instance a proxy server or an antivirus, so then the administration can scan the complete system to find a virus that has infiltrated security.
What is the principle of least privilege? If a user has access to a complete system, the security is ineffective. I am using Air Force computers all the time and I do not have access to most of the folders on the shared network. I only have access to certain folders that pertain to my unit.
Why is it important to implement? This is important because since I have the least amount of privilege with access to folders, I cannot venture off to different folders and look at some data that is not intended for my eyes.
List and briefly discuss the User Domain Compliance Requirements.
In a nutshell known your personnel, do not break any laws, spin up your employees on practices on the system and how to handle sensitive information.
Solomon, M. G., & Weiss, M. (n.d.). Auditing IT Infrastructures for Compliance. Retrieved March 26, 2019, from https://www.oreilly.com/library/view/auditing-it-i”¦
-Carlos
Student two answers:
During this weeks readings I found that there are three functional control types. They include Preventive, Detective and Corrective controls. Preventive controls are put in place to stop actions. Examples of preventive controls include door locking mechanisms, computer access controls, or placing keypads to access a secured area. Preventive controls are put in place to ensure undesired actions do not occur (Weiss, 2015). Detective controls are used to recognize actions before they actions occur. Examples of detective actions include motion detectors and using logs to analyze functions (Weiss, 2015). In a way, I believe auditing can be used as an example of detective controls. Lastly, Corrective controls fix the results of an action (Weiss,2015). Examples of corrective controls would be implementing a patch management process on a network to ensure vulnerabilities are patched. It is simply an action put in place to correct a known vulnerability.
The principle of least privilege is the practice of limiting access or rights of users on a network based solely on what is needed to perform their duties. Under the principle of least privilege, users only have read, write, r execute only on resources needed for there job. This is important to implement in a network in order to isolate the amount of damage that can be done by users. For example, the IT department should not have write or execute access to the HR department’s resources. If they did, they can delete or lose important information needed by the HR department.
Lastly, the user domain compliance requirements I will discuss include Need to Knows and confidentiality agreements. Need to know is implemented to ensure users have access to data that they are authorized to access (Weiss, 2015). This way not every user can gain access to classified data. Confidentiality agreements provide a company a legal support. It ensures its user abide and can be held legally accountable in case of a security incident.
Weiss, Martin & Solomon, Michael G. (2015). Auditing IT Infrastructures For Compliance. Second Edition.Jones & Bartlett Learning: Information Systems Security & AssuranceCurriculum. ISBN: 1284090701 978-1284090703
-Jason B

“Place your order now for a similar assignment and have exceptional work written by our team of experts, guaranteeing you A results.”

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer to all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.

Phoenix Papers Inc.

Your one stop solution for all your online studies solutions. Hire some of the world's highly rated writers to handle your writing assignments. And guess what, you don't have to break the bank.

© 2021 Phoenix Papers Inc.