Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by alitareq774

ITSM603 PROJECT GROUP D

advertisement 
ITSM603 PROJECT GROUP D
FUNDAMENTALS OF INFORMATION SYSTEM SECURITY
CHAPTER: 7 & 8
1.Moniya Akter
2.Shekh Tareq Ali
3.Nafisa Arshad
4.Molisha Bajracharya
5.Rajesh Kandimalla
6.Abdul Mannan Khan Sherani
7.Tasnim Tithe
Security Auditing and Analysis

Auditing is very important estimate for avoiding data breaking agreement.

By auditing Computer system it helps to check how operating system meet the destination of data
auditing.

Auditing can be done manually or with the help of Automated machine.

By auditing it is easy to compare the difference and where focus more for more security.
Importance of security Auditing:

Auditing data helps finding which is acceptable and unacceptable .

Establish standards based on those created or approved by standards bodies.

It is appropriate to communicate and take other acts that are allowed by a policy statement.
Security Testing
•
Security testing is a crucial process to identify vulnerabilities and weaknesses in an information
system's defenses.
•
It aims to assess the system's ability to protect data, maintain functionality, and prevent unauthorized
access.
•
Security testing is a critical part of the software development lifecycle.
•
Regular security testing helps identify and address vulnerabilities before they can be exploited.
•
A comprehensive security testing strategy strengthens the overall security posture of the system.
•
By ensuring robust security measures, organizations can protect their data and reputation from
potential threats.
Importance of Security Testing
•
Protects sensitive data from breaches and unauthorized access.
•
Ensures compliance with industry regulations and data protection laws.
•
Preserves the reputation and trust of customers and stakeholders.
•
Mitigates financial losses and potential legal liabilities.
Types of Security Testing.
Vulnerability Assessment
•
Identifies known vulnerabilities in the system through scanning and automated tools.
•
Provides a comprehensive list of potential weaknesses that require remediation.
•
Example Tools: Nessus, OpenVAS.
Penetration Testing
•
Simulates real-world attacks to assess the system's resistance to threats.
•
Penetration testers act as ethical hackers to exploit vulnerabilities and provide actionable insights.
•
Types: Black Box (no prior knowledge), White Box (internal knowledge), Grey Box (partial knowledge).
•
Example Tools: Metasploit, Nmap.
Security Code Review
–
Analyzes the application's source code to find security flaws.
–
Manual and automated reviews help detect coding errors and vulnerabilities.
–
Enhances the software's security posture before deployment.
–
Example Tools: Fortify, Veracode.
Security Configuration Testing
–
Evaluates system configurations to ensure secure settings.
–
Verifies that default settings are changed and sensitive data is protected.
–
Helps prevent misconfigurations that could lead to security breaches.
–
Example Tools: OpenSCAP, CIS-CAT.
Security Monitoring

Security monitoring is a crucial aspect of maintaining a safe digital world, ensuring that our computer
systems, networks, and digital spaces are functioning properly. It is like a digital security guard,
monitoring and detecting unusual activities and behaviors in our systems. Security monitoring tools
send alerts to the right people when a potential security issue is detected, providing a sense of security
and alertness.”

Security monitoring protects data, ensuring smooth systems and preserving privacy. It prevents
unauthorized access and theft of personal information, ensures smooth systems, and preserves privacy
by detecting issues that may slow down or disrupt digital operations.
Key Benefits of Security Monitoring:

Key benefits of security monitoring include early detection, fast response, and peace of mind. Early
detection helps prevent major security breaches, while swift responses minimize damage and keep
systems safe. By implementing security monitoring, we can focus on using our computers and
networks without worrying about security threats. Overall, security monitoring is like a watchful
guardian for our digital world, ensuring that our data, systems, and privacy remain secure.
Risk Management
•
Process of identifying, assessing, controlling and managing threats
by minimizing the threats and maximizing the opportunities and
outcomes
•
In a well-developed risk management program, there are two
formal processes are used at work:

Risk identification

Risk controls
Risk Identification
Risk Controls

Risk controls specially address admission of a user in the trusted
organization

Risk controls can be:


Mandatory access controls (MAC)

Nondiscretionary controls

Discretionary access controls (DAC)
Risk controls usually consist of a combination of policies, programs
and technologies
Responses For An It System Security
When an IT system security risk occurs, the common responses involve a series of actions
aimed at mitigating the impact and resolving the risk.

1.Identification and Validation: Confirming that a risk has been occurred and verifying its
nature and scope.

2.Containment: Isolating affected systems or devices to prevent further damage and
spreading of the risk.

3.Eradication: Removing the root cause of the risk to ensure that the system returns to a
secure state.

4.Recovery: Restoring risk affected systems, data, and services to their normal state.

5.Search and Analysis: Conducting thorough an investigation to understand how the risk
occurred in the system, what data was affected, and the extent of the damage and bring
back onto the required position.

6.Communication: Keeping all them risk are informed about the incident status,
response actions, and potential impact.

7.Notification: Complying with legal and regulatory requirements to report the risk
to the appropriate authorities, customers, or partners, if necessary.

8.Lessons Learned: Evaluating the risk response process to identify areas of
improvement and update the incident response plan accordingly.

9.Monitor and Control: Implementing measures to prevent similar incidents in the
future, such as enhanced security controls, regular security assessments, and ongoing
monitoring.

10.Backup: All the data taken during the incident response process for future
reference and using this data the risk cannot happen in future.
Recovery of IT System
Issues related to the recovery of IT System:
1: Data Security and Protection:

Ensuring data security during IT system recovery is crucial to prevent data breaches and unauthorized
access.

Lack of proper encryption, backup, and replication strategies can lead to data loss and compromise
sensitive information.

Implementing access controls, multi-factor authentication, and secure data storage are essential for
safeguarding data integrity.
2: Downtime and Business Continuity:
 Extended
downtime during IT system recovery can result in significant financial losses and damage to
business reputation.
 Redundant
hardware, failover mechanisms, and virtualization technologies are vital for maintaining
uninterrupted business continuity.
 Regular
testing and simulations of recovery plans help identify potential bottlenecks and improve the
efficiency of recovery operations
3: Cybersecurity Threats:

The evolving landscape of cybersecurity threats poses a continuous challenge to IT system recovery
efforts.

Ransomware, DDoS attacks, and other malicious activities can disrupt the recovery process and
compromise system integrity.

Proactive measures, such as real-time threat detection and continuous monitoring, are crucial to
mitigate cybersecurity risks.
4: Resource Constraints and Budget Limitations:

Smaller organizations often face resource constraints and budget limitations when planning for IT
system recovery.

Allocating sufficient funds and resources for disaster recovery becomes a challenging balancing act.

Engaging with third-party disaster recovery service providers can offer cost-effective solutions and
expertise.
5: Regulatory Compliance and Legal Concerns:

Adhering to legal and compliance requirements is essential during IT system recovery.

Failure to comply with data handling, retention, and industry-specific standards can result in penalties
and legal liabilities.

Integrating regulatory compliance into recovery plans ensures a smooth recovery process without legal
hindrances.
CONCLUSION
Successful Information Security Governance doesn’t come overnight; it’s a
continuous process of learning, revising and adapting. While every company may
have its specific needs, securing their data is a common goal for all organizations.
Emerging technologies and cyber-threats will continue to evolve. Data breaches and
security incidents will happen. Rather than scrambling after a security breach,
organizations must put proactive and strategic Information security Governance at
the forefront.
Related documents
Adequate documentation provided data necessary for responding to inquiries regarding the operation of computer program
Adequate documentation provided data necessary for responding to inquiries regarding the operation of computer program
Slides on Professional Ethics
Slides on Professional Ethics
Discussion Board 5737
Discussion Board 5737
Department of Financial Services OBJECT CODE STANDARDIZATION PROJECT Impact Statement Form
Department of Financial Services OBJECT CODE STANDARDIZATION PROJECT Impact Statement Form
Download
advertisement