/ Project: Information Systems Security

Purpose

This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment.

Required Source Information and Tools

Web References: Links to Web references are subject to change without prior notice. These links were last verified on June 12, 2014.

To complete the project, you will need the following:

  1. Access to the Internet to perform research for the project
  2. Microsoft Windows How-To, including:
  3. Optimize Windows for Better Performance: - optimize-windows-better-performance=windows-7
  4. Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing:
  5. What Information Appears in Event Logs? - 1TC=windows-7
  6. Course textbook

Learning Objectives and Outcomes

You will:

  • Explain how to assessrisks, threats, and vulnerabilities
  • Evaluate potential outcomes of a malware attack and exposure of confidential information
  • Evaluate information systems security countermeasures
  • Explain how system hardening relates to a company’s IT security policy framework
  • Analyze the purposes of system hardening
  • Analyzesecurity events
  • Evaluateinformation systems security activities in terms of business contributions

Introduction

Contemporary organizations collect, store, and transmit a tremendous amount of highly sensitive data. Despite the many benefits that information technology offers, these systems are not completely secure. Proper controls must be put in place to mitigate security risks and protect vital business information.

Deliverables

The project is divided into threeparts. Details for each deliverable can be found in this document. Refer to the course Syllabus for submission dates.

  • Project Part 1:Risks, Threats, and Vulnerabilities
  • Project Part 2:System Hardening
  • Project Part 3:Monitoring and Reporting

Project Part 1:Risks, Threats, and Vulnerabilities

Scenario

Fullsoft, Inc. is a software development company based in New York City. Fullsoft’s software product development code is kept confidential in an effort to safeguard the company’s competitive advantage in the marketplace. Fullsoft recentlyexperienced a malware attack; as a result, proprietary information seems to have been leaked. The company is now in the process of recovering from this breach.

You are a security professional who reports into Fullsoft’s infrastructure operations team. The Chief Technology Officer asks you and your colleagues to participate in a team meeting to discuss the incident and its potential impact on the company.

Tasks

Prepare for the meeting bydeliberating on the following questions:

  • How would you assess the risks, threats, and/or vulnerabilities thatmay have allowed thisincident to occur, or could allow a similar incident to occur in the future?
  • What insights about risks, threats, and/or vulnerabilities can you glean from reports of similar incidents that have occurred in other organizations?
  • What potential outcomes should the company anticipate as a result of the malware attack and possibleexposure of intellectual property?
  • Which countermeasures would you recommend the company implement to detect current vulnerabilities, respond to the effects of this and other successful attacks, and prevent future incidents?

Write anoutline of key points (related the questions above) thatthe team should discuss at the meeting.

As a reminder, you may use thebook for this course and the Internet to conduct research. You are encouraged to respond creatively, but you must cite credible sources to support your work.

Project Part 1 should be submitted in the following format and style:

  • Format: Microsoft Word
  • Font: Arial, Size 12, Double-Space
  • Citation Style: Follow your school’s preferred style guide
  • Length: 1–2 pages

Self-Assessment Checklist

  • I have created an outline that describes key points the team should discuss at the meeting. My outline explains how toassess potential risks, threats, and/or vulnerabilities; describes potential outcomes of a malware attack and exposure of confidential information; and recommends countermeasures the company should implement.
  • I have conducted adequate independent research for this part of the project.

Part 2: System Hardening

Scenario

After the productive team meeting, Fullsoft’s CTO engages in further analysis and establishes a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security on all workstations. You will ensure that the antivirus software is running properly,remove unnecessary software and services,andimplement a controlrelated to password hacking attempts.You have been asked to train a new employee by demonstrating how to implementsystem hardening on a local workstation.

Tasks

Ensure that you are logged in as an administrator. Using a computer that has Windows 7* installed:

  • Review the antivirus program and ensure it is up to dateand running a full scan of the system.
  • Disable at least five unnecessary services from the default installation of Windows 7.
  • Configure audit logging to identify all failed password attempts into the system.

* If possible, complete these tasks using a personal computer with the default installation of Windows 7. If you do not own the necessary hardware and software, consult with your Instructor about alternatives. After your work on this project is complete, you may need to return the settings to the previous configuration.

Then,for the employee you are training, write a summary of what you did and explain why system hardening is important. Include the following:

Summary

  • Explain how you ensured the antivirus program is updated and running a full scan of the system; describe anything significant you observed.
  • Explain how you removedunnecessary services from the default installation of Windows 7, noting the five (or more) services by name and function.
  • Explain how you configured audit logging to record all failed password attempts into the system.

Rationale

  • Share an example of an IT security policy, standard, procedure, and guideline that relates to the system-hardening steps you have implemented.
  • Explain the purposes of system hardening in terms ofthe company’s overarching goal of maintaining information systems security.

As a reminder, you may use the book for this course and the Internet to conduct research. You are encouraged to respond creatively, but you must cite credible sources to support your work.

Project Part 2 should be submitted in the following format and style:

  • Format: Microsoft Word
  • Font: Arial, Size 12, Double-Space
  • Citation Style: Follow your school’s preferred style guide
  • Length: 1–2 pages

Self-Assessment Checklist

  • I have summarizedthesystem-hardening steps I implementedon a computer using Windows 7, including:
  • How I ensured the antivirus software is running properly
  • How I removed at least five unnecessary services, noting the services by name and function
  • How I configured audit logging of all failed password attempts
  • I have provided an example to illustrate how system hardening relates to a company’s IT security policy framework, and explained the purposes of system hardening in terms of the company’s overarching goal of maintaining information systems security.
  • I have conducted adequate independent research for this part of the project.

Project Part 3: Monitoring and Reporting

Scenario

Fullsoft’s CTOasks you to continue training the new employee, and highlight the importance ofcontinuously monitoring, testing, and improving countermeasures. You inform your new teammate that even within the first 24 hours of configuring baseline security, you maysometimesreceive alerts that malware has been quarantined within an antivirus program, discover that a disabled service has been turned on (likely via malware), or notice a failed attempt to log in captured by the audit log. To illustrate this point, you decide to check and report on the security of the workstationfor which you and your new teammate configured baseline security.

In addition, the CTO requests that you write a brief statement explaining how your workon this project relates to thelarger responsibility you have forsupporting the company’s success. Your statement will be considereda part of your upcoming performance review.

Tasks

Check the Windows 7 workstation you configured (in Project Part 2) for security events. Be sure to reviewthe last 24 hours of the audit log in Event Viewer.

Write abrief report in which you:

  • Describe all thepotentially problematicsecurity events that occurred in the 24-hour period.
  • Explain what was done (or should be done) to correct the problems encountered.

Also write a brief statement explaining how your work on this project relates to your responsibility tohelp the company achieve its goals.Describe at least additional area of concern or emerging trend related to information systems securitythat you think warrants the company’s attention in the immediate future.

As a reminder, you may use the book for this course and the Internet to conduct research. You are encouraged to respond creatively, but you must cite credible sources to support your work.

Project Part 3 should be submitted in the following format and style:

  • Format: Microsoft Word
  • Font: Arial, Size 12, Double-Space
  • Citation Style: Chicago Manual of Style
  • Length: 1–2 pages

Self-Assessment Checklist

  • I have createdareport that shows all potentially problematic security events that occurredwithin a 24-hour period, and noted actions that were taken (or should be taken) to address them.
  • I have explained how my work on this project relates to my professional responsibilityto help the company achieve its goals, and I haveproposed at least onearea of concern or emerging trend related to information systems security that warrants additional attention.
  • I have conducted adequate independent research for this part of the project.

© 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

Page 1