An organization makes each lead system administrator responsible for the security of the systems he or she runs. However, the management determines what programs are to be on the system and how they are to be configured.
(a) Describe the security problem(s) that this division of power would create.
(b) How would you fix them?
a)
The security mechanism in a company mainly depends on who is
responsible for the company's security.
The power to implement appropriate controls must reside with those
who are responsible. if management decides
what programs are to be (run) on their machines, then the system
administrators(security analysts) who are responsible for the
security,
Who see the need (demand) for security measures will be unable to
Implement the appropriate security measures.
since management is not (less) aware of the technical aspects
compared to system administrators, it's possible for
administration to make some poor choices about cost and resources
and security measures.
Also, the coordination between the system coordinates is also
pivotal in any organisation,
and this organisation may be compromised if the management decides
to make some key security decisions
b)
It (The problem) can be fixed by providing system administrators
(security analysts) with more control and powerful and sufficient
resources for administering computer systems. Before making any
decision on the security issue,s the management should consult the
system administration. If the company has more than one (multiple)
divisions, then each division should have a separate system
administrator. The company have one security head who has knowledge
about security issues and who heads(leads) all the system
administrators.
Management should give all the powers to him( security head) to
take all the critical security decisions.
Security head (who leads all the system administrators)
Should take care of delegating the appropriate security tasks to
the concerned system administrators(based on their given wing).
Part of the management role requires them to know about the cost
and resources and
security policies etc., and management can get up to date about
these by consulting the security
An organization makes each lead system administrator responsible for the security of the systems he or...
The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done? A. Perform a pilot study of the solution and monitor for adverse affects Look for a less radical solution B. Call an emergency change management meeting to ensure the solution will not...
Please choose 5 questions from 20 and answer them.
1. How can a security framework assist in the design and implementation of a security infrastructure? What is information security governance? Who in the organization should plan for it? 2. Where can a security administrator find information on established security frameworks? 3. What is the ISO 27000 series of standards? Which individual standards make up the series? 4. What are the issues associated with adopting a formal framework or model? 5....
TRUE OR FALSE QUESTIONS 1) In IS departments, the technology office investigates new information systems technologies and determines how the organization can benefit from them. 2) The chief technology officer evaluates new technologies and identifies those that are most relevant to the organization. 3) In an IS department, the development group manages the computing infrastructure, including individual computers, networks, and communications media. 4) If an organization does not develop programs in-house, then the development group of the IS department will...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...
Explain what enterprise resource planning (ERP) systems. Outline several of their key characteristics. Describe in reasonable detail how a company leverages an ERP system and how its operations are improved after installing an ERP system like SAP. Explain how a supply chain management system helps an organization make its operations more efficient What is Upstream and Downstream management of the supply chain? Explain the concept of “Supply Network”, its benefits, and how technology made this concept available Explain the difference...
please answer for each requirement
QUESTION TWO ABT Security System Inc. (ABT) is a company known around the world for its state-of-the-art clectronic surveillance and monitoring equipment, its alarm control centres and a full line of residential security systems including fire alarms, sprinkler systems and burglar protection devices. ABT has a December 31 accounting year-end and the company's headquarter is located in City of Burnaby in the Province of British Columbia. Any prospective customer is entitled to a free home...
Ethics Challenge Ch3p133 Terri Ronsin had recently been transferred to the Home Security Systems Division of National Home Products. Shortly after taking over her new position as divisional controller, she was asked to develop the division's predetermined overhead rate for the upcoming year. The accuracy of the rate is important because it is used throughout the year and any overapplied or underapplied overhead is closed out to Cost of Goods Sold at the end of the year. National Home Products...
Step-By-Step Assignment Instructions less Assignment Narrative: Suppose that you were just hired by a medium size company. You are replacing a previous system admin that really didn't understand what they were doing. Your supervisor would like you to suggest ways of building and protecting their Linux server environment based off of your interview (based off of what you learned in this course). They are proposing the following for a new business venture and would like you to help. The criteria...
Identify which stage in the systems engineering process each activity is a part of. Write: IA = Industry Analysis, PA = Problem Analysis, CA = Causal Analysis, DA = Decision Analysis, RA = Risk Analysis Identifying the what, when, where, when, and extent of a problem The use of management science and operations research to evaluate possible solutions to the problem Identifying how unlikely it is that the fault will be detected by the system responsible --- design control process,...
The information systems (IS) department at Jacobsons, Inc., consists of eight employees, including the IS Manager, Melinda Cullen. Melinda is responsible for the day-to-day oversight of the IS function and reports to Jacobsons' chief operating officer (COO). The COO is a senior vice president responsible for the overall retail operations who reports directly to the president and chief executive officer. The COO attends board of director meetings to provide an update of key operating performance issues. Because Melinda takes an...