During the network traffic analysis phase
When writing the RFP for the purchase process
When testing the appliance
During the product selection phase
Provide the 1Tb of files on the network and the 300Mb of email files regardless of age.
Provide the first 200Mb of e-mail and the first 500Mb of files as per policy.
Delete files and email exceeding policy thresholds and turn over the remaining files and email.
Delete email over the policy threshold and hand over the remaining emails and all of the files.
Set presence to invisible by default, restrict IM to invite only, implement QoS on SIP and RTP traffic, discretionary email forwarding, and full disk encryption.
Create presence groups, restrict IM protocols to the internal networks, encrypt remote devices, and restrict access to services to local network and VPN clients.
Establish presence privacy groups, restrict all IM protocols, allow secure RTP on session border gateways, enable full disk encryptions, and transport encryption for email security.
Enable discretionary email forwarding restrictions, utilize QoS and Secure RTP, allow external IM protocols only over TLS, and allow port 2000 incoming to the internal firewall interface for secure SIP
Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.
Create an IP camera network and restrict access to cameras from a single management host.
Create an IP camera network and only allow SSL access to the cameras.
Create an IP camera network and deploy NIPS to prevent unauthorized access.
Implement SSL encryption for all sensitive data flows and encryption of passwords of the data at rest.
Use end-to-end application level encryption to encrypt all fields and store them encrypted in the database.
Implement a certificate based solution on a smart card in combination with a PIN to provide authentication and authorization of users.
Use application level encryption to encrypt sensitive fields, SSL encryption on sensitive flows, and database encryption for sensitive data storage.
Implement WS-Security for services authentication and XACML for service authorization.
Implement WS-Security as a federated single sign-on solution for authentication authorization of users.
Implement a security operations center to provide real time monitoring and incident response with self service reporting capability.
Implement an aggregation based SIEM solution to be deployed on the log servers of the major platforms, applications, and infrastructure.
Implement a security operations center to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capability.
Ensure appropriate auditing is enabled to capture the required information.
Implement an agent only based SIEM solution to be deployed on all major platforms, applications, and infrastructures.
Ensure that the network operations center has the tools to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capabilities.
Manually pull the logs from the major platforms, applications, and infrastructures to a central secure server.
Risk reduction, risk sharing, risk retention, and risk acceptance.
Risk likelihood, asset value, and threat level.
Avoid, transfer, mitigate, and accept.
Calculate risk by determining technical likelihood and potential business impact.
Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.
Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.
Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.
Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.
Create an Internet zone and two DMZ zones on the firewall. Place the web server in the DMZ one. Set the enforcement threshold on SELinux to 100, and configure IPtables to allow TCP 80 and 443. Place the SQL server in DMZ two. Configure the Windows firewall to allow TCP 80 and 443. Configure the Internet zone with an ACL of allow 443 destination ANY.
Create an Internet zone and two DMZ zones on the firewall. Place the web server in DMZ one. Set enforcement threshold on SELinux to zero, and configure IPtables to allow TCP 80 and 443. Place the SQL server in DMZ two. Configure the Internet zone ACLs with allow 80, 443, 1433, and 1443 destination ANY.
Create an Internet zone, DMZ, and Internal zone on the firewall. Place the web server in the DMZ. Configure IPtables to allow TCP 80 and 443. Set SELinux to permissive. Place the SQL server in the internal zone. Configure the Windows firewall to allow TCP 80 and 443. Configure the Internet zone with ACLs of allow 80 and 443 destination DMZ.
Create an Internet zone, DMZ, and Internal zone on the firewall. Place the web server in the DMZ. Configure IPtables to allow TCP 443. Set enforcement threshold on SELinux to one. Place the SQL server in the internal zone. Configure the Windows firewall to allow TCP 1433 and 1443. Configure the Internet zone with ACLs of allow 443 destination DMZ.
Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.
Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.
Implement mitigations to the security risks and address the poor communications on the team with the project manager.
Address the security concerns through the network design and security controls.
Delay the donation until a new policy is approved by the Chief Information Officer (CIO), and then donate the machines.
Delay the donation until all storage media on the computers can be sanitized.
Reload the machines with an open source operating system and then donate the machines.
Move forward with the donation, but remove all software license keys from the machines.
Logging must be set appropriately and alerts delivered to security staff in a timely manner.
All logs must be centrally managed and access to the logs restricted only to data storage staff.
Only security related alerts should be forwarded to the network team for resolution.
Critical logs must be monitored hourly and adequate staff must be assigned to the network team.
Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy.
Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls.
Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported.
Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams.
Model the network in a series of VMs; instrument the systems to record comprehensive metrics; run a large volume ofsimulated data through the model; record and analyze results; document expected future behavior.
Instrument the operational network; simulate extra traffic on the network; analyze net flow information from all network devices; document the baseline volume of traffic.
Schedule testing on operational systems when users are not present; instrument the systems to log all network traffic; monitor the network for at least eight hours; analyze the results; document the established baseline.
Completely duplicate the network on virtual machines; replay eight hours of captured corporate network traffic through the duplicate network; instrument the network; analyze the results; document the baseline.
Adjust IDS filters to increase the number of false negatives.
Change the IDS filter to data mine the false positives for statistical trending data.
Change the IDS to use a heuristic anomaly filter.
Adjust IDS filters to decrease the number of false positives.
Apple App Storeで表示するTopgradeアプリを選択します。