This course introduces students to the concept of information systems security within the framework of a major security certification ”the Certified Information Systems Security Professional (CISSP) certification. It provides an overview of the new eight domains of the CISSP certification and prepares students for more detailed work in the subsequent program courses. This course focuses on the policies, processes, and technologies that are implemented to protect an organization's data, information system, network, and assets. Critical components of information systems security will be covered during this course to include secure network and communications, identity and access management principles, security assessment and training methodologies, and security operations.
Explanation & Answer
Hey you can go ahead to review and complete. I will finish up the rest of the weeks as always
Running head: SECURITY VULNERABILITY REPORT
Security Vulnerability Report
SECURITY VULNERABILITY REPORT
To mitigate the impacts and risks as a result of security vulnerabilities within John H.
Stroger Jr. Hospital, there are countermeasures that may be deployed. First, all employees within
the hospital should be trained and comprehend cyber-security as it relates to their work
responsibilities. All managers, system admins and end users of the hospital information systems
should be conscious of the current security risks as well as the associated policies, guidelines and
procedures. Typically, all employees should periodically receive training that corresponds to
their roles and responsibilities. The training covers the need for reliable cyber-security, policies,
guidelines, procedures and expected user actions in the maintenance of security and response to
security incidences. In this aspect all system users (doctors, nurses, helpdesk) must be provided
with training prior to authorization to utilize the hospital information systems.
Criminal elements may attack the availability of the hospital systems and their data with
the hopes of benefiting financially and therefore the hospital must safeguard its data during
transmission and in storage. The password policy applies to all hospital information systems
related authentication operations involving computer hardware and software as well as device
based accounts. Passwords are utilized in systems administration, role-based administration, enduser accounts, web applications and BYOD. Passwords are also deployed in third party solution
providers and network infrastructure devices like firewalls, routers and hotspots (Weaver &
For creation and permitting access of new accounts, the system admins should create
unique login elements (username and passwords) which are different from their regular user
account. The passwords to employees and other end users shall be sent in a secure manner
SECURITY VULNERABILITY R...