Technical Project Paper: Information Systems Security

User Generated

zhfvpnyocunggl22

Other

Question Description

You are the Information Security Officer for a small pharmacy that has recently
been opened in the local shopping mall. The daily operation of a pharmacy is a
unique business that requires a combination of both physical and logical access
controls to protect medication and funds maintained located on the premises and
personally identifiable information and protected health information of your
customers. Your supervisor has tasked you with identifying inherent risks
associated with this pharmacy and establishing physical and logical access
control methods that will mitigate the risks identified.



  1. Firewall (1)

  2. Windows 2008 Active Directory Domain  Controllers (DC) (1)

  3. File Server
    (1)

  4. Desktop computers (4)

  5. Dedicated T1 Connection (1)


   
Write a ten to fifteen (10-15)
page paper in which you:


  1. Identify and analyze any potential physical vulnerabilities and threats that
    require consideration.

  2. Identify and analyze any potential logical vulnerabilities and threats that
    require consideration.

  3. Illustrate in writing the potential impact of all identified physical
    vulnerabilities and threats to the network and the pharmacy.

  4. Identify all potential vulnerabilities that may exist in the documented
    network.

  5. Illustrate in writing the potential impact of all identified logical
    vulnerabilities to the network and the pharmacy. 

  6. For each physical vulnerability and threat identified, choose a strategy for
    dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance,
    or risk avoidance).

  7. For each logical vulnerability and threat identified, choose a strategy for
    dealing with the risk (i.e., risk mitigation, risk assignment, risk acceptance,
    or risk avoidance).

  8. For each physical vulnerability and threat identified, develop controls
    (i.e., administrative, preventative, detective, and corrective) that will be
    used to mitigate each risk.

  9. For each logical vulnerability and threat identified, develop controls
    (i.e., administrative, preventative, detective, and corrective) that will be
    used to mitigate each risk.


Your assignment must follow these
formatting requirements:


  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch
    margins on all sides; citations and references must follow APA or
    school-specific format. Check with your professor for any additional
    instructions.

  • Include a cover page containing the title of the assignment, the student’s
    name, the professor’s name, the course title, and the date. The cover page and
    the reference page are not included in the required assignment page
    length.


The specific course learning outcomes associated with this
assignment are:


  • Explain the concepts of information systems security as applied to an IT
    infrastructure.

  • Describe how malicious attacks, threats, and vulnerabilities impact an IT
    infrastructure.

  • Explain the means attackers use to compromise systems and networks, and
    defenses used by organizations.

  • Explain the role of access controls in implementing a security policy.

  • Explain how businesses apply cryptography in maintaining information
    security.

  • Analyze the importance of network principles and architecture to security
    operations.

  • Use technology and information resources to research issues in information
    systems security.

  • Write clearly and concisely about network security topics using proper
    writing mechanics and technical style conventions. 


Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool's honor code & terms of service.

Explanation & Answer

nebbwpu (711)
Duke University

Anonymous
I was having a hard time with this subject, and this was a great help.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4