Threat to Data-at-Rest, Confidentiality/Integrity/Availability
Order ID 53563633773 Type Essay Writer Level Masters Style APA Sources/References 4 Perfect Number of Pages to Order 5-10 Pages Description/Paper Instructions
Threat to Data-at-Rest, Confidentiality/Integrity/Availability
1 page table is required, you can use all tables to make one
Create a 1-page table in Microsoft® Word or Excel® listing a minimum of five threats using the column headers Threat to Data-at-Rest, Confidentiality/Integrity/Availability, and Suggestion on Countering the Threat.
In the Confidentiality/Integrity/Availability column, identify whether each of the following are affected:
- Confidentiality
- Integrity
- Availability
- Some or all of the three (Confidentiality, Integrity, and/or Availability)
Include suggestions on how to counter each threat listed.
Place your list in the 3 columns of a table in a Microsoft® Word or Excel® document.
Submit your assignment using the Assignment Files tab.
Protecting Data
Threat to Data-at-Rest Confidentiality Affected?
Integrity Threat
Availability Threat
Suggestions on how to counter Threat Denial of Service (DoS) to company website (not accessible), or to computer software / hardware (power failure) / Temporary loss of data or services that may or may not be restored (Smith, 2016). Yes Risk can be countered for website transactions by implementing an alternative method of accepting payments (in-store); or for computer hardware/software by installing an uninterruptable power supply (UPS) to allow systems to function without power. Identity Theft / Threat to customers regarding identity theft, fraud, theft of funds, etc. and threat to organization storing the data regarding lawsuits, exposure to loss, etc. Yes Yes Risk can be countered by encrypting data, educating consumers to keep account numbers secure, and identifying any vulnerability in the system where data can be accessed. Disclosure / Threat of confidential company data being exposed to others who are not authorized to view it. Yes This type of threat can be countered by implementing complex passwords on laptops and desktops to protect company data exposure. Masquerade / Access to company network via user who pretends to be the real user and sends messages or manipulates electronic data. Risk of Identity theft. Yes Yes Response to counter this type of threat is to implement a layered security structure. Limiting access via Least Privilege Controls would be a good defense. Physical Damage to Data or Hardware / According to TrustedComputingGroup.org (2017), “Data backup, off-site mirroring, and other data replication techniques may increase the risk of unauthorized access” or loss. (p. 1, Solutions Guide for Data at Rest). Yes Yes Data stored off-site should definitely be encrypted. If possible, using several layers of encryption is a viable solution. Backups are a critical factor in recovering from this type of threat. Ransomware / Liability would be greater and damages can be extreme, if no backups exist then company will have to pay a ‘ransom’ to get the encryption key to unencrypt their data files and restore them. Yes Yes Yes The best defense of this type of threat is to have a service such as Datto and a Datto backup continuity device installed so that the entire company’s data is backed up on scheduled intervals. This would alleviate the need to pay cyber criminals a monetary ransom to get the encryption key to unlock a company’s data. Physical Loss / Stolen/Lost mobile devices containing sensitive company data. Yes Yes Yes Applications are available to install on mobile devices that allow users to wipe their device remotely. This would help secure stored data at rest on mobile devices. Subversion / Viruses, Worms, and Botnets can infiltrate company website and download malware through company network/files/database. Yes Yes Yes Periodic updates to anti-virus software will be a necessity in keeping the system free of potential security breaches. Table 1. Cyber Threats and Risks for CIA (2017).
References
Smith, R. (2016). Elementary information security (2nd ed.). Jones & Bartlett Learning.
EC-Council Official Curriculum (2016). Certified secure computer user: EC Council courseware. EC-Council.
TrustedComputingGroup.org (2017). Solutions Guide for Data at Rest. Retrieved from https://www.trustedcomputinggroup.org/wp-content/uploads/SSIF_Solutions_Guide_for_Data-at-Rest.pdf
Table 2
CYB/110 Week 1 Assignment
Protecting Data Table
Threat to Data-at-Rest Confidentiality/Integrity/Availability Suggestion on Countering the Threat Unauthorized access to unused data while on Database. Confidentiality, as unauthorized access to the data will compromise user’s privacy. The simple suggestion would be to take great steps on who is authorized to access the database and investing extra money to ensure the data is well secured while not being active. Loss of inactive data from a corrupted HDD. Availability since the loss of data means it won’t available when it is needed The suggestion to counter corrupted issues would be to set up at least a RAID 1 configuration to decrease the possibility of Data Loss. Data-at-Rest becoming unreadable from changing programs or different updates Availability as incorrect updates or a change of program can compromise availability to said data Performing Software testing before rolling out new software updates or converting to a new program to ensure the older data is still accessible with new software. Insufficient amount of Bandwidth to access the Data-at-Rest when needed Availability as an insufficient amount of bandwidth and prevent users from access the inactive data when needed. Perform regular tests to ensure proper network speed. This will guarantee the data will be efficiently accessible if needed instead of worrying about slow load times. Out of date security which compromises the Data-at-Rest if not properly current in security standards. Confidentiality since out of date security standards can compromise the privacy of the confidential Data-at-Rest. While updating the more used software, the company must also consider the data that is less used but still important. They need to routinely compare the network security of the data-at-rest to the most current security standards. Table 1. Protecting Data (2017).
Reference Page
Smith, R. (2016). Elementary information security (2nd ed.). Jones & Bartlett Learning.
Table 3
CYB/110 Week 1 Assignment
Protecting Data Table
STUDENT NAME
Protecting Data
Threat to Data-at-Rest Confidentiality Affected?
Integrity Threat
Availability Threat
Threat Mitigation Database of Account Numbers / Threat to customers regarding identify theft, fraud, theft of funds, etc. and threat to organization storing the data in regard to lawsuits, exposure to loss, etc.
Yes Yes Yes Risk can be countered by encrypting data, educating consumers to keep account numbers secure, and identifying any vulnerabilities in the system where data can be accessed. Employee Database / Threat to company from cyber criminals who can steal this information and commit identity theft using the employee’s information such as social security #’s, address, salary, etc. Yes Yes Yes Risk can be countered by enacting authentication controls thereby limiting access to this data and strong security to protect data from outside threats. Customer Database / Similar threat as employee database, only more exposure for companies because liability would be greater and damages can be extreme. Yes Yes Yes Database encryption seems to be the number one protection for data at rest. Student Database / Threat of cyber-attack whereas student identifying information could be stolen and/or if threat coming from students themselves, risk of grade changes, etc. Yes Yes Yes Authentication controls, encryption,
RUBRIC
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. 20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. 30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. 40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. 50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. Use of Sources (worth a maximum of 20% of the total points). Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. 5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. 10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. 15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. 20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. 5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors 10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors 15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. 20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper. 3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. 5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper 7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. 10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper. GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
CLICK ON THE LINK HERE: https://www.perfectacademic.com/orders/ordernow
Also, you can place the order at www.collegepaper.us/orders/ordernow / www.phdwriters.us/orders/ordernow
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!!