DIFFERENTIATE THE ROLES OF INTERNAL AND EXTERNAL SECURITY CONTROLS - Dissertation App

Assignment Answers
assignment essay help
DIFFERENTIATE THE ROLES OF INTERNAL AND EXTERNAL SECURITY CONTROLS

assignment essay help

DIFFERENTIATE THE ROLES OF INTERNAL AND EXTERNAL SECURITY CONTROLS

April 12th, 2022 Essays

Computer Sciences and Information Technology
DIFFERENTIATE THE ROLES OF INTERNAL AND EXTERNAL SECURITY CONTROLS
This is a cybersecurity course. The rubric is attached

Purpose – In this Assignment, you will look at security controls, and how they are tested.

Assignment Instructions:
Using the Reading, the library, and Internet research, answer or explain the following in a minimum 400-word paper that covers the following and includes three or more APA style references:

Differentiate perimeter controls from internal controls. Give examples.
What controls constitute a defense in depth strategy? Explain.
How are security controls tested and verified?

DIFFERENTIATE THE ROLES OF INTERNAL AND EXTERNAL SECURITY CONTROLS
When it comes to cybersecurity, access control is an important aspect as it determines what can be viewed by authorized personnel within a computing environment. Through such action, risk is minimized within an organization, especially in this era where companies are sensitive of brand image. Perimeter security are man-made barriers aimed at keeping intruders out to regulate access, whereas, internal control is a set of policies made by an organization to safeguard its assets and promote accountability. Perimeter controls limit physical access to the organizations outside environment, buildings, rooms and tangible IT assets. Internal controls on the other hand touches on limited access to data, the network connections and system files (Rouse 2014). Examples of perimeter controls include:
• Firewalls: check the packets of data that move to and fro within the network and decides which ones will be granted access and which ones will be denied access.
• Fences and walls
• Vehicle barriers
• Pedestrian barriers
Examples of internal controls include:
• Vendor Patching: updating software to the latest version to prevent hacking.
• Encryption Policy: specifications of encryption algorithms, key lengths and timings to be used.
• Confidentiality Agreements: a legal document that binds employees to keeping the company information as secrets.
A defense in depth strategy is creation of a system that protects, detects and responds to attacks. Perimeter controls constitute a defense in depth strategy though the implementation of firewalls, routers and Intrusion Detection systems. What a firewall basically does is, it checks the packets of data that move to and fro within the network and decides which ones will be granted access and which ones will be denied access. A set of regulations are normally in place to determine these parameters. Threat protection is a reason why firewalls are proving to be very important. As much as antiviruses provide a solution against viruses, Firewalls provide better protection to guarding a computer against threats. One can choose between an appliance firewall and a client firewall to protect the network as well as the connection to the internet. What an appliance firewall does is, it is configured to monitor all the data that travels on the network within the computer; it is inbuilt within the computer. A client firewall on the other hand ensures that there is a secure connection between the internet and the computer itself. The system is then designed in layers that overlap each other so that prevention, detection and response is realized (Breithaupt & Merkow 2014). Through the use of a layered system, if one layer fails, then there are two more layers that can still be relied upon.
Security controls can be tested through:
• Establishment of Security Metrics: determining the scope of the security program so as to measure performance, determine operational statistics, and compliance goals.
• Vulnerability and Penetration testing: helps the organization to determine the extent of security. Weaknesses are discovered during the vulnerability assessment tests while they are exploited in the penetration tests to determine if possible threats can be launched through the current weaknesses.
• Internal Auditing: the documented organizational policies, as well as stakeholders’ responses to interviews in regard to their understanding of the activities in place with respect to cybersecurity are used to evaluate security control operations (Bakertilly 2017).
Verification can be achieved through constant monitoring of the control environment to make sure that the cybersecurity program is effective within the organization.
Reference
Baker Tilly. (2017). Monitoring and verifying cybersecurity controls effectiveness. Retrieved from https://www.bakertilly.com/insights/monitoring-and-verifying-cybersecurity-controls-effectiveness/
Breithaupt, J., & Merkow, M. (2014). Principle 3: Defense in Depth as Strategy | Information Security Principles of Success | Pearson IT Certification. Retrieved from http://www.pearsonitcertification.com/articles/article.aspx?p=2218577&seqNum=4
Rouse, M. (2014). What is access control? – Definition from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/access-control

apps that write essays for you free, assignment writing services in usa, bes, best dissertation writing services

Published by

Essays

View all posts

RELATED ARTICLES

The Role of Telehealth in Managing Hypertension in the Adult Population

The Role of Telehealth in Managing Hypertension in the Adult Population The health of the adult population is a significant concern, influenced by various factors, including chronic diseases. Hypertension, a prevalent global burden of disease, poses a considerable threat to adult health. This paper examines hypertension in adults, exploring its impact on quality of life […]

The Role of the Registered Nurse/Advanced Practice Registered Nurse in Policy Essay

The Role of the RN/APRN in Policy Evaluation Introduction Registered Nurses (RNs) and Advanced Practice Registered Nurses (APRNs) play a crucial role in healthcare policy evaluation. Their unique position at the intersection of patient care and healthcare systems enables them to provide valuable insights into policy effectiveness. This paper explores the role of RNs and […]

Implementing Arizona Opioid Prescribing Guidelines in Nursing Practice Essay

Implementing Arizona Opioid Prescribing Guidelines in Nursing Practice. The opioid crisis continues to be a significant public health concern, necessitating careful adherence to prescribing guidelines. This paper explores the implementation of the 2018 Arizona Opioid Prescribing Guidelines in nursing practice, focusing on acute and chronic pain management, practical implementation strategies, and insights from a pharmacist […]

In need of this paper or similar homework assignment answers? Order from us today and get the best custom writing services! Top grades - AI/plagiarsim free papers guaranteed

Place an order | Check price