Hands-On Steps;1. From your computer workstation, create a new text document called Compliance Lab #4.;2. Review the following scenario;Your organization is a governmental agency that serves a vital role in homeland security functions.;In fact, your hiring took longer than you would have liked because it seemed as though the organization?s;managers wanted to know a lot about you before they gave you clearance to work. After a year;at the job, your manager feels your progress has come a long way, so she is giving you more responsibility;and has asked you to analyze the benefits of reporting risks, threats, and vulnerabilities in an IT;assessment that is under way. Your manager would like for you to conduct research and report your;findings about the type of vulnerabilities that require disclosure and when it is lawful or unlawful to;conceal information produced by vulnerability assessments. She would also like for you to include;some trends on current security threats and the types of responsible disclosure being performed by;other organizations.;3. Launch your Web browser and type in the Web address http://www.sans.org. In the Custom Search box;on the Web page?s upper right corner, search for ? How do we define Responsible Disclosure? ? On the;search results page, click on the top link labeled ? How do we define Responsible Disclosure? ? to open;the pdf article. Read about the following topics;a. Vulnerability Life Cycle;b. Types of Disclosure;c. Nondisclosure;d. Full Disclosure;e. Limited Disclosure;f. Responsible Disclosure;g. Existing Policies and Proposals;In your text document, note one relevant point about each section.;4. In your Web browser, open the document ?Symantec Global Internet Security Threat Report? provided;by Symantec Corporation at http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper;internet_security_threat_report_xv_04-2010.en-us.pdf. Review the Highlights section of the document;that discusses the main concepts in each section. Then, review the following topics in the document;a. Threat Activity Trends;b. Vulnerability Trends;c. Malicious Code Trends;d. Phishing, Underground Economy Servers, and Spam Trends;In your text document, note one relevant point about each section.;5. In your Web browser, type the Web address http://www.zerodayinitiative.com/;advisories/published/. Review some of the links on the page provided by the respected security experts;at TippingPoint DVLabs and others.;6. Research other available resources (Internet resources, your textbook, and so on) to validate how;performing periodic security assessments throughout the seven domains of a typical IT infrastructure;can help an organization achieve compliance. In your text document, explain how performing periodic;security assessments throughout the seven domains of a typical IT infrastructure can help an organization;achieve compliance.;7. In your text document, write an executive summary describing how security assessments throughout;the seven domains of a typical IT infrastructure can help organizations achieve compliance by;mitigating risks and threats.;8. Submit the text document to your instructor as a deliverable for this lab.
Paper#64727 | Written in 18-Jul-2015Price : $22