Secure Computer Networks
Added on 2023-06-03
13 Pages2163 Words176 Views
Running Head: SECURE COMPUTER NETWORKS 0
Secure Computer Networks
Computer Networks and Cyber security
(Student Details:)
10/12/2018
Secure Computer Networks
Computer Networks and Cyber security
(Student Details:)
10/12/2018
Secure Computer Networks 1
Contents
Introduction................................................................................................................................2
Controlling threats to computer system security of an organization..........................................2
Type of controls.....................................................................................................................2
Conclusion................................................................................................................................10
Contents
Introduction................................................................................................................................2
Controlling threats to computer system security of an organization..........................................2
Type of controls.....................................................................................................................2
Conclusion................................................................................................................................10
Secure Computer Networks 2
Introduction
This report is describing various types of Control programs which should be used in an
organisation for effective operation. The main challenge for any organization is to define the
correct set of information and personnel security controls, that if get implemented and
defined to be effective in their application, mitigate the impact of each found threat.
Additionally, for each specified security class, a range of controls are essential for a complete
and strong security frame (Legg et al., 2015).
Moreover, the chief factor that will affect the selection of threat controls is a risk-based cost
or profit analysis (The Economic Times, 2018). Another factor includes ease of use,
compatibility with present controls, and transparency to operators. Thus, controls finding
action is an organizational wide exercise, which explains the protection necessities for the
diverse classes of info. However data as well as info owners are eventually accountable
persons for the accurate working of information security controls (Wall, 2018).
Controlling threats to computer system security of an organization
Type of controls
Three main types express the key goals of operative security implementation:
■ Physical Controls Security (PCS): control procedures, devices, and ways to control
physical entree to a definite system structure
■ Technical Controls Technology (TCT): control measures to control analytical access to
sensitive data
■ Administrative Controls: control policies, methods, and business processes to describe and
guide operator actions as well as restrictions while dealing with sensitive data
Moreover, above control actions can be further categorized into following:
■ Preventive controls limit the possibility of a threat by preventing intended or unintended
and unauthorized exposure of sensitive info.
■ Detective controls identify and report tried unauthorized attempts by anyone
Introduction
This report is describing various types of Control programs which should be used in an
organisation for effective operation. The main challenge for any organization is to define the
correct set of information and personnel security controls, that if get implemented and
defined to be effective in their application, mitigate the impact of each found threat.
Additionally, for each specified security class, a range of controls are essential for a complete
and strong security frame (Legg et al., 2015).
Moreover, the chief factor that will affect the selection of threat controls is a risk-based cost
or profit analysis (The Economic Times, 2018). Another factor includes ease of use,
compatibility with present controls, and transparency to operators. Thus, controls finding
action is an organizational wide exercise, which explains the protection necessities for the
diverse classes of info. However data as well as info owners are eventually accountable
persons for the accurate working of information security controls (Wall, 2018).
Controlling threats to computer system security of an organization
Type of controls
Three main types express the key goals of operative security implementation:
■ Physical Controls Security (PCS): control procedures, devices, and ways to control
physical entree to a definite system structure
■ Technical Controls Technology (TCT): control measures to control analytical access to
sensitive data
■ Administrative Controls: control policies, methods, and business processes to describe and
guide operator actions as well as restrictions while dealing with sensitive data
Moreover, above control actions can be further categorized into following:
■ Preventive controls limit the possibility of a threat by preventing intended or unintended
and unauthorized exposure of sensitive info.
■ Detective controls identify and report tried unauthorized attempts by anyone
Secure Computer Networks 3
■ Corrective controls counter security violation incidents and end harmful happenings or
minimize their destruction.
Threat
Category
Control Description Classification Type
Accidental
corruption
of
information
Online backup
through Cloud
A strategic method of
data protection, as data
can be stored as well as
backed up online
administrative prevent
Repair and
Recovering lost
files tool
A data repair tool that can
repair corrupt data files
and hence recover lost
data or metadata like
tables, indexes, and keys.
For an example: Stellar
Phoenix SQL Database
Repair
product correct
Offline backup System files can be
backed up offline through
a local equipment like an
external hard-drive
(Smith, 2014)
administrative prevent
Software
Assurance
Ensuring the reliability of
developed or externally
purchased software help
in protecting data from
corruption.
administrative prevent
Backup and restore An administrative data
backup as well as restore
procedure is executed to
copy manufacture data
pre-emptively for repair
purposes in the case of
emergency (Taylor, 2018)
administrative correct
■ Corrective controls counter security violation incidents and end harmful happenings or
minimize their destruction.
Threat
Category
Control Description Classification Type
Accidental
corruption
of
information
Online backup
through Cloud
A strategic method of
data protection, as data
can be stored as well as
backed up online
administrative prevent
Repair and
Recovering lost
files tool
A data repair tool that can
repair corrupt data files
and hence recover lost
data or metadata like
tables, indexes, and keys.
For an example: Stellar
Phoenix SQL Database
Repair
product correct
Offline backup System files can be
backed up offline through
a local equipment like an
external hard-drive
(Smith, 2014)
administrative prevent
Software
Assurance
Ensuring the reliability of
developed or externally
purchased software help
in protecting data from
corruption.
administrative prevent
Backup and restore An administrative data
backup as well as restore
procedure is executed to
copy manufacture data
pre-emptively for repair
purposes in the case of
emergency (Taylor, 2018)
administrative correct
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Threat Categories for Information Security: Prevention and Detection Techniqueslg...
|13
|1796
|257
Computer Networks and Cybersecurity: Threats and Controlslg...
|13
|1739
|446
Network and Security - Threats and Controlslg...
|14
|1843
|104
ENGR8762 Computer Networks and Cybersecuritylg...
|8
|1020
|164
Network and Security: Threats and Controlslg...
|10
|1781
|75
National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologieslg...
|11
|1515
|26