IT Security Discussion Questions

Security Report:

In this assignment, you will continue with the report for ABC, Inc. that you started in Week 1 Project and continued in Week 2 Project and Week 3 Project. Remember to review the scenario document for the company profile and overall security objectives. Modify and correct the plan you created for Week 3 Project to accommodate suggestions and recommendations from your instructor and your own changes based on the readings and activities for this week. Use Track Changes or color code your changes and additions so that the changes are easy to identify.

For this assignment, you will continue to work on the security report for ABC, Inc. that you worked on in Weeks 1 to 3.In this week’s assignment, you will consider event logging, antivirus software, and fault tolerance as well as the steps needed to verify the security recommendations you made in prior weeks and the current week. Using your project report from Week 3 Project, complete the following tasks by adding 2- to 3-pages to the report:

  • Recommend a mechanism that will record event data on the folders for each department. What events should be logged and how often do these logs need to be reviewed?
  • Recommend an implementation for antivirus software. Suggest a product (or products) for the organization and explain your reason for choosing that product.
  • Recommend a mechanism for monitoring security alerts on the server. What types of events need to be monitored and how often do the security logs need to be reviewed by a human being as opposed to an automated process? Explain your answer.
  • Describe the implementation process and timeline for your recommendations. Try to give as reasonable a timeline as possible and explain your plan.

Expand the section of your report for verifying the implementation of the security recommendations for this week. Identify what is being tested for each verification activity. This should include testing activities to make sure the security system is working properly. An example of this would be using an intentionally incorrect password to make sure the system does not allow the login.