Case Study: “How can an organization improve its physical security to better protect its computer resources?”
Due Date: One week (one summer semester week!) from date assigned
Submission Method: Dropbox (“CyberSecurity Case Study” folder)
Submitted by: PATELIYA PARTHKUMAR Student ID: 10197660 Section: 01
Submitted by: AKSHAY JARYAL Student ID: 10202517 Section: 01
Date Submitted: 31/07/2018
Instructor Submitted to: Darren Gethons
Content (relevant ideas are presented and cited accurately) /50
Spelling and Grammar (words are spelled correctly and sentences are grammatically sound) /5
Presentation (content is presented in a neat and organized manner – e.g., using bulleted lists and a consistent font style and size) /5
Research (credible sources of information are used to complete assignment) /5
References (cited research sources are listed alphabetically in APA format) /10
Cover Page (content is missing, inaccurate, or incomplete) /-5
Working in pairs or individually, please refer to the rubric above and the instructions below to guide your work.
Complete this assignment, which is worth 10% of your final mark, in 750 to 1000 words.
If you select your own topic, it must be approved by the instructor prior to submitting the assignment.
Enter case study topic and “Submission Details” above, and provide your answers below each question or section on the following pages.
Modify Table 1, if necessary (e.g., adding or resizing columns and rows), to meet the needs of your case study.
Research, cite, and reference at least five credible sources of information, such as computer security Web sites, books, magazines, or journals. Referencing Wikipedia, blogs, and online shopping sites like Amazon and eBay is not acceptable.
Spell and grammar check your work. Please contact Tracey McConnery ([email protected]) or Tutoring and Academic Skills for assistance.
Upload only one copy of the assignment to Dropbox if you are completing it with a classmate.
Introduction (What is your topic? Why is it important from a cybersecurity perspective?) (5 marks total)
Our topic is “How can an organization improve its physical security to better protect its computer resources?”
Physical security is basic for a physical attack is the most essential sort of attack. It shields individuals, information, equipment, frameworks, offices and company resources. Physical security related to PC assets is how to ensured organization resources and revamp IT tasks if any catastrophe happens.
Risk Analysis (30 marks total)
Based on your case study, what are the risks or possible threats? Explain at least three. (5 marks)
Create false perceptions: in this risk, Unknown can confinement video of computerized cameras or streaming recorded film to the guard’s monitor.
Create fake identities: In this Threat, Intruder can influence counterfeit identities even remote generation of an access to card.
Hack onsite operational systems: hacker can create an speedy blackout or damage to
Power, lifts, fire cautions, and even mischief make frameworks.
CITATION sec10 l 4105 (securityinabox, 2010)What are the existing vulnerabilities or weaknesses that need to be addressed? Explain at least three. (5 marks)
The server room misappropriation: Stalker can solidify video of advanced cameras or issuing itemized film to the guard’s monitor. Someone with physical contact to the servers, switches, routers, cables and different gadgets in that room can do enormous demolition. Bolt up the way to the server room is a decent initial step, however somebody could wrongdoing, or somebody who has legitimate access could sick utilize that expert.
Unsecure Computer and false perceptions: An outsider can wodge a PC into a center point and practice sniffer programming to catch information traversing the system. Stalker can make reproduction personalities even remote development of an entrance card. hacker can utilize any risky PC that is identified with the system to ideal to utilize or delete data that is huge to your business.
Physical security threats: PCs and handheld PCs posture exceptional physical security dangers. Interloper can make an immediate blackout or harm to control, lifts, fire cautions, and even harm creation frameworks. A hoodlum can without much of a stretch take the whole PC, including any information put away on its circle and additionally arrange login passwords that might be spared.
CITATION Deb7a l 4105 (Shinder, 2007 a)Given the identified vulnerabilities, is the probability or likelihood of each risk occurring high, medium, or low? Justify your ratings. (5 marks)
The server room misappropriation: The server room is a heart of any system. On the off chance that any unapproved individual can get to the server room intentionally then integrity of information can be affected. So I want to give it High rating.
Unsecure Computer and false perceptions: It can be unlawful with a help of guard’s watch-out, movement thanks and hold system. On the off chance that any interloper saw by the system then it can be well once more. So I want to give it Medium rating.
Physical security risks: This sort of alert is basic in proposal from open system. By utilizing some basic security strategies, it can be not allowed. Due to this risk, It can’t bother principle regions of organization. So I want give it Low evaluating.
What countermeasures or controls are needed to address each risk? (5 marks)
Good locks ought to be utilized on the server room door.so there is likewise need of approaches require that those entryways be bolted whenever the room is empty, and the arrangements should set out who has the key or keycode to get in.
A video examination camera ought to be to be found in an area that makes it dangerous to mess around with or put out of activity however gives a decent perception of people entering and leaving should additional the log book or electronic access system. Surveillance cams can practice movement discovery innovation to best ever just when somebody is moving about. They can even be set up to coordinate email or mobile phone declaration if motion is spotted.
Server connections PCs that aren’t being reused and in addition those that are for the time being vacant while at the same time a representative is at lunch or out debilitated. Prepare PCs that must keep on in open regions, at times out of perception of representatives, with smart card or biometric readers so it’s more troublesome for unapproved people to sign in. An arrangement of backup ought to be put aside off site, and you should look out to ensure that they are secured in that offsite area.
CITATION Deb7b l 4105 (Shinder, 2007 b)Summarize your answers from questions 1 to 4 in Table 1 using point form. (10 marks)
Table 1: Risk Analysis
Risk or Possible Threat Existing Vulnerabilities or Weaknesses Probability or Likelihood of Risk
(High, Medium, or Low) Countermeasures or Controls to Address Risk
Create false perceptions The server room misappropriation High Good locks ought to be utilized on the server room door.
need of policies require that those entryways be bolted whenever the room is empty.
The arrangements should set out who has the key or keycode to get in.
Create fake identities Unsecure Computer and false perceptions Medium Video examination camera ought to be put in an area that makes it hard to alter or disable.
The log book or electronic access system can be used.
Motion detection technology should be used to capture only when someone is moving about.
Set up to send e-mail or cell phone notification if motion is detected.
Hack onsite operational systems Physical security threats Low Detached computers that aren’t being used.
Equip computers that must continue in open areas should be used smart card or biometric readers so that it’s more troublesome for illegal persons to sign in.
A set of backups should be kept on secure offsite location
Discussion Questions (10 marks total)
Explain in three to five sentences how you would update your current Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP) to address the risks identified in your case study. (5 marks)
I would prefer to statement the risks identified in my case study, Make Emergency Response Team (ERT) and Crisis Management Team as a Business Continuity Plan (BCP) in affiliation that can do Vulnerability analysis, Patches and host courses of action and Virus Protection as Disaster Recovery Plan (DRP).
Describe in three to five sentences how you will further your knowledge and skills to prevent or mitigate future cybersecurity threats. (5 marks)
From my Risk analysis, I would like to add in my prevention system that equipment or devices required for environmental controls must be protected to reduce risks from environmental threats and risks and to reduce the risk of unauthorized access to information and keep by System Operators of records of all suspected or actual faults and all defensive and curative maintenance.
Conclusion (5 marks total)
Explain in three to five sentences what you have learned or gained from this case study activity.
We have learned from this case study that how can an organization improve its physical security and moreover I’ve learned how to do risk analysis by outcome threats, risk and vulnerabilities of it and we gave rating by how much it marks the organization and how to deal with possible threats with help of Disaster Prevention system (DPS), Disaster Recovery Plan (DRP), as part of Business Continuity Plan (BCP).
References – List research sources cited in assignment alphabetically in APA format (10 marks total)
BIBLIOGRAPHY securityinabox. (2010). PROTECT YOUR INFORMATION FROM PHYSICAL THREATS. Retrieved from securityinabox: https://securityinabox.org/en/guide/physical/Shinder, D. (2007 a, july 16). 10 physical security measures every organization should take. Retrieved from techrepublic: https://www.techrepublic.com/blog/10-things/10-physical-security-measures-every-organization-should-take/Shinder, D. (2007 b, july 16). 10 physical security measures every organization should take. Retrieved from techrepublic: https://www.techrepublic.com/blog/10-things/10-physical-security-measures-every-organization-should-take/