CYB 220 Technology Evaluation Criteria Worksheet
For each section of this worksheet, fill in the empty cells with the required information.
Technology Evaluation Criteria Table
Evaluation
FactorEvaluation Criteria Manager’s Questions—
Aligned to CriteriaRelevant Organizational Security Plan Information (From Scenario)
EffectivenessAbility to identify network-connected systems1.a.
2.a.i.1.a. What are the organizational attributes?
The network architecture is comprised of four segments with restricted communications between segments. Each department is specific to a segment with IT requiring remote availability. Additionally, there are between 150-200 host devices or a 1:1 with the number of employees.
2.a.i. What is the level of concern about who’s on (or off) the network? The concern would be high, especially in light of recent unauthorized access attempts. Each event should be treated as an attempted breach until intent is confirmed
Ability to discern operating systems of network-connected systems1.b.
2.a.ii.1.b. What are the organizational constraints?
A centralized approach to host OS. This allows for system continuity regarding maintenance, security patches, and application monitoring.
2.a.ii. What is the level of concern about detailed information relating to specific assets on (or off) the network? High. HR and IT are responsible for safeguarding the private information of personnel and clients. All other departments are constrained to data within their segment. Evaluation
FactorEvaluation Criteria Manager’s Questions—
Aligned to CriteriaRelevant Organizational Security Plan Information (From Scenario)
Ability to discern specific software applications based on their unique data flows1.a.
1.b.
2.a.iii.
2.a.v.1.a. What are the organizational attributes?
These attributes may differ between departments depending on the applications in their workflow. A default grouping of approved open-
source apps should be created to standardize applications on all hosts and simplify monitoring.
1.b What are the organizational constraints?
As the organization is determined to utilize open-source tools as the first option, the risks for false positives may be increased. As mentioned above-defined software should be whitelisted to increase transparency for monitoring.
2.a.iii. What is the level of concern about the ability to defeat secure communications?
High. Breaking secure communications would mean exposing host devices and the network to attacks and risking data confidentiality and availability. 2.a.v. What is the level of concern about potential for harm?
High. If encrypted transmissions are intercepted, it poses a severe threat to the confidentiality of company and client data. Ability to handle encrypted data flows1.b.
2.a.iii.
2.a.v.1.b. What are the organizational constraints?
With the number of host devices present, the most significant constraint would be the current IT team.
2.a.iii. What is the level of concern about the ability to defeat secure communications?
High. If encrypted data is compromised, it puts the clients’ assets at risk and the assets and reputation of the institution.
2.a.v. What is the level of concern about potential for harm?
High. If encrypted data is intercepted and confidentiality is breached, it opens the institution up to litigation if client data is compromised.
For each section of this worksheet, fill in the empty cells with the required information.
Technology Evaluation Criteria Table
Evaluation
FactorEvaluation Criteria Manager’s Questions—
Aligned to CriteriaRelevant Organizational Security Plan Information (From Scenario)
EffectivenessAbility to identify network-connected systems1.a.
2.a.i.1.a. What are the organizational attributes?
The network architecture is comprised of four segments with restricted communications between segments. Each department is specific to a segment with IT requiring remote availability. Additionally, there are between 150-200 host devices or a 1:1 with the number of employees.
2.a.i. What is the level of concern about who’s on (or off) the network? The concern would be high, especially in light of recent unauthorized access attempts. Each event should be treated as an attempted breach until intent is confirmed
Ability to discern operating systems of network-connected systems1.b.
2.a.ii.1.b. What are the organizational constraints?
A centralized approach to host OS. This allows for system continuity regarding maintenance, security patches, and application monitoring.
2.a.ii. What is the level of concern about detailed information relating to specific assets on (or off) the network? High. HR and IT are responsible for safeguarding the private information of personnel and clients. All other departments are constrained to data within their segment. Evaluation
FactorEvaluation Criteria Manager’s Questions—
Aligned to CriteriaRelevant Organizational Security Plan Information (From Scenario)
Ability to discern specific software applications based on their unique data flows1.a.
1.b.
2.a.iii.
2.a.v.1.a. What are the organizational attributes?
These attributes may differ between departments depending on the applications in their workflow. A default grouping of approved open-
source apps should be created to standardize applications on all hosts and simplify monitoring.
1.b What are the organizational constraints?
As the organization is determined to utilize open-source tools as the first option, the risks for false positives may be increased. As mentioned above-defined software should be whitelisted to increase transparency for monitoring.
2.a.iii. What is the level of concern about the ability to defeat secure communications?
High. Breaking secure communications would mean exposing host devices and the network to attacks and risking data confidentiality and availability. 2.a.v. What is the level of concern about potential for harm?
High. If encrypted transmissions are intercepted, it poses a severe threat to the confidentiality of company and client data. Ability to handle encrypted data flows1.b.
2.a.iii.
2.a.v.1.b. What are the organizational constraints?
With the number of host devices present, the most significant constraint would be the current IT team.
2.a.iii. What is the level of concern about the ability to defeat secure communications?
High. If encrypted data is compromised, it puts the clients’ assets at risk and the assets and reputation of the institution.
2.a.v. What is the level of concern about potential for harm?
High. If encrypted data is intercepted and confidentiality is breached, it opens the institution up to litigation if client data is compromised.
