Cyber Security and Incident Management part 2

Pearson Set Assignment
Activity -2
UNIT 11 CYBER SECURITY AND INCIDENT MANAGEMENT
ASSESSOR – HIMANSHU BABBAR



STUDENT NAME: Ibrahim Zitouni

PEARSON ID: 20000351

DATE: 6 JULY 2021

TIME: 10:00 AM – 3:00 PM

,Contents
Introduction.................................................................................................................................................3
Assessing Vulnerabilities..............................................................................................................................3
Tools & Methods for Assessing Vulnerabilities............................................................................................3
Third Party Reviews of Systems & Network Designs....................................................................................4
Penetration Testing.....................................................................................................................................5
Assessing Risk Severity................................................................................................................................7
Measures for Risk Severity..........................................................................................................................7
Risk Severity.............................................................................................................................................8
Risk Assessment Approach..........................................................................................................................8
A Risk Assessment Method......................................................................................................................9
Documenting a Risk Assessment.................................................................................................................9
Cyber Security Plan....................................................................................................................................10
Structure of a cyber security plan..........................................................................................................10
Cyber Security Protection Measures..........................................................................................................11
Hardware Protection Methods..............................................................................................................11
Software Protection Methods................................................................................................................11
Physical Protection Methods.................................................................................................................12
Alternative Risk Management Measures...........................................................................................12
IT Technical and Financial Constraints.......................................................................................................12
Legal Responsibilities.................................................................................................................................13
Usability of the System..............................................................................................................................14
Cost-Benefit Analysis.................................................................................................................................14
Test Plan....................................................................................................................................................15
Internal policies.........................................................................................................................................16
Plan-Do-Check-Act Loop............................................................................................................................16
Security Audits...........................................................................................................................................19
Backup Policy.............................................................................................................................................19
Data Protection Policy...............................................................................................................................20
Incident Response Policy...........................................................................................................................21
Assembling the CSIRT & Initial Assessment...............................................................................................21
Containing Damage & Minimizing Risk......................................................................................................22


1|Page

, Identifying the Type & Severity of the Compromise..............................................................................23
Protecting Evidence...................................................................................................................................23
Notifying External Agencies & Recovery of System...................................................................................24
Notifying External Agencies.......................................................................................................................24
Compiling and Organising Incident Evidence.............................................................................................24
Disaster Recovery Policy............................................................................................................................25
Identification of Critical Systems............................................................................................................25
Prevention, Response & Recovery Strategies............................................................................................26
Disaster Recovery Plan Structure...............................................................................................................26
External Service Providers.........................................................................................................................27
What External Service Provider Agreements Include............................................................................27
The Implications of ESP Agreements.........................................................................................................28
Appropriate Network Diagram for Online-Doc..........................................................................................29
Justification of Security features and systems chosne...............................................................................29
References.................................................................................................................................................31




2|Page

, Introduction
After helping my Business client Davies Enterprises, I have once again been task to assist another client
called Online-Doc, Online-Doc is an online health service which sets ups meeting with doctors, Online-
Doc is moving to a building called Energy House which has been used for residential and office building
office, they will be a occupying a place on the 6 th floor. Regardless of this I have been tasked to aid
Online-Doc implement a Cyber Security plan.

Assessing Vulnerabilities
It is critical to examine the vulnerabilities which already present throughout company networks but also
equipment while establishing a cybersecurity protection plan. This could be conducted locally by the
company, but there are also outside companies which may be contracted to analyze a system for flaws,
such as white-hat hackers.

Tools & Methods for Assessing Vulnerabilities




Identifying vulnerabilities could be a complicated but also time-consuming process. We will frequently
employ a variety of tools as well as strategies to assist us in this endeavor.

1. Port Scanners: If online-doc uses port scanners it is important to note that port scanners detect a
device regarding potential open ports which hackers might be capable to use. It operates through
attempting to link to a computer via transmitting a query over each port in turn, observing which ports
answer or appear to be open.

2. Assessing User Vulnerabilities: This entails determining any system vulnerabilities which may be
triggered by users. Auditing what accessibility to devices multiple users needed, personnel cybersecurity
education, and the difficulty of credentials established by staff are all examples of this. It might possibly
entail carrying out simulated attacks, such as sending phishing emails, to see if staff of online-doc are
susceptible to frauds.

3. Vulnerability Detection and Management Software: They're similar to website vulnerability
detectors only they're for other IT systems instead of websites. This would analyze the system initially,
then conduct tests to find significant possible threats in operation detecting critical weaknesses. In
reference to the scenario, Online-docs would benefit from using different types of Detection software to
ensure that they stay clear of malicious intend



3|Page