Implementing_a_Risk_Mitigation_Plan_3e_-_Madeline_OMalley
.pdf
keyboard_arrow_up
School
Utica College *
*We aren’t endorsed by this school
Course
356
Subject
Information Systems
Date
Dec 6, 2023
Type
Pages
10
Uploaded by BrigadierJellyfishPerson5726
Implementing a Risk Mitigation Plan (3e)
Managing Risk in Information Systems, Third Edition - Lab 08
Student:
Email:
Madeline O`Malley
madeline.omalley@spartans.ut.edu
Time on Task:
Progress:
4 hours, 46 minutes
100%
Report Generated:
Sunday, November 26, 2023 at 9:45 PM
Guided Exercises
Part 1: Update the Information Security Policy Document
3.
Recommend
and
explain
four properties and any associated values.
Length:
Longer passwords generally provide better security because they increase the possible
combinations of characters, making it more difficult for attackers to guess or crack the password.
Aiming for a minimum of 12 characters is important. Consider using even longer passwords, especially
for more sensitive accounts.
Complexity:
A strong password should include a mix of different character types, such as uppercase
letters, lowercase letters, numbers, and special symbols. This complexity makes it harder for attackers
to use brute-force methods. Use a combination of uppercase and lowercase letters, numbers, and
special characters.
Unpredictability:
Avoid using easily guessable information, such as dictionary words, common
phrases, or easily accessible personal information. The goal is to create a password that is difficult for
others to guess, even with knowledge of your personal details. Do not use easily guessable
information like names, birthdays, or common words. Consider using a combination of unrelated
characters or create a passphrase that is memorable to you but difficult for others to guess.
Uniqueness:
Each of your passwords should be unique to each account. Using the same password
across multiple accounts increases the risk that if one account is compromised, others will be as well.
Avoid using the same password for different accounts. Consider using a password manager to
generate and store unique, complex passwords for each of your accounts.
Page 1 of 10
Implementing a Risk Mitigation Plan (3e)
Managing Risk in Information Systems, Third Edition - Lab 08
4.
Update
the existing password policy with an additional statement for each property.
2.2.1 - Failure to comply with this policy may result in access restrictions and other disciplinary actions
in accordance with the organization's security protocols
2.2.2 - Each employee is responsible for maintaining the confidentiality of their assigned password. If
an employee suspects that their password may have been compromised or if they encounter any
suspicious activity related to their account, it is their duty to promptly report such incidents to the IT
department for investigation and resolution.
2.2.3 - In order to uphold the highest standards of security, employees are expressly prohibited from
writing down their passwords or storing them in easily accessible locations. If employees find it
challenging to remember complex passwords, they are encouraged to use secure password
management tools provided by the organization. Any instance of a written password, whether on
physical or digital mediums, poses a significant security risk and must be avoided.
Part 2: Sanitize a Windows Server
7.
Make a screen capture
showing the
empty Documents folder and empty Recycle Bin
icon
.
Page 2 of 10
Implementing a Risk Mitigation Plan (3e)
Managing Risk in Information Systems, Third Edition - Lab 08
12.
Make a screen capture
showing the
empty acmeFTP folder and empty Recycle Bin icon
.
Page 3 of 10
Implementing a Risk Mitigation Plan (3e)
Managing Risk in Information Systems, Third Edition - Lab 08
22.
Make a screen capture
showing the
Active Directory Users and Computers console
without the Database_Test user
.
Page 4 of 10
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help