Implementing_a_Risk_Mitigation_Plan_3e_-_Madeline_OMalley.pdf

Implementing a Risk Mitigation Plan (3e) Managing Risk in Information Systems, Third Edition - Lab 08 Student: Email: Madeline O`Malley madeline.omalley@spartans.ut.edu Time on Task: Progress: 4 hours, 46 minutes 100% Report Generated: Sunday, November 26, 2023 at 9:45 PM Guided Exercises Part 1: Update the Information Security Policy Document 3. Recommend and explain four properties and any associated values. Length: Longer passwords generally provide better security because they increase the possible combinations of characters, making it more difficult for attackers to guess or crack the password. Aiming for a minimum of 12 characters is important. Consider using even longer passwords, especially for more sensitive accounts. Complexity: A strong password should include a mix of different character types, such as uppercase letters, lowercase letters, numbers, and special symbols. This complexity makes it harder for attackers to use brute-force methods. Use a combination of uppercase and lowercase letters, numbers, and special characters. Unpredictability: Avoid using easily guessable information, such as dictionary words, common phrases, or easily accessible personal information. The goal is to create a password that is difficult for others to guess, even with knowledge of your personal details. Do not use easily guessable information like names, birthdays, or common words. Consider using a combination of unrelated characters or create a passphrase that is memorable to you but difficult for others to guess. Uniqueness: Each of your passwords should be unique to each account. Using the same password across multiple accounts increases the risk that if one account is compromised, others will be as well. Avoid using the same password for different accounts. Consider using a password manager to generate and store unique, complex passwords for each of your accounts. Page 1 of 10

Implementing a Risk Mitigation Plan (3e) Managing Risk in Information Systems, Third Edition - Lab 08 4. Update the existing password policy with an additional statement for each property. 2.2.1 - Failure to comply with this policy may result in access restrictions and other disciplinary actions in accordance with the organization's security protocols 2.2.2 - Each employee is responsible for maintaining the confidentiality of their assigned password. If an employee suspects that their password may have been compromised or if they encounter any suspicious activity related to their account, it is their duty to promptly report such incidents to the IT department for investigation and resolution. 2.2.3 - In order to uphold the highest standards of security, employees are expressly prohibited from writing down their passwords or storing them in easily accessible locations. If employees find it challenging to remember complex passwords, they are encouraged to use secure password management tools provided by the organization. Any instance of a written password, whether on physical or digital mediums, poses a significant security risk and must be avoided. Part 2: Sanitize a Windows Server 7. Make a screen capture showing the empty Documents folder and empty Recycle Bin icon . Page 2 of 10

Implementing a Risk Mitigation Plan (3e) Managing Risk in Information Systems, Third Edition - Lab 08 12. Make a screen capture showing the empty acmeFTP folder and empty Recycle Bin icon . Page 3 of 10

Implementing a Risk Mitigation Plan (3e) Managing Risk in Information Systems, Third Edition - Lab 08 22. Make a screen capture showing the Active Directory Users and Computers console without the Database_Test user . Page 4 of 10

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help