IT Audits and Planning

Topic: The purpose of this lab is to recognize the risks, threats, and vulnerabilities commonly found in the workstation domain. You will identify known vulnerabilities and exploits on the Common Vulnerabilities and Exposures (CVE) database listing. You will describe how risks, threats, and vulnerabilities or misconfigurations at the operating system level in the workstation domain might expose that workstation. You will also identify steps to harden the workstation domain operating system and applications installed on the user’s workstation for compliance and safeguarding of sensitive data and access to that data. Finally, you will apply Department of Defense (DoD) guidelines for securing the workstation domain, including the review and assessment of Windows 10 and Windows 2016 security guidelines. Participate in each section of the lab and follow the instructions for the exercises in each section. You will use a text document to develop your homework assignment by completing the sections listed below: Lab 5.1a Review the following scenario: You are a security consultant for an information systems security firm and have a new healthcare provider client under the Health Insurance Portability and Accountability Act (HIPAA) compliance. Your new client wants to know the requirements and business drivers for securing the workstation domain in its healthcare environment. Your new client requires compliance with HIPAA. Similarly, your firm has a DoD client that also wants you to perform a workstation domain compliance audit per DoD workstation hardening guidelines and baseline requirements. In your homework assignment, discuss how the compliance law requirements and business drivers for the healthcare provider’s workstation domain might differ from the DoD’s workstation domain security compliance requirements. Lab 5.1b Launch your Web browser. Navigate to the following website: http://cve.mitre.org/. Review the site, and then in your homework assignment, identify the risks, threats, and vulnerabilities commonly found in the workstation domain. Launch your Web browser. Navigate to the following website: https://public.cyber.mil/stigs/ /. Review the Security Technical Implementation Guides (STIGs) available and the proper implementation of security based on DoD’s workstation/desktop hardening guidelines. In your document, discuss three STIGs and the DoD’s workstation/desktop hardening guidelines. Lab 5.1c Launch your Web browser. Navigate to the following website: https://public.cyber.mil/stigs/ View and Download STIGs Search for the ‘Desktop Application’ Security Technical Implementation Guide (Version 4, Release 5) document from the STIG database website. Sunset-Desktop Applications General STIG-Ver4, Rel 5 Review the following concepts from this overarching DoD standards document, and, in your homework assignment, discuss the significant points of two of these topics: Appropriate backup strategy does not exist Public instant message clients are installed Peer-to-Peer clients or utilities are installed Execution Restricted File Type Properties Open-restricted File Type Properties You can view the contents of the STIG by visiting the following site: https://vaulted.io/library/disa-stigs-srgs/desktop_applications_general Lab 5.1d Launch your Web browser. Type the following Web address: https://public.cyber.mil/stigs/ Using the search tool search for and review Microsoft Windows Firewall STIG and Advanced Security. View the STIG. Determine which technical controls are appropriate for the Windows OS. Note these in your text document. The STIGs Master List (A to Z) link can be found at this link: https://public.cyber.mil/stigs/downloads/ Scroll down the list to locate and then download the following Windows OS security guideline documents/zip files: Windows 10 STIG (you will see several Windows 10 STIG options; click the one with only a Version number and a Release number after STIG). Microsoft Windows 10 STIG Ver 1, Rel 20 Windows 2016 STIG (you will see a couple of Windows 2016 STIG options; click the one with only a Version number and a Release number after STIG). Microsoft Windows Server 2016 STIG Ver 1,Rel 10 Once you have downloaded the Windows 10 STIG ZIP file to your desktop, double-click the ZIP file to extract the Windows 10 STIG folder. Double-click the folder to open it, double-click the Windows 10 Manual STIG ZIP file to extract the Windows 10 Manual STIG folder, double-click the folder to open it, and then double-click the Windows 10 STIG Manual XML file to open it. For help in viewing an XML file, watch the this video on How to Easily View a STIG XML file Review the following concepts. In your Microsoft Word document, list each of these and discuss a significant point about each one: display shutdown button, clear system pagefile, removable media devices, halt on audit failure, and security configuration tools. Next, you will work with the Windows 2016 STIG ZIP file on your desktop. Double-click the ZIP file to extract the Windows 2016 STIG folder. Double-click the folder to open it, double-click the Windows 2016 DC Manual STIG ZIP file to extract the Windows 2016 DC Manual STIG folder, double-click the folder to open it, and then double-click the Windows 2016 DC STIG Manual XML file to open it. Review the following concepts and vulnerabilities for configuring and hardening Windows 2016 Domain Controllers. In your document, list each of these and discuss a significant point about each one: system recovery backups, caching of logon credentials, dormant accounts, recycle bin configuration, password uniqueness, and printer share permissions. Lab 5.1e Navigate to the following website: http://cve.mitre.org/ Review the National Cyber Security Division of the U.S. Homeland Security Department’s CVE listing hosted by the Mitre Corporation. To access the CVE listing, click CVE List in the left-hand column to reach the CVE List main page. In your homework assignment, discuss how workstation domain OS and application software vulnerabilities are housed in the CVE listing. Next, click the National Vulnerability Database link on the CVE homepage or CVE List main page. In your text document, discuss how vulnerabilities are housed in the National Vulnerability Database. Discuss how this is both a security control tool and an attack tool used by hackers Lab 5.2 Write an executive summary to discuss the top workstation domain risks, threats, and vulnerabilities, and include a description of the risk mitigation tactics you would perform to audit the workstation domain for compliance. Use the U.S. DoD workstation hardening guidelines as your example for a baseline definition for compliance.

Struggling to find relevant content or pressed for time? – Don’t worry, we have a team of professionals to help you on
IT Audits and Planning
Get a 15% Discount on this Paper
Order Now
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
Sign up, place your order, and leave the rest to our professional paper writers in less than 2 minutes.
step 1
Upload assignment instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
s
Get personalized services with MyCoursebay
One writer for all your papers
You can select one writer for all your papers. This option enhances the consistency in the quality of your assignments. Select your preferred writer from the list of writers who have handledf your previous assignments
Same paper from different writers
Are you ordering the same assignment for a friend? You can get the same paper from different writers. The goal is to produce 100% unique and original papers
Copy of sources used
Our homework writers will provide you with copies of sources used on your request. Just add the option when plaing your order
What our partners say about us
We appreciate every review and are always looking for ways to grow. See what other students think about our do my paper service.
Human Resources Management (HRM)
awesome job
Customer 452701, August 14th, 2023
Nursing
Everything was done thoroughly and with care. Awesome job!!!
Customer 452453, April 10th, 2021
Nursing
Great paper!
Customer 452707, June 29th, 2023
Human Resources Management (HRM)
Thank you so much.
Customer 452701, August 14th, 2023
Criminal law
Thank You!
Customer 452465, January 29th, 2021
Human Resources Management (HRM)
Thank you
Customer 452531, May 19th, 2021
Literature
Excellent
Customer 452813, July 5th, 2023
Human Resources Management (HRM)
This paper is well -written from what I have read. If there are any instructor concerns, I will advise.
Customer 452701, October 24th, 2023
Nursing
Looks good. Thank you!!
Customer 452525, April 27th, 2022
Psychology
Good mastery of ABA concepts. Excellent!
Customer 452469, May 14th, 2022
Human Resources Management (HRM)
Thank you so much. Well written paper.
Customer 452701, September 25th, 2023
Nursing
The writer went above and beyond as usual. Always a great experience with these writers.
Customer 452707, December 4th, 2022
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat

Good News ! We now help with PROCTORED EXAM. Chat with a support agent for more information

NEW

Thank you for choosing MyCoursebay. Your presence is a motivation to us. All papers are written from scratch. Plagiarism is not tolerated. Order now for a 15% discount

Order Now