Task 2: Evaluation of Transcon ControlsIdentify from the SAD what security controls Transcon already has in place that could assistwith the prevention of spear-phishing attacks. Hint: refer to section '7 Interfaces'.Provide Transcon with a recommendation of a suitable technology solution to help protect theNOMS system from spear-phishing attacks. Ensure to provide Transcon with a reason for yourrecommendation and explain how it would fit in with the NOMS High-level integration diagramdisplayed in Figure 7 of the SAD. .1 INTEGRATION OVERVIEWThe following diagram shows the high-level integrations for the NOMS application. The arrows showthe direction of the data flows:Integration ServerIntegration ServerSystem BNFSDB-existing replication--TriggersWebserviceIIH WebMethodsSystem Adata baseBrokerBrokerFiltered viewto allowInternal Networkirrelevantitem detailsSystem A EnclaveOrganisation AActive DirectoryNOMS prodShared ServicesInternal MailNOMS UsersShared ServicesNOMSSMTPJMS (Publish/Subscribe push)SMTPServerServerWeb Service (Request/Response pull)File TransfersMFTCentralEmailAuthenticationSystem CArrows showdirection ofdata flow2-factorauthenticationPrivate Cloud environmentSIGNOMS UsersFigure 7- High-level integration diagramThe following tables indicate the high-level connectivity requirements and interfaces with the intentof providing enough information to create firewall rules to enable NOMS.Internet interfaces (all use the existing SIG proxy services):

Let's understand how spear-phishing works. There are actually 3 steps to show how it happens. In…

Answered: Identify from the SAD what security…

Identify from the SAD what security controls Transcon already has in place that could assist with the prevention of spear-phishing attacks. Hint: refer to section '7 Interfaces'.

Management Of Information Security

6th Edition

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:WHITMAN, Michael.

Chapter11: Security Maintenance

Section: Chapter Questions

Problem 1DQ

See similar textbooks

Related questions

Q: Q7) Create a class named 'Student' with a string variable 'name' and an integer variable 'roll_no'.…

A: class Student{ String name; int roll_no; public Student(String name, int roll_no){…

Q: Write program to enter and draw, as a CT signal, the following two sequences: A-[3, 6, 9, 12] and…

A: The code for the above given question is given below:

Q: (a) What are the different optimization challenges embedded systems encounter?

A: Optimization has a significant role in designing a system.

Q: What are Gentoo's advantages and disadvantages when it comes to server OSes?

A: The answer of this question is as follows:

Q: combinational circuit with 3 input variables. The inputs will give a logic 1 output if more than one…

A: Let the input be variable of function x, y and z. The truth table is x y z F 0 0 0 0 0 0 1…

Q: Answer the following question Design a combinational circuit with 3 input variables. The inputs will…

A: Combinational Circuits Combinational circuits are the circuits that combine different sub-circuit to…

Q: Wite a J8 code blurb ot an ntre HTML pagto get an iteger froma prompt box and kop howing the promgt…

A: The Javascript code is given below isNaN() function is used here Also the full HTML code is attached…

Q: [1 -2 1] If A = 2 1 3] [2 1] and B = 3 2, then (AB)T is equal -3 10 -2 7 Option 2 O None of these O…

Q: If you're a Toyota analyst, compose a quick SWOT analysis including probable strengths, weaknesses,…

A: Given: Verify the information sample. check the sample information Verify the data. Before you…

Q: Contrast and contrast the most widely used server operating systems nowadays.

A: Different operating systems work on different types of hardware and are designed for different types…

Q: What are the recommended procedures for assuring a local area network's resilience and availability?

A: The Answer start from step-2.

Q: please i need confert this code to compiler using System; class HelloWorld

A: //Corrected program: using System;using System.Collections.Generic;using System.Linq;using…

Q: Create a list of requirements by user/entity and requirements that are useful to multiple user…

A: Solution: Requirements are defined by the user/entity and are useful to multiple user groups. The…

Q: There are many examples of this, such as a network tester who is told by his or her boss: "The time…

A: Allow me to begin with a formal definition: Integration testing evaluates the interconnections of…

Q: What role do protocols play in the transfer of information through networks? Provide an explanation…

A: Protocols provide network communications functionsnetwork protocol is an established set of rules…

Q: Which JavaScript expression can you use to retrieve the value from the web form input control with…

A: Introduction: JavaScript is the scripting language which helps in manipulating the DOM HTML to make…

Q: What is it that the fundamental principles of software engineering do not include?

A: Introduction: Software is a progression of programming guidelines which are done to play out a…

Q: Integrity testing is a waste of time, according to your supervisor. Not necessary if each app is…

A: Integrity: Integrity tests are a sort of personality test that is used to determine whether or not a…

Q: What are some of the common aspects seen in network diagrams

A: An network diagram will assist organisations and teams with envisioning how gadgets like Computers,…

Q: Question 1: Create subnetworks for the following given requirements (IPV4 addresses). 191.148.1.0/24…

A: Answer 1= >Subnetting using VLSM (Variable length subnet mask) The IPv4 address is 191.148.1.0/24…

Q: Describe the evolution of computer systems in terms of technological advancement and the most common…

A: Technology Advancement: As technology has evolved, computer systems, in particular, have improved…

Q: Exist any missing basics in software engineering? explain

A: Answer : Time limitation is one of the basic that effect the software engineering. This is because…

Q: Provide an example of when adaptors are often needed in the merging of application systems. Why is…

A: Definition: Adaptors are required in an integrated framework. When numerous application frameworks…

Q: Distinguish between a Heap and a Binary Tree. Is operational efficiency something you'd want to…

A: Answer:

Q: We think other solution in bartleby is wrong so be carefull please. A database must store an…

A: The objective is to : To determine how many records can be stored per block (blocking factor) using…

Q: Methods Java Write the appropriate method headings using the provided method name for the following…

A: The program is written in Java. Please find the source code and output in the following steps.

Q: Learn about and compare the E-R diagramming capabilities of a variety of graphics and drawing…

A: Diagram of entity relationships: The ER is defined as the diagram that illustrates the relationship…

Q: Explanation it correctly and details Q)what is a schedule of values? why is it important

A: - We need to talk about schedule of values and it's importance.

Q: system

A: In computing, a database is a coordinated assortment of data put away and got to electronically.…

Q: multiplayer web based game——guess number （use socket.io, html, js） 3-player join the game with their…

A: The above question belongs to html and javascript domain of computer science and is solved below

Q: L Write a program in Matlab to convert 'Peppers.png' from RGB to Index then convert the result to…

A: rgb2gray Convert RGB image or colormap to grayscale I=rgb2gray(RGB)converts the truecolor image…

Q: In terms of server operating systems, how would you describe the Ubuntu Server Operating System?

A: answer is

Q: As a system analyst Design the decision table for the following cases Car Alnsurance Policy. Owner…

A: Here we have given decision table for the following cases Car Alnsurance Policy.You can find the…

Q: would you describe Gentoo in terms of server operating systems and its unique features

A: Gentoo is a free Linux-based free app that can be customized and customized for almost any…

Q: PYTHON! Can someone help me with this problem in python? I want the output to be stored in a new…

A: The Python code is given below with screenshots

Q: Can software engineering's core goal be summarised? What is it?

A: Start: In its most basic form, software engineering seeks to establish methodologies and procedures…

Q: Are there any concepts that are overlooked by the fundamentals of software engineering? Explain?

A: Answer : As in software engineering whenever we do any project then we decide some deadline under…

Q: select T.branch-name from branch T, branch S where T.assets > S.assets and S.branch-city =…

A: Relational Algebra in DBMS As the word suggest 'relational' which comes from relation and 'algebra'…

Q: How can a Java application get access to a database?

A: JDBC(Java Database Connectivity ) API(Application Programming Interface) is a java API which is…

Q: re serve a purpo

A: Program development services is a troublesome cycle that includes planning an application or…

Q: Acquire a comprehensive knowledge of social networking Autonomous computing: what is it and where…

A: When we talk about "social networking," we refer to the different online platforms that enable users…

Q: Create abstract class Ticket, and classes TrainTicket and PlaneTicket. Define all attributes and…

A: We need to implement the : Ticket.java TrainTicket.java PlaneTicket.java as per the given…

Q: After the SHR instruction is executed in the code sequence below, what is the final value for AL?…

A: Correct Option is B⇒ 0010_1011

Q: Is there anything fundamentally wrong with the way software engineering is taught? explain?

A: Software engineering is a systematic engineering approach to software development.

Q: his is a form of security that covers more, they are also concern in pri

A: Q)This is a form of security that covers more, they are also concern in prioritizing the most…

Q: n terms of server operating systems, how would you describe and list the characteristics of Ubuntu?

A: ubuntu operating system: - the human operating system is an open source operating system and is a…

Q: Is it logical to break down large computer processes and programmes into smaller subsystems? What…

A: Introduction: Fragments are utilized to separate an interaction. Portions are alluding to the areas…

Q: allel com

A: The main illustration of the "Livermore Computing Getting Started" studio might be seen as here. Its…

Q: There must be something fundamentally missing from the core concepts of software engineering.…

A: There must be something fundamentally missing from the core concepts of software engineering.…

Q: In what way does.NET handle exceptions?

A: Exception: 1) An exception is an unintended mistake that happens while a programme is being executed…

Question

Task 2: Evaluation of Transcon Controls
Identify from the SAD what security controls Transcon already has in place that could assist
with the prevention of spear-phishing attacks. Hint: refer to section '7 Interfaces'.
Provide Transcon with a recommendation of a suitable technology solution to help protect the
NOMS system from spear-phishing attacks. Ensure to provide Transcon with a reason for your
recommendation and explain how it would fit in with the NOMS High-level integration diagram
displayed in Figure 7 of the SAD.

Expert Solution

This question has been solved!

Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.

SEE SOLUTION Check out a sample Q&A here

Introduction

VIEW

Prevention

VIEW

Step by step

Solved in 2 steps

SEE SOLUTION Check out a sample Q&A here

Knowledge Booster

Learn more about

Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.

Similar questions

As the agile security officer for a financial company, you need to ensure the organization's use of secure communication channels to customers both domestic and international meet government export regulations. Using the Vulnerability Assessment Process Flow diagram, identify which of the seven areas of security best apply to the scenario above. Select all that apply. Input Validation: Secure input and representations | APIS: Secure API interactions Cryptography: Encryption use and vulnerabilities Client/Server: Secure distributed computing | Code Error: Secure error handling Code Quality: Secure coding practice/patterns Encapsulation: Secure data structures
Question 3 Include a brief summary (one page) of the security-related components that are part of the typical Deployment phase. Describe the importance of creating and using an incident response plan and the importance of using automation and application containers in the Deployment phase. Full explain this question and text typing work only thanks
Sophos is a security company dealing with advanced anti-virus software tools for desktops, servers, and web servers. They have clients across the globe. They also provide their limited anti-virus tools for free to individual users for trial purposes. Develop a basic resource list (with at least four critical resources) for this business that could form part of your risk management activities. Justify why each resource should be included in this list by highlighting its risk sensitivity and risk tolerance.
Answer the given question with a proper explanation and step-by-step solution. In this week's lecture, we are looking at the SANS CISO Mind Map and how we focused on Security Operations. Pick one of the items (for example - - Data Loss Prevention (DLP), VPN, Security Gateway, etc.) and research the topic and provide a two-paragraph minimum with references on the topic. Pick something you are interested in or do not know but would like to learn more about the topic. Sell me, make me excited.
The Microsoft Baseline Security Analyzer is a good tool to utilize. Using this is the best way to get the task done.
Explore the challenges and solutions for implementing continuous testing in the context of DevSecOps, emphasizing security.
create a security exercise utilizing two or more of the exercises types (red team, blue team, white team, purple team) discused in the assigned chapter readings. Detail your scenario, your use of at least 2 teams and how you will carry out the exercise to test your clients network security. what teams will be used? what roles will they play? use the courses microsoft word memo templat
Your task is to write a short critical analysis evaluating the importance of Access Control when developing secure software. You should examine the potential risks and benefits of implementing Access Control structures including groups and hierarchies at each layer of processing. You must include IEEE references for all ideas, quotes, and media you incorporate into your work
Chain Link Consulting is an IT consulting firm that specializes in system security issues. The company’s president has asked you to help her put together a presentation to a group of potential clients at a trade show meeting next month. First, she wants you to review system security issues, considering all six security levels. Then she wants you to come up with a list of ways that Chain Link could test a client’s security practices, in order to get a real-world assessment of vulnerability. To make matters more interesting, she told you it was OK to be creative in your recommendations, but not to propose any action that would be illegal or unethical. For example, it would be OK to pose as a job applicant with false references to see if they were being checked, but it would not be appropriate to pick a lock and enter the computer room. Your report is due tomorrow. What will you suggest?
Chain Link Consulting is an IT consulting firm that specializes in system security issues. The company’s president has asked you to help her put together a presentation to a group of potential clients at a trade show meeting next month. First, she wants you to review system security issues, considering all six security levels. Then she wants you to come up with a list of ways that Chain Link could test a client’s security practices, in order to get a real-world assessment of vulnerability. To make matters more interesting, she told you it was OK to be creative in your recommendations, but not to propose any action that would be illegal or unethical. For example, it would be OK to pose as a job applicant with false references to see if they were being checked, but it would not be appropriate to pick a lock and enter the computer room. Your report is due tomorrow. What will you suggest? Explain your answer thoroughly and explain well.
1- to 2-page Security Assessment Plan Worksheet Wk 3 – Assignment Template Security Assessment Plan Worksheet Using the Assignment Scenario, complete the following worksheet. Description of VulnerabilitySecurity Control Number and NameSecurity Control TypeSystem Categorization for Risk Level ImpactLast Assessment InformationAssetAssessment MethodPolicy Alignment<Describe the vulnerability><List the Security Control name and number><Common, System-Specific, Hybrid><High, moderate, or low><Identify any security assessments from the past><Describe the asset that will be tested><Identify at least one way you can test this asset><Indicate what security policy aligns with the asset>
An in-depth look at and description of the main ideas and concepts that are at the heart of security management, as well as the ideas that support it.