Security awareness lab 5 | Computer Science homework help

Lab 5
1. From your computer workstation, create a new text document called Security Awareness Lab #5.
2. Review the following Web addresses, and in your text document, first list the name of the security awareness policy you reviewed, and then discuss the policy’s main components (do this for each document you research at these Web addresses):
• Health care: State of North Carolina Department of Health and Human Services (http://info.dhhs.
• Higher education: University of Massachusetts (
• Health care: Community Health Plan of Washington (
3. Review the following risks and threats found in the user domain:
• Dealing with humans and human nature
• Dealing with user or employee apathy toward information systems security policy
• Accessing the Internet and opening “Pandora’s box”
• Surfing the Web, a dangerous trek into unknown territory
• Opening e-mails and unknown e-mail attachments, which can lead to malicious software and codes
• Installing unauthorized applications, files, or data onto organization-owned IT assets
• Downloading applications or software with hidden malicious software or codes
• Clicking on an unknown URL link that has hidden scripts
4. In your text document, identify a security control or countermeasure to mitigate each risk and threat identified above for the user domain. Draw from what you read at the Web addresses in Step 2.
5. Review the following risks and threats found in the workstation domain:
• Unauthorized access to workstations
• Operating system software vulnerabilities
• Application software vulnerabilities
• Viruses, trojans, worms, spyware, malicious software, and malicious code
• A user inserting CDs, DVDs, USB thumb drives with personal data and files onto organization-
owned IT assets
• A user downloading unauthorized applications and software onto organization-owned IT assets
• A user installing unauthorized applications and software onto organization-owned IT assets
6. In your text document, identify a security control or countermeasure to mitigate each risk and threat identified above for the workstation domain. Draw from what you read at the Web addresses in Step 2.
7. In your text document, create an organization-wide security awareness training policy for the XYZ Credit Union/Bank:
• The organization is a regional XYZ Credit Union/Bank that has multiple branches and locations throughout the region
• Online banking and use of the Internet are the bank’s strengths, given its limited human resources
• The customer service department is the organization’s most critical business function
• The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT
security best practices regarding its employees
• The organization wants to monitor and control use of the Internet by implementing content
• The organization wants to eliminate personal use of organization-owned IT assets and systems
• The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls
• The organization wants to implement security awareness training policy mandates for all new hires
and existing employees. Policy definitions are to include GLBA and customer privacy data require-
ments, in addition to a mandate for annual security awareness training for all employees
Using the following template, in your text document, create a security awareness training policy for the XYZ Credit Union/Bank organization (this should not be longer than three pages):
XYZ Credit Union
Security Awareness Training Policy
Policy Statement
{Insert policy verbiage here.}
{Insert the policy’s purpose as well as its objectives; use a bulleted list of the policy definition.}
{Define whom this policy covers and its scope.
Which of the seven domains of a typical IT infrastructure are impacted?
What elements, IT assets, or organization-owned assets are within the scope of this policy?}
{Does this policy point to any hardware, software, or configuration standards?
If so, list them here and explain the relationship of this policy to these standards. In this case, workstation domain standards should be referenced; make any necessary assumptions.}
{Explain how you intend to implement this policy across the organization and how you intend to
deliver annual or ongoing security awareness training for employees.}
{Explain any roadblocks or implementation issues that you must address in this section and how you will overcome them per defined policy guidelines.}
8. Submit the text document to your instructor as a deliverable for this lab.

Lab Assessment Questions & Answers
1. How does a security awareness training policy impact an organization’s capability to mitigate risks, threats, and vulnerabilities?

2. Why do you need a security awareness training policy if you have new hires attend or participate in the organization’s security awareness training program during new hire orientation?
3. What is the relationship between an acceptable use policy (AUP) and a security awareness training policy?

4. Why is it important to prevent users from engaging in downloading or installing applications and software found on the Internet?

5. When trying to combat software vulnerabilities in the workstation domain, what is needed most to deal with operating system, application, and other software installations?

6. Why is it important to educate users about the risks, threats, and vulnerabilities found on the Internet and World Wide Web?
7. What are some strategies for preventing users or employees from downloading and installing rogue applications and software found on the Internet?
8. What is one strategy for preventing users from clicking on unknown e-mail attachments and files?

9. Why should you include organization-wide policies in employee security awareness training?

10. Why does an organization need a policy on conducting security awareness training annually and periodically?

11. What other strategies can organizations implement to keep security awareness top of mind with all employees and authorized users?
12. Why should an organization provide updated security awareness training when a new policy is implemented throughout the user domain or workstation domain?

Get 20% Discount on This Paper
Pages (550 words)
Approximate price: -

Try it now!

Get 20% Discount on This Paper

We'll send you the first draft for approval by at
Total price:

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Custom Writings Help is a Quality-Oriented Company in Online Writing as a result of hiring exceptional professionals to execute clients' tasks.


Research Papers

At Custom Writings Help,We understand the struggle of research paper writing, and that is why at Custom WritingS Help, we are all out to help you. We pride ourselves on having a team of clinical writers. The stringent and rigorous vetting process ensures that only the 'BEST' Writers are chosen for the job. We have highly qualified Ph.D. and MA writers working with us; we equally offer these experienced writers specific bonuses and incentives to make them deliver highly original, unique, and informative content at reasonably low prices.


Thesis Writing Service

Worlwide, Many Masters Students are struggling with Thesis Completion. A thesis is likely to be the longest and most challenging piece of work a student has ever completed. However, unlike essays and other assignments, a student can pick a particular interest topic and work on their initiative. Fortunately, we are there for you. At Custom Writings Help, you are assured of an authentic, imaginative, informative, linguistically great, and advantageous thesis that adheres to all your needs. So, why continue considering different writers when you have discovered the best in the field?


Custom Papers

Not a single student can avoid writing custom papers. However, a total lack of experience, skills, and time makes it very hard to produce a superb writing piece. Therefore, if you are seeking professional help, turn to us. Our specialized and experienced writers compose a variety of model papers, including custom essays, college term papers, research papers, book reports, MBA essays, executive summaries, dissertations, Ph.D. theses, admission essays, and research proposals for college and university students at any level.


Essay Writing

Most of the students disregard the critical principles of essay writing and compose papers below sensible guidelines. Therefore, with Custom Writings Help, one should not worry about his/her essay. Our Writers compose informative and engaging content on all complexities and topics. We write meaningful and smart essays while prioritizing all aspects that bring about a good grade, such as impeccable grammar, proper structure, zero-plagiarism, and conformance to guidelines.


Coourse Work Writing

Don't let the seemingly never-ending onslaught of writing assignments get you down. If you are looking where to get course work assistance online, the writers at Custom Writings Help are here to assist you with all of your writing needs. We undertake to unique delivery of papers that meet the professor's requirements. The content is proofread, edited, and checked plagiarism before submission to customers. No matter how big or small your work is, we will deliver on time. Try US Now! !


Dissertation Writing Service

High-Quality Dissertation Writing Services are rare. They require Ph.D. academicians – not easily found. However, are an exception. The years, time, and resources we have invested in the dissertation world has given us a competitive advantage over others. Choose to come to Custom Writings Help; You will find perfect Ph.D. consultants who have written hundreds of dissertations theses ready to help you. Let our dissertation-writing services help you craft your dissertation, for you are assured we will give you the results.

Open chat