100%(2)2 out of 2 people found this document helpful
This preview shows page 1 - 4 out of 10 pages.
System Security Monitoring, Patch Management, and Update PoliciesRamesh AmadoruStrayer UniversityCIS 534 - Advanced Network Security DesignDr. Christopher Gorham
1)Establish a system security monitoring policy addressing the need for monitoring,policy scope, and exceptions.a)Justify the need of monitoringInvolving of collecting and analyzing the data and information which are criticalto identifying the abnormal behaviors and activities that can be a threat for the network canbe classified as “Security Monitoring”. Applying the continues security monitoring systemcan help the organization to spot the abnormal incidents that are occurring within the networkin the early stage. With this the security teams of the organization can respond, plan, andimplement the remedies that needs to be taken to prevent such attacks and threats effectively.By gathering the information and data which is critical from the network, servers andendpoints, security controls, user applications the visibility and the understanding can begained to place the set of triggers which can alert the organization if there is any malicious orabnormal activity occurs within the network. Also, by establishing this nature of monitoringsystem can make the attackers more difficult since these malicious behaviors which canoccur outside the network can be easily highlights the through the own employees among theorganization. It is vital to have a proper monitoring system which can alarm the respectiveauthorities of the organization about the suspicious incidents, before they course the seriousharms and damages specially with the higher number of cyber threats and sophisticatedcriminals which are emplacing in each second of the day. (1)The capability of monitoring the each and every aspect of the clients, systems, andnetwork is the primary responsibility of the monitoring system and it is also capable ofanalyzing the network traffic while observing the abnormalities. Since these monitoringsystems are capable of even monitoring the different nature of databases, any changes which
may made by unauthorized user can be easily discoursed and perform the immediate actionsto prevent any harm to the file systems which are sacred of the organization. Thesemonitoring systems are also providing the ability of tracking the events which are takingplace with the user workstations and other devices within the network of the organization.Maintaining the user records such as password attempts, user login logout information alsocan be clearly monitored when there is a proper monitoring system is in placed within theorganization. (2)b)Define the scope of the policy (the personnel, equipment, and processes to which thepolicy applies).