Potentially identify the location of the nefarious

This preview shows page 11 - 13 out of 19 pages.

potentially identify the location of the nefarious actor within the network and deploy defensive measures prior to the loss of data. The CISCO ISE also assist’s with enforcing our company’s whitelist regarding the BYOD policy. The whitelist is essentially a list of approved devices and/or operating systems that are allowed access to the network. If a device is not on the whitelist it is denied access and cannot connect (Rouse, 2005). As previously mentioned, the only authorized mobile devices granted access to this company’s network are those with the Android Operating System or Apple IOS, as well as laptops or tables using Windows or Mac OS. All devices are required to be 2016 or newer regardless of what operating system is being used. If an employee’s device meets these requirements their device is added to the company whitelist. As a result of this security incident there were questions regarding the legality of the internal investigation into the unnamed employee. Specifically, regarding the fourth amendment of the Constitution against unreasonable search and seizure. Prior to any employee being granted access to the company network a consent to monitor memorandum is signed by the employee and supervisor, then uploaded to each employee digital file. The memo states while a user is accessing the company network, the company has the right to monitor their activity without notice. Therefore, the monitoring of the employee’s activity was completely within the rights of the company. The employee also provided their device to be searched on their own account in order to show the security incident wasn’t a malicious attack on their end.
PROJECT 2 INCIDENT RESPONSE 12 IV. Continuous Improvement Plan The BYOD policy was established with the flexibility to continuously adapt with the ever-changing improvements within technology. Wired Equivalency Privacy (WEP) was one of the original technologies utilized to encrypt and protect user data. WEP was the first wireless encryption standard developed, it uses encryption based in a RC4 stream cipher which uses a 40- bit key to create a “random” encryption scheme. It is a “security protocol specified in the IEEE 802.11 standard, designed to provide a WLAN with a level of security and privacy comparable to what is expected of a wired LAN” (Scarfone, Dicoi, Sexton, and Tibbs, 2008). There are many commonly known and exploited vulnerabilities associated with WEP, it is difficult to configure, and very easily broken. Wi-FI Protected Access (WPA) was introduced as a provisional security improvement over WEP while the 802.11i wireless security standard was being developed. WPA can be applied in two different modes, Personal mode or Enterprise mode. WPA Personal mode utilizes Pre-Shared Keys (PSK) and is more suitable for a home network. A PSK is security feature in order to transfer secret keys shared between two devices to verify the user. The WLAN produces a password between eight to 63 characters, generating a 256-character key, which is used for both encryption and decryption (UMUC. 2019).

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture