Text of Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention...
Security Information Management Firewall Management, Intrusion
Detection, and Intrusion Prevention Intrusion Detection Busters
Katherine Jackowski Elizabeth Kearney-Lang Daureen
Selected Topics: The two areas of interest our team chose are:
Firewall Management and Intrusion Detection, Intrusion Prevention
Security Information Management complement each other well focusing
on the safeguarding of company assets
Control Objectives Security Information Management: To control
access to the Information Systems to prevent unauthorized use and
to restrict authorized use. To ensure proper controls are in place
to ensure data and system availability in order for the Information
Systems to fully support the organizations objectives.
Control Objectives Firewall Management and Intrusion Detection,
Intrusion Prevention To ensure preventative, detective, and
corrective measures are in place and working as intended to protect
the Information System from intrusion. To ensure proper controls
are in place to safeguard assets and prevent, detect and mitigate
Research Our research began with An Introduction to Computer
Security: The NIST Handbook National Institute of Standards and
Technology Special Publications: SP 800-41 Revision 1 entitled
Guidelines on Firewalls and Firewall Policy, SP 800-61 Revision 1
entitled Computer Security Incident Handling Guide, SP 800-94
entitled Guide to Intrusion Detection and Prevention Systems.
Research Collaboration: wikispaces Warious vendor website White
Control for Firewall Management, Intrusion Detection &
Prevention Implement and enforce Back-up Procedure Category:
Procedure Type: General, Secondary, Corrective Control Benefit:
Up-to-date back-up if needed Adverse Impact: Unnecessary extended
Control Evidence In Place: Written documentation of procedure,
documentation readily available in hardcopy or online. In Effect:
All data will be properly backed up, personnel responsible for
back-up procedure will have knowledge of procedure and
documentation of all back-ups that occur.
Audit Steps In Place: Review written documentation of procedure
and search for online copy. In Effect: Test and verify the
existence of back- up data stores. Interview employees to determine
responsibilities and accountable party.
Control for Security Information Management Written Acceptable
Use Policy with required signature of employee Category: Legal
Type: General, Secondary, Preventative Control Benefit: Ensures
employee knowledge of and responsibility to properly safeguard the
system. Adverse Impact: Lack of knowledge and responsibility would
create usage problems and security issues
Control Evidence In Place: Documented Policy, documents with
employees signatures. In Effect: Understanding of policy by
employees, file of signed policies will exist.
Audit Steps In Place: Review documentation of policy and check
for signatures of all active employees. In Effect: Interview
employees and review file of signed policies.
Image Polymers Company, LLC Covisia Solution, Inc. Test of
Best Practices for the AUP Explain employee rights and
monitoring expectations Educate employees on legal issues State the
consequences of noncompliance Ensure that all the employees are
informed about the AUP
Acceptable Use Policy The System, including the email system
and Internet connections, is the property of the Company. Each
employee is responsible for the use of the System and for observing
all laws. In the event that any employee is found to have
improperly used the System, he or she is subject to disciplinary
action, up to and including immediate dismissal.
Acceptable Use Policy The company may review the following at
its discretion: History of sent and received email by employees
Contents of sent and received email by employees History of access
to the WWW by employees Contents viewed by employees Time spent by
employee on the www Voicemail messages