Share
Explore BrainMass

IT Security weaknesses

Assessing the Root Cause of IT Security Weaknesses:
You are conducting an IT audit of your company's Unix security controls. You are reviewing several system-based reports and determine that several Unix servers do not comply with the corporate information security policies. Develop a recommendation that will help management fix the root cause of this issue.

Assessing the Identity Management Process:
A global bank recently identified issues with their user identity management process, specifically related to the modification of users IDs when an employee transfers departments and deletions when employees leave the bank. You have been hired as a consultant. Provide a list of key control recommendations that will help management improve their user access management process. [Identify at least 5 recommendations]

Preparing for an IT Audit of the Help Desk:
You are preparing to conduct an audit of your company's service management process and related Help Desk procedures. Develop five questions for the Help Desk Manager to aid in your audit planning activities.

Business Continuity Planning - Board Responsibilities - Creating a Persuasive Risk Management Argument:
You are nearing completion of an IT audit of your company's Business Continuity Planning (BCP) program. You have noted that the Board has not approved the BCP plan. You have performed some research and came across some guidance written by the FFIEC. Use the FFIEC guidance to help develop a persuasive recommendation that highlights the Board's responsibilities.

Solution Preview

The goal of corporate security policy is to define procedures, guidelines, and processes for managing security in the business environment. The role of server is to host security program to client programs installed on each network device. When a client attempts to log on to the network, server scans the device to make sure that it complies with corporate security policies before allowing access to the network. When the server itself does not comply, there is huge risk of non-compliance from attached client devices.

The first step is to find out there is problem with hardware or network. If the problem lies with the hardware, such servers need to be replaced. If the problem is with network, thorough check is required to find out what policy servers do not comply. Analyze the network for any intrusion or virus. The system administrator needs to look into security events log to pin point specific problem of non-compliance.

Assessing the Identity Management Process:
A global bank recently identified issues ...

Solution Summary

The root causes of IT security weaknesses are examined. The expert assess the identity management process.

$2.19