Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Suppose you are the IT professional in charge of security for a small pharmacy t

ID: 3557787 • Letter: S

Question

Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared towards protecting medication and funds located on the premises, as well as the personally identifiable information and protected health information of your customers that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and establishing strong physical and logical access control methods to mitigate the identified risks. 1) Firewall (1) 4) Desktop computers (4) 2) Windows 2012 Active Directory Domain Controllers (DC) (1) 5) Dedicated T1 Connection (1) 3) File Server (1) Technical Project Paper Graphic

Write an eight to ten (8-10) page paper in which you: Identify at least five (5) potential physical threats that require attention. Determine the impact of at least five (5) potential logical threats that require attention. Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats. Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats. For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.

Server 2012 Domain Controller File Server Firewall Dedicated TI Office Area Pharmaceutical Drug Storage Area Back Door (employs only) Window 1 Window 2 Window 3 Customer Entrance from Mall

Explanation / Answer

Firewall:

Threats:

#5 - Commercial VPN services

There are a number of VPN service vendors, but the most popular is GoToMyPC (now owned by Citrix), so I will talk about that service specifically. Implementation for the end user is pretty straightforward:

The user can then logon to their work system and control their desktop remotely. They can even transfer file information by dragging files in or out of the session window.

Preventions:

1) Review outbound firewall logs

Specifically, you want to look at outbound traffic taking place after hours. Filter out patching sites (Microsoft, Adobe, etc.), A/V signature updates, or any other expected pattern. Everything else should be scrutinized. Pay close attention to repeated connection attempts to the same host or subnet at a predictable interval (say every 20-60 seconds).

2) Desktop enforcement

Leverage application control or a similar technology to control which applications your users can install on their desktop. While this option may seem to be the most cumbersome, its also the only one that will work most consistently.

3) Block the IP addresses of known VPN services

While this option will work, it requires research to find out which IPs you should ban. Also, the list is going to change as new vendors come on the scene or IPs get moved around. For these reasons its my least favorite option.

#4: Secure Shell (SSH)

Most people know you can use SSH as a secure replacement for Telnet. What is not as well known is that SSH can be used to tunnel TCP traffic. This can be implemented as either a forward tunnel, or a reverse tunnel.

Preventios:

Take control of all outbound SSH activity. Block TCP/22 outbound and only permit it through when its verified the traffic meets corporate policy. SSH can be configured to listen on any TCP port, so we have to be able to spot non-standard port use as well. Leverage a NIDS or NIPS signature that checks the first three incoming TCP reply packets for an SSH server banner. This should be done on all TCP ports except 22. The banner will contain the string

Related Questions

Suppose you are searching a BST for some value. The three numbers on the left re
Question #3835048
Suppose you are selecting a manufacturing process for a small connecting rod tha
Question #1842001
Suppose you are selling t-shirts at your own t-shirt stand. The supply and deman
Question #1199067
Suppose you are served coffee at a restaurant before you are ready to drink it.
Question #1539191
Suppose you are setting up a pricing scheme for a smartphone data plan. The stan
Question #3670893
Suppose you are setting up several FOBs. Each FOB has about 6-8 tents with appro
Question #3883459
Suppose you are setting up the photoelectric effect experiment using the apparat
Question #1541835
Suppose you are setting up the photoelectric effect experiment using the apparat
Question #1542023
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Suppose you are the IT director at Just-in-Time Airfreight, and you have receive
Next
Suppose you are the IT professional in charge of security for a small pharmacy t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.