Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Suppose you are the IT professional in charge of security for a small pharmacy t

ID: 3557879 • Letter: S

Question

Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared towards protecting medication and funds located on the premises, as well as the personally identifiable information and protected health information of your customers that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and establishing strong physical and logical access control methods to mitigate the identified risks. 1) Firewall (1) 4) Desktop computers (4) 2) Windows 2012 Active Directory Domain Controllers (DC) (1) 5) Dedicated T1 Connection (1) 3) File Server (1)

Write an eight to ten (8-10) page paper in which you: Identify at least five (5) potential physical threats that require attention. Determine the impact of at least five (5) potential logical threats that require attention. Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats. Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats. For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies. For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.

Explanation / Answer

Firewall

One kind of firewall is a packet filtering firewall. Filtering firewalls screen packets based on addresses and packet options. They operate at the IP packet level and make security decisions (really, "to forward, or not to forward this packet, that is the question") based on the headers of the packets.

Circuit gateways operate at the network transport layer. Again, connections are authorized based on addresses. Like filtering gateways, they (usually) cannot look at data traffic flowing between one network and another, but they do prevent direct connections between one network and another.

Application gateways or proxy-based firewalls operate at the application level and can examine information at the application data level. (We can think of this as the contents of the packets, though strictly speaking proxies do not operate with packets.) They can make their decisions based on application data, such as commands passed to FTP, or a URL passed to HTTP. It has been said that application gateways "break the client/server model."

A firewall intercepts and controls traffic between networks with differing levels of trust. It is part of the network perimeter defense of an organization and should enforce a network security policy. By Cheswick's and Bellovin's definition, it provides an audit trail. A firewall is a good place to support strong user authentication as well as private or confidential communications between firewalls. As pointed out by Chapman and Zwicky , firewalls are an excellent place to focus security decisions and to enforce a network security policy. They are able to efficiently log internetwork activity, and limit the exposure of an organization.

What a Firewall Cannot Do

Firewalls are terrible at reading people's minds or detecting packets of data with "bad intent." They often cannot protect against an insider attack (though might log network activity, if an insider uses the Internet gateway in his crime). Firewalls also cannot protect connections that do not go through the firewall. In other words, if someone connects to the Internet through a desktop modem and telephone, all bets are off. Firewalls provide little protection from previously unknown attacks, and typically provide poor protection against computer viruses.

Windows 2012 Active Directory Domain Controllers

we need to add additional Domain Controller

Related Questions

Suppose you are selecting a manufacturing process for a small connecting rod tha
Question #1842001
Suppose you are selling t-shirts at your own t-shirt stand. The supply and deman
Question #1199067
Suppose you are served coffee at a restaurant before you are ready to drink it.
Question #1539191
Suppose you are setting up a pricing scheme for a smartphone data plan. The stan
Question #3670893
Suppose you are setting up several FOBs. Each FOB has about 6-8 tents with appro
Question #3883459
Suppose you are setting up the photoelectric effect experiment using the apparat
Question #1541835
Suppose you are setting up the photoelectric effect experiment using the apparat
Question #1542023
Suppose you are setting up the photoelectric effect experiment using the apparat
Question #1545005
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Suppose you are the IT professional in charge of security for a small pharmacy t
Next
Suppose you are the IT professional in charge of security for a small pharmacy t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.