IS 3350 Week 1

IS 3350 Week 1

 

Part A – Asset Identification & Asset Classification
Overview 
In order to protect privacy data and implement security controls, you have to identify the IT assets that contain and/or access privacy data. In addition, it is important to identify where and how users access privacy data throughout the IT infrastructure and assess if that privacy data is stored outside of its protected environment. This lab investigates how to perform an IT asset identification and asset classification exercise for a Mock IT Infrastructure. 
Circle one of the following scenarios and compliance requirements and then perform your asset identification and asset classification exercise from that perspective.

IS 3350 Week 1

Lab #1 – Assessment Worksheet
Part B – Asset Identification & Asset Classification
1.   What is the purpose of identifying IT assets and inventory?
2.   What is the purpose of an asset classification?
3.   For the scenario you picked, give three (3) examples of customer privacy data elements.
4.   Why is your organization’s website classification minor but its e-commerce server considered critical for your scenario?
5.   Why would you classify customer privacy data and intellectual property assets as critical?
6.   What are some examples of security controls for recent compliance law requirements?
7.   How can a Data Classification Standard help with asset classification?
8.   How can you minimize leakage of customer privacy data through the public Internet?
9.   Given the importance of the Master SQL database that houses customer privacy data and intellectual property assets, what security controls and security countermeasures can you apply to help protect these assets?

IS 3350 Week 1

10. From a legal and liability perspective, what recommendations do you have for ensuring theconfidentiality of customer privacy data throughout the Mock IT Infrastructure?
11. What can your organization document and implement to help mitigate the risks, threats and liabilities typically found within an IT Infrastructure?
12. True or False.   Organizations under recent compliancy laws such as HIPAA and GLBA are mandated to have documented IT security policies, standards, procedures, and guidelines.
13. Why is it important to identify where privacy data resides throughout your IT infrastructure?
14. True or False.   An Asset Classification Policy is needed to help organizations manage and maintain proper security controls and security countermeasures for prioritized assets of the organization.
15. True or False.   Organizations that require employees to access customer privacy data should have proper background checks and may be required to sign a confidentiality agreement given their exposure to confidential information.

IS 3350 Week 1

Order 100% Plagiarism Free Essay Now

Get a 20 % discount on an
order above $ 120
Use the following coupon code :
today2015

error: Content is protected !!