Discussion Post Assignments | Online Homework Help

Author:

August 6th, 2019

COM520 Written Assignment 7
Assignment: Windows Incident Handling Tools
Assignment Requirements
Responding to incidents in an efficient and repeatable manner depends on having the right tools in place
before incidents occur. While there are many types of tools and utilities available for different purposes,
some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited,
you have been given the task of evaluating various software tools for computer security incident response
team (CSIRT) use.
You should recommend at least one tool for each of the main CSIRT categories of functional needs. You
can select from the list of functional needs given below. For each software tool you should select the most
appropriate functional need(s), it best meets.
Review the text sheet titled Tool Summary (provided below). After you identify the functional needs each
tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows Limited CSIRT.
Explain the reasons for your choice.
Submission Requirements
 Format: Microsoft Word
 Font: Arial, Size 12, Double-Space
 Citation Style: APA Style
Self-Assessment Checklist
 I have identified the correct function to secure incidents of Ken 7 Windows Limited.
 I have explained and given proper reasoning for my choice of tools.
Required Resources (provided below)
 Text Sheet: Case Scenario for Rationale: Importance of Windows Access Control and
Authentication
 Text Sheet: Tools Summary
 Worksheet: Match Tools to CSIRT Functional Needs
Case Scenario for Rationale: Importance of
Windows Access Control and Authentication
© 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Page 1
Ken 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7
Windows Limited carries a variety of Windows and related products. It supplies builders with all of the
tools and supplies to install finished Windows in any type of building.
Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software package
to help control costs and increase both quality and customer responsiveness. The ERP software collects
and stores information including:

 Raw material costs
 Labor costs
 Materials and labor requirements for products
 Purchasing requirements
Ken 7 Windows Limited has identified six basic roles for users in the new ERP software:
 Administrators—maintain ERP data and system operation.
 Planners—run planning software and generate requirements reports.
 Shop Floor users —enter operational data (receiving, shipping, and product progress
during manufacturing).
 Managers—manage department personnel.
 Purchasing users—generate purchasing documents based on planning requirements.
 Accounting users—maintain cost and accounting data.
Access controls limit what users or roles can do with different types of data. For example, consider the
following types of data:
 Cost information—raw materials and labor costs, including the cost of finished goods.
 Manufacturing details—cost, amount of labor, and time required to produce finished
goods.
 Purchasing requirements—rules for determining when raw materials, components, or
supplies should be purchased.
Through access control:
 Cost information can be viewed only by Accounting users.
 Manufacturing details can be viewed only by Shop Floor users.
 Purchasing requirement can be viewed only by Purchasing users.
During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns about
users being able to access restricted data.
 Accounting users are able to login to shop floor computers.
 Purchasing users are able to access human resource (HR) applications and data.
The ERP implementation team suggested the following access control measures to protect restricted
data.
 Create an organizational unit (OU) in Active Directory for shop floor computers.
 Deploy Group Policy Objects (GPOs) to restrict shop floor users to the shop floor OU.
 Define data access controls in the ERP software to deny access for all non-HR users to
restricted data.
Implementation of several access control measures helped Ken 7 Windows Limited to restrict the data
access. Hence access control and authentication is important, as it helped Ken 7 Windows Limited in
reducing costs and increasing profits.
Tools Summary
© 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Page 1
 Archer Incident Management:
http://www.emc.com/security/rsa-archer/rsa-archer-incident-management.htm
“Archer Incident Management centralizes and streamlines the complete case management
lifecycle for cyber and physical incidents and ethics violations. Archer’s web-based solution
allows you to capture organizational events that may escalate into incidents, evaluate incident
criticality, and assign response team members based on business impact and regulatory
requirements. You can also consolidate response procedures, manage investigations end-to-end,
and report on trends, losses, recovery efforts and related incidents. Powered by the Archer
SmartSuite Framework, the Incident Management software solution allows you to effectively
handle incidents that occur anywhere you do business from detection through analysis and
resolution.”
 D3 Incident Reporting:
http://www.d3security.com/products/incident-reporting
“The Incident Reporting Software module is at the core of D3’s end-to-end integrated security
management technology or virtual Security Operations Center (vSOC). The incident reporting
application is easy-to-use and fully customizable. The flexible customization options allow
incident forms, tasks and analysis reports to be designed to your organizations unique
requirements. This greatly reduces unnecessary incident form fields, streamlines adoption of the
system by staff and ensures the appropriate information is being collected.”
 Application for Incident Response Teams (AIRT):
http://airt.leune.com/
“AIRT is a web-based application that has been designed and developed to support the day to
day operations of a computer security incident response team. The application supports highly
automated processing of incident reports and facilitates coordination of multiple incidents by a
security operations center.”
Tools Summary
© 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Page 2
 Request Tracker for Incident Response (RTIR):
http://www.bestpractical.com/index.html
“RT for Incident Response helps your CERT or CSIRT team to efficiently track computer security
incidents big and small. Collaborating with staff from top Incident Response teams, we’ve built a
tool designed to help you manage your entire incident handling workflow. RTIR builds on RT to
track Incident Reports, Incidents which tie together those reports and your Investigations into root
causes and ideal remediation’s. RTIR extends RT with custom data extraction, reporting and
workflow tools as well as a user experience centered around the Incident handling process. Best
Practical offers a full suite of customization, training, deployment and support services for RTIR.
Please contact us for more information.”
 BMC Remedy Action Request System:
http://www.bmc.com/products/product-listing/22735072-106757-2391.html
“Build powerful business workflow applications for Web, Windows, UNIX, and Linux environments
AR System provides a consolidated Service Process Management platform for automating and
managing Service Management business processes.
 Replace outdated manual systems with process automation that speeds the handling of
unique processes
 Out-of-the-box workflow modules commonly used in automating service processes, such as
notifications, escalations and approvals
 Integrate processes with systems across the enterprise
 Adapt and evolve your processes to continually align with the needs of the business
 Manage business process performance in real-time
 Rapidly prototype, deploy, maintain, and iterate service management applications
 Capture and track critical business data”
Web References: Links to Web references in this document are subject to change without prior notice.
These links were last verified on June 26, 2013.
Match Tools to CSIRT Functional Needs
© 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Page 1
Responding to incidents in an efficient and repeatable manner depends on having the right tools in place
before incidents occur. While there are many types of tools and utilities available for different purposes,
some tools support incident handling tasks well. As a security administrator for Ken 7 Windows Limited,
you have been given the task of evaluating various software tools for CSIRT use. You should recommend
at least one tool for each of the main CSIRT categories of functional needs. You can select from the list of
functional needs given below. For each software tool you should select the most appropriate functional
need(s), it best meets.
Review the text sheet titled Tool Summary given to you as a handout. After you identify the functional
needs each tool fulfills, describe which tool, or tools, you would recommend for the Ken 7 Windows
Limited CSIRT. Explain the reasons for your choice.
Select from these CSIRT functional needs:
a. Tracking incidents
b. Reporting on incidents
c. Archiving incidents
d. Communicating incident information
e. Managing an incident’s tasks and activities
Software tools (note which CSIRT functional needs each product meets):
1. Archer Incident Management
2. D3 Incident Reporting
3. Application for Incident Response Teams (AIRT)
4. Request Tracker for Incident Response (RTIR)
5. BMC Remedy Action Request System
Which of the tools listed would you recommend for Ken 7 Windows Limited CSIRT? Why?

Turn in your highest-quality paper
Get a qualified writer to help you with

“ Discussion Post Assignments | Online Homework Help ”

Get high-quality paper

NEW! AI matching with writer

Calculate the price

Make an order in advance and get the best price

Type of paper

Academic level

Deadline

Pages (550 words)

$0.00

*Price with a welcome 15% discount applied.

Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.

We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.

How it works

Receive a 100% original paper that will pass Turnitin from a top essay writing service

step 1

Upload your instructions

Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.

step 2

Control the process

Once you place an order with our professional essay writing services, we will email you login details to your account. There, you'll communicate with the writer and support team and track the writer's progress.

step 3

Download your paper on time

As soon as your work is ready, we’ll notify you via email. You'll then be able to download it from your account and request a revision if needed. Please note that you can also rate the writer's work in your account.

Pro service tips

How to get the most out of your experience with Homework Writing Services

One writer throughout the entire course

If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.

The same paper from different writers

You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."

Copy of sources used by the writer

Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.

Testimonials

See why 20k+ students have chosen us as their sole writing assistance provider

Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.

Business and administrative studies

Great content.

Customer 462275, April 4th, 2022

Other

Excellent.

Customer 454463, May 5th, 2022

Healthcare & Medical

Good work

Customer 463469, October 22nd, 2022

Management

support is great. I am grateful to you and your company. thank you very much.

Customer 454227, April 6th, 2020

Business Studies

Although my order was not delivered at my requested time due to issues with email, the material received was great.

Customer 454605, June 19th, 2020

English 101

I wish the writer would have picked a more natural topic. Although the work is good, it is obvious that the writer of the material is African American. The fact that I am not African American raises questions.

Customer 462899, April 26th, 2022

Retail

This submission was excellently done. Looking foward to your future contribution.

Customer 463463, December 12th, 2022

Education

Excellent.

Customer 452441, April 12th, 2022

English 101

Good one.

Customer 453625, May 25th, 2022

Military

Excellent work.

Customer 456821, November 3rd, 2022

Management

Excellent. Thank you. I am grateful and I am thankful. I hope you have a wonderful day :)

Customer 454227, May 10th, 2020

Education

THANK YOU

Customer 463875, April 27th, 2023

11,595

Customer reviews in total

96%

Current satisfaction rate

3 pages

Average paper length

37%

Customers referred by a friend

OUR GIFT TO YOU

15% OFF your first order

Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.

Claim my 15% OFF Order in Chat