SERT ARTICLE Final
Uploaded by
super pkSERT ARTICLE Final
Uploaded by
super pkSecurity
Article
Mechanisms to control education organizational IT security
Pearson ID: RF98612
HND 52 Thut Htet Htoo
Table of Contents
Introduction ........................................................................................ 3
What is IT security? .............................................................................. 4
Why IT security is important for Educational Environment? ........................ 5
Protection ........................................................................................... 7
Three main mechanisms to Protect IT security (AAA) ................................ 7
1.Authentication ways ........................................................................... 8
2.Authorization ways .......................................................................... 12
3.Accountability ways ......................................................................... 16
Recommended Tools for AAA ............................................................... 21
Physical Securities & Policies to control IT Security.................................. 34
Risk Management Procedures............................................................... 42
Summarization of risk management procedures for Tactic Hub ................ 45
What is an audit? ............................................................................... 47
Why audit is important for educational environment? .............................. 47
Analyzing the impact of Audit ............................................................... 48
Recommendations for Tactic Hub to Align Misaligned Security Policies........ 50
Justifying the elements that I had chosen for Tactic Hub .......................... 53
Evaluating the suitability of tools for educational security policies .............. 54
References; ....................................................................................... 57
Security Article for Tactic Hub 2
HND 52 Thut Htet Htoo
Introduction
I am a Junior IT Security Specialist at Matrix52 Security Service and Solutions
Company. The company provides physical and IT security solutions, installing and
monitoring security infrastructure and digital assets all around Myanmar. A few days ago,
the management of the Business Portal planned to create a security article for distribution
and education purposes internally. Consequently, the department head assigned me the
task of preparing a colorful article book for the Tactic Hub. Now, I am here to implement
the requirements for the Tactic Hub.
Security Article for Tactic Hub 3
HND 52 Thut Htet Htoo
What is IT security?
IT security, also known as Information Technology security, encompasses measures
and strategies aimed at protecting computer systems, networks, and data from
unauthorized access, use, disclosure, disruption, modification, or destruction. Its primary
goal is to ensure the confidentiality, integrity, and availability of information technology
resources. IT security involves various practices, such as implementing firewalls, antivirus
software, intrusion detection systems, encryption techniques, and access controls. As
cyber threats continue to evolve, IT security plays a crucial role in safeguarding
organizations' digital assets and maintaining trust among stakeholders.
Security Article for Tactic Hub 4
HND 52 Thut Htet Htoo
Why IT security is important for Educational Environment?
IT security is important in educational environments for several reasons:
1. Protection of Sensitive Data: Educational institutions store vast amounts of
sensitive data, including student records, grades, financial information, and research
data. Protecting this information is vital to maintaining privacy and preventing
identity theft or financial fraud.
2. Prevention of Cyberattacks: Educational institutions are often targeted by
cybercriminals due to the valuable data they possess. Attacks such as ransomware,
phishing, and data breaches can disrupt operations, compromise sensitive
information, and damage the institution's reputation.
3. Preservation of Intellectual Property: Universities and research institutions
generate significant intellectual property through research findings, inventions, and
proprietary software. Securing IT systems, helps safeguard this intellectual property
from theft or unauthorized access.
Security Article for Tactic Hub 5
HND 52 Thut Htet Htoo
4. Maintaining Continuity of Learning: Dependence on digital technologies for
teaching and learning means that any disruption to IT systems can significantly affect
the continuity of education. Ensuring the availability and reliability of IT infrastructure
is essential for uninterrupted learning.
5. Protecting Against Insider Threats: Educational environments can also be
vulnerable to insider threats, where individuals within the institution misuse their
access to IT systems for malicious purposes. Implementing proper access controls
and monitoring systems can help mitigate this risk.
In conclusion, prioritizing IT security in educational environments is essential for
safeguarding sensitive data, preventing cyberattacks, preserving intellectual property,
ensuring continuity of learning, complying with regulations, mitigating insider threats, and
promoting a culture of digital responsibility.
That is why it is imperative to prioritize protection measures before these risks
materialize. By implementing robust security measures, such as encryption, access
controls, intrusion detection systems, and security awareness training, educational
institutions can mitigate the impact of security incidents and prevent unauthorized access
to sensitive information.
Security Article for Tactic Hub 6
HND 52 Thut Htet Htoo
Protection
Three main mechanisms to Protect IT security (AAA)
In schools and colleges today, using computers and the internet is common.
However, it is important to keep things safe and secure. That is where IT security comes
in. It helps protect our information and make sure, only the right people can access it.
There are three main ways to do this: authentication, authorization and
accountability. These three things help keep our digital world safe for learning.
Why AAA is important?
AAA is crucial because firstly, Authentication ensures that only authorized individuals
can access sensitive information or systems, preventing unauthorized access and potential
data breaches. Secondly, Authorization specifies the level of access granted to users,
ensuring that they can only interact with resources relevant to their roles or
responsibilities, enhancing data security and integrity. Lastly, Accountability mechanisms
track and record user actions, enabling the identification and mitigation of security
breaches, promoting a culture of responsibility and trust within the digital environment.
Overall, AAA plays a vital role in safeguarding IT infrastructure, protecting sensitive data,
and maintaining the overall security posture of an organization.
Security Article for Tactic Hub 7
HND 52 Thut Htet Htoo
1. Authentication ways
Authentication ways are methods used to confirm the identity of users before
granting access to systems or data, such as passwords, biometrics, or two-factor
authentication.
a. Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) requires users to provide two or more verification
factors to gain access to an account. These factors typically include something the user
knows (e.g., a password), something the user has (e.g., a smartphone or token), and
something the user is (e.g., a fingerprint or facial recognition).
Suitability
MFA is suitable for educational environments because it adds an extra layer of
security to protect sensitive information. With the prevalence of cyber threats, educational
institutions often store valuable data such as student records, financial information, and
research data. Implementing MFA, helps mitigate the risk of unauthorized access even if
a password is compromised.
Pros
• Provides an additional layer of security beyond passwords.
• Effective in preventing unauthorized access, even if passwords are compromised.
Cons
• May require additional hardware or software.
• Can be perceived as cumbersome or time-consuming for users.
Security Article for Tactic Hub 8
HND 52 Thut Htet Htoo
b. Biometric Authentication
Biometric authentication uses unique biological characteristics such as fingerprints,
iris patterns, or facial features to verify a user's identity.
Suitability
Biometric authentication is suitable for educational environments because it offers
a convenient and secure way for users to access systems and resources without the need
to remember passwords or carry physical tokens. This can be especially beneficial in
environments with a large number of users, such as universities or schools, where
password management can become cumbersome.
Pros
• Difficult to forge or replicate.
• Convenient for users as it eliminates the need to remember passwords.
Cons
• Biometric data can be stolen or spoofed.
• Not all devices support biometric authentication.
Security Article for Tactic Hub 9
HND 52 Thut Htet Htoo
c. One-Time Passwords (OTP)
One-Time Passwords (OTP) are temporary passwords that are typically valid for a
single login session or transaction. They are often generated using a mobile app, hardware
token, or sent via SMS or email.
Suitability
OTP is suitable for educational environments because it provides an additional layer
of security without requiring users to memorize complex passwords. It can be particularly
useful for scenarios where users need to access systems remotely or conduct secure
transactions, such as online exams or accessing learning management systems.
Pros
• Provides a temporary code that is valid for a single use, enhancing security.
• Can be delivered through various channels (SMS, email, authentication apps).
Cons
• Vulnerable to interception if sent via insecure channels.
• Requires users to have access to the device or channel through which the OTP is
delivered.
Security Article for Tactic Hub 10
HND 52 Thut Htet Htoo
d. Token-based Authentication
Token-based authentication involves the use of a physical device (token) that
generates a unique code for authentication purposes. These tokens can be hardware
tokens or software-based tokens generated through mobile apps.
Suitability
Token-based authentication is suitable for educational environments because it
offers a portable and secure method for users to authenticate their identities. Users can
carry the token with them or install the token-generating app on their mobile devices,
enabling convenient access to resources while maintaining security.
Pros
• Generates a unique token for each authentication attempt, enhancing security.
• Tokens can have a limited validity period, reducing the risk of unauthorized access.
Cons
• Requires the implementation and management of token generation and validation
systems.
• Tokens can be intercepted or stolen if not transmitted securely.
Security Article for Tactic Hub 11
HND 52 Thut Htet Htoo
2. Authorization ways
Authorization in AAA determines what actions or resources a user is allowed to
access or perform within a system or network.
a. Role-Based Access Control (RBAC)
Role-Based Access Control (RBAC) is a method of restricting system access based
on roles assigned to individual users within an organization. Each role is associated with
specific permissions and access rights.
Suitability
RBAC is suitable for educational environments because it allows administrators to
efficiently manage access to resources based on predefined roles, such as student, faculty,
staff, or administrator. This simplifies access control and ensures that users have access
only to the resources necessary for their roles.
Pros
• Allows administrators to assign specific permissions to users based on their roles.
• Reduces the risk of unauthorized access by enforcing the principle of least privilege.
Cons
• Requires careful planning and maintenance of role definitions.
• Can lead to overly complex permission structures if not properly managed.
Security Article for Tactic Hub 12
HND 52 Thut Htet Htoo
b. Attribute-Based Access Control (ABAC)
Attribute-Based Access Control (ABAC) is a method of access control that evaluates
various attributes about the user, the resource, and the environment before granting
access. These attributes can include user roles, organizational affiliations, time of access,
and other contextual information.
Suitability
ABAC is suitable for educational environments because it offers granular control over
access permissions based on a wide range of attributes. This flexibility is particularly
beneficial in educational settings where access requirements may vary based on factors
such as course enrollment, academic standing, or research affiliations.
Pros
• Enables access decisions based on multiple attributes, such as user characteristics and
environmental factors.
• Offers granular control over access permissions, enhancing security and flexibility.
Cons
• May require significant implementation effort and ongoing management to define and
enforce policies.
• Can introduce complexity, particularly in dynamic environments with evolving access
requirements.
Security Article for Tactic Hub 13
HND 52 Thut Htet Htoo
c. Mandatory Access Control (MAC)
Mandatory Access Control (MAC) is a security model where access permissions are
determined by a central authority based on security labels assigned to both subjects (e.g.,
users) and objects (e.g., files or resources).
Suitability
MAC is suitable for educational environments, especially in scenarios where strict
data confidentiality and integrity requirements exist, such as research facilities or
institutions handling sensitive information.
Pros
• Enforces access policies defined by a central authority, enhancing consistency and
security.
• Mitigates the risk of accidental data breaches or unauthorized access.
Cons
• May limit flexibility and user autonomy, particularly in decentralized or dynamic
environments.
• Requires careful planning and configuration to ensure compatibility with organizational
needs.
Security Article for Tactic Hub 14
HND 52 Thut Htet Htoo
d. Rule-Based Access Control (RBAC)
Rule-Based Access Control (RBAC) is an access control model where access
decisions are based on predefined rules or policies.
Suitability
RBAC is suitable for educational environments because it provides a flexible and
customizable approach to access control. Institutions can define rules based on specific
criteria such as user attributes, resource classifications, or contextual conditions.
Pros
• Allows access decisions based on predefined rules or conditions, offering flexibility and
adaptability.
• Facilitates automated enforcement of access policies, reducing administrative
overhead.
Cons
• May require expertise in rule definition and maintenance to ensure effectiveness and
accuracy.
• Can become complex and difficult to manage as the number of rules increases.
Security Article for Tactic Hub 15
HND 52 Thut Htet Htoo
3. Accountability ways
In AAA, accountability involves keeping records of user activities and events to trace
actions back to specific individuals for auditing and security purposes.
a. Audit Logs
Audit logs are records that capture detailed information about system activities,
such as user logins, file access, and changes to configurations. These logs provide a
chronological trail of events that can be used for monitoring, analysis, and investigation
purposes.
Suitability
Audit logs are suitable for educational environments because they help ensure
accountability by providing visibility into who accessed what resources and when. This
transparency is essential for tracking user behavior, identifying security incidents, and
complying with regulatory requirements.
Pros
• Provides a detailed record of user actions and system events.
• Facilitates post-incident analysis and forensic investigations.
Cons
• Requires storage and management of large volumes of data.
• May introduce privacy concerns if not appropriately handled.
Security Article for Tactic Hub 16
HND 52 Thut Htet Htoo
b. Activity Monitoring Tools
Implement activity monitoring solutions that track user actions, system changes,
and network traffic in real-time. These tools provide detailed logs of user activities,
including logins, file accesses, system configurations, and application usage.
Suitability
Activity monitoring tools are suitable for educational environments because they
enhance cybersecurity awareness among students and staff by providing insights into
online behaviors, thus promoting responsible digital citizenship. Additionally, they aid in
maintaining a safe online learning environment by enabling quick detection and response
to security incidents, ensuring uninterrupted academic activities.
Pros
• Activity monitoring tools offer insights into user behavior, aiding in identifying security
risks and promoting safe online practices.
• These tools enable swift detection and response to security incidents, reducing the
impact of breaches or unauthorized access.
Cons
• Continuous monitoring may raise privacy issues among students and faculty,
potentially leading to resistance or distrust.
• Implementing and managing activity monitoring tools can demand significant
resources, especially in larger educational institutions.
Security Article for Tactic Hub 17
HND 52 Thut Htet Htoo
c. Network Packet Analysis
Utilize network packet analysis tools to capture and analyze network traffic for signs
of suspicious or unauthorized activity. These tools provide detailed insights into network
communications, allowing administrators to identify anomalies, intrusions, or malicious
activities.
Suitability
Network packet analysis is well suited for educational environments as it offers
comprehensive threat detection capabilities, allowing institutions to safeguard sensitive
data and resources against cyber threats such as malware and unauthorized access
attempts. Furthermore, real-time monitoring and analysis of network traffic enable swift
incident response, minimizing disruptions to academic operations and ensuring the
continuous delivery of educational services.
Pros
• Network packet analysis enables real-time monitoring and detection of suspicious
network activity, enhancing cybersecurity defenses.
• Detailed packet-level analysis provides valuable data for investigating security
incidents and preventing future occurrences.
Cons
• Network packet analysis demands specialized expertise for effective interpretation and
analysis, posing challenges in educational environments with limited cybersecurity
resources.
• Continuous packet analysis may strain network resources, potentially affecting the
performance of essential educational applications and services.
Security Article for Tactic Hub 18
HND 52 Thut Htet Htoo
d. Endpoint Detection and Response (EDR)
Deploy endpoint detection and response solutions on devices such as computers,
laptops, and mobile devices. EDR tools monitor endpoint activities and behavior, detect
potential security threats in real-time, and facilitate rapid incident response and
remediation.
Suitability
Endpoint Detection and Response (EDR) solutions are particularly suitable for
educational environments due to their ability to provide advanced endpoint protection and
security policy enforcement across diverse devices used for teaching and learning. By
offering real-time threat detection and automated response mechanisms, EDR solutions
bolster the overall cybersecurity posture of educational institutions, safeguarding sensitive
data and resources from malicious activities.
Pros
• EDR solutions offer advanced protection against malware, ransomware, and cyber
threats, ensuring device security.
• EDR tools enable consistent security policy enforcement across all endpoints, reducing
the risk of breaches.
Cons
• EDR solutions can be expensive to implement and maintain, potentially hindering
widespread deployment in educational institutions.
• EDR agents may consume system resources, affecting device performance, particularly
on older or less powerful devices in educational settings.
Security Article for Tactic Hub 19
HND 52 Thut Htet Htoo
e. User Behavior Analytics (UBA)
Implement user behavior analytics solutions that analyze user activities and behaviors to
detect anomalies and potential insider threats. UBA tools use machine learning algorithms
to identify deviations from normal behavior patterns and alert administrators to suspicious
activities.
Suitability
User Behavior Analytics (UBA) is well-suited for educational environments as it
enables proactive identification of security threats by analyzing user activity patterns
across digital platforms. By leveraging machine learning algorithms, UBA tools help
mitigate insider threats and compromised accounts, thus enhancing the security defenses
of educational institutions and protecting critical assets from potential breaches.
Pros
• UBA tools use machine learning to identify potential security threats by analyzing user
behavior patterns.
• UBA solutions proactively address risky behavior, strengthening cybersecurity and
protecting sensitive data.
Cons
• UBA tools may produce false alarms, causing alert fatigue and diverting resources from
genuine security issues.
• Integrating UBA tools into existing infrastructure can be complex, requiring
customization to fit educational environments' unique needs.
Security Article for Tactic Hub 20
HND 52 Thut Htet Htoo
Recommended Tools for AAA
Tools for Authentication
a. Multi-Factor Authentication (MFA)
Google Authenticator
Google Authenticator is a mobile application that provides MFA by generating one-
time codes for authentication. It requires users to enter both their password and a
temporary code generated by the app to access their accounts.
Suitability for Educational Environment
Google Authenticator enhances security in educational environments by requiring
users to provide an additional form of authentication beyond their password. It helps
protect sensitive data such as student records and research findings from unauthorized
access.
Pros
• Provides an additional layer of security beyond passwords.
• Easy to use and set up for users.
• Supports multiple accounts and services.
Cons
• Relies on the user's mobile device, which could be lost or stolen.
• Users may find it slightly inconvenient to switch between apps for authentication.
Security Article for Tactic Hub 21
HND 52 Thut Htet Htoo
b. Biometric Authentication
Windows Hello
Windows Hello is a biometric authentication feature built into Windows 10. It allows
users to log in to their devices using facial recognition, fingerprint scanning, or iris
scanning.
Suitability for Educational Environment
Windows Hello provides a convenient and secure way for students, teachers, and
staff to access devices and resources within an educational environment. It offers strong
authentication without the need to remember passwords.
Pros
• Offers strong authentication based on biometric data.
• Eliminates the need to remember passwords.
• Works seamlessly with Windows devices and services.
Cons
• Requires devices equipped with compatible biometric sensors.
• Privacy concerns may arise regarding the collection and storage of biometric data.
Security Article for Tactic Hub 22
HND 52 Thut Htet Htoo
c. One-Time Passwords (OTP)
Authy
Authy is a mobile and desktop application that generates one-time passwords for
authentication. It supports two-factor authentication (2FA) and works with various
websites and services.
Suitability for Educational Environment
Authy provides a convenient way for users to generate and manage one-time
passwords for authentication. It enhances security by requiring an additional factor
beyond passwords, helping to protect sensitive educational data.
Pros
• Supports two-factor authentication for added security.
• Works across multiple devices, including mobile and desktop.
• Can be used with a wide range of websites and services.
Cons
• Relies on the user's mobile or desktop device, which could be lost or stolen.
• Users may find it slightly inconvenient to switch between apps for authentication.
Security Article for Tactic Hub 23
HND 52 Thut Htet Htoo
d. Token-based Authentication
RSA SecurID
RSA SecurID is a token-based authentication system that provides secure access to
networks and applications. It uses hardware or software tokens to generate one-time
passcodes for authentication.
Suitability for Educational Environment
RSA SecurID offers a high level of security for accessing educational resources and
networks. It provides strong authentication using tokens, helping to prevent unauthorized
access to sensitive data.
Pros
• Provides strong authentication with hardware or software tokens.
• Supports a wide range of applications and platforms.
• Offers flexibility in token deployment options.
Cons
• Requires additional hardware or software for token generation.
• Managing and distributing tokens can be complex and time-consuming.
Security Article for Tactic Hub 24
HND 52 Thut Htet Htoo
Tools for Authorization
a. Role-Based Access Control (RBAC)
Amazon Web Services (AWS) Identity and Access Management (IAM)
AWS IAM is a web service that enables you to manage access to AWS services and
resources securely. It allows you to create and manage users, groups, and permissions to
control access to AWS resources.
Suitability for Educational Environment
AWS IAM provides a flexible and scalable RBAC solution for managing access to
educational resources hosted on the AWS cloud platform. It allows educational institutions
to grant permissions based on roles, ensuring that users have the appropriate level of
access.
Pros
• Granular control over access to AWS resources based on roles.
• Easily scalable to accommodate growing numbers of users and resources.
• Integration with AWS services for centralized access management.
Cons
• Complex setup and configuration may require expertise or training.
• Users with extensive permissions may inadvertently access sensitive resources.
Security Article for Tactic Hub 25
HND 52 Thut Htet Htoo
b. Attribute-Based Access Control (ABAC)
Axiomatics Policy Server
Axiomatics Policy Server is a comprehensive ABAC solution that enables
organizations to define and enforce fine-grained access control policies based on attributes
such as user roles, location, device, and time.
Suitability for Educational Environment
Axiomatics Policy Server offers a flexible and dynamic access control solution for
educational institutions, allowing them to define policies based on various attributes to
regulate access to sensitive data and resources.
Pros
• Fine-grained access control based on multiple attributes.
• Dynamic enforcement of access policies in real-time.
• Integration with existing identity management systems and directory services.
Cons
• Requires thorough planning and policy definition to ensure effective implementation.
• Implementation may require customization and integration efforts.
Security Article for Tactic Hub 26
HND 52 Thut Htet Htoo
c. Mandatory Access Control (MAC)
SELinux (Security-Enhanced Linux)
SELinux is a security enhancement to the Linux operating system that implements
MAC policies. It provides a flexible framework for enforcing access control policies based
on labels assigned to processes and files.
Suitability for Educational Environment
SELinux offers a robust MAC solution for securing Linux-based systems and
resources in educational environments. It allows administrators to define and enforce
access policies at the kernel level, enhancing security and isolation.
Pros
• Strong isolation of processes and resources based on labels.
• Fine-grained control over access to system resources.
• Integration with Linux distributions for seamless deployment.
Cons
• Complex configuration and management may require specialized knowledge.
• Misconfigurations can lead to unintended access restrictions or system issues.
Security Article for Tactic Hub 27
HND 52 Thut Htet Htoo
d. Rule-Based Access Control (RBAC)
Microsoft Active Directory (AD)
Microsoft Active Directory is a directory service that provides authentication and
authorization services in Windows environments. It allows administrators to define access
control rules based on user roles and group memberships.
Suitability for Educational Environment
Active Directory offers a robust RBAC solution for managing access to resources such as
files, printers, and applications within educational institutions. It allows administrators to
assign permissions to users and groups based on predefined rules.
Pros
• Centralized management of user accounts and access permissions.
• Granular control over access to resources based on user roles and groups.
• Integration with Microsoft Windows environments and services.
Cons
• Requires Windows infrastructure and expertise for deployment and management.
• Limited support for non-Windows platforms and applications.
Security Article for Tactic Hub 28
HND 52 Thut Htet Htoo
Tools for Accountability
a. Audit Logs
Splunk
Splunk is a platform for searching, monitoring, and analyzing machine-generated
data, including logs, events, and metrics. It provides real-time visibility into system
activities and enables organizations to detect and investigate security incidents.
Suitability for Educational Environment
Splunk helps educational institutions maintain audit trails and monitor user activities
to ensure compliance with security policies and regulations. It allows administrators to
track changes, detect anomalies, and investigate security incidents.
Pros
• Centralized logging and monitoring of system activities.
• Real-time alerting and correlation of security events.
• Advanced analytics and visualization capabilities for identifying trends and patterns.
Cons
• Costly licensing and infrastructure requirements, especially for large-scale
deployments.
• Steep learning curve for configuring and optimizing the platform.
Security Article for Tactic Hub 29
HND 52 Thut Htet Htoo
b. Activity Monitoring Tools
SolarWinds Security Event Manager (formerly Log & Event Manager)
SolarWinds Security Event Manager is a comprehensive solution for monitoring and
analyzing security events across networks and systems. It collects and correlates log data
from various sources to detect and respond to security threats.
Suitability for Educational Environment
SolarWinds Security Event Manager provides real-time monitoring and alerting
capabilities to help educational institutions detect and respond to security incidents
proactively. It enables administrators to monitor user activities, track changes, and
investigate security events.
Pros
• Centralized collection and analysis of log data from diverse sources.
• Real-time alerting and response to security incidents.
• Compliance reporting and auditing features for regulatory requirements.
Cons
• Costly licensing and maintenance fees may be prohibitive for some educational
institutions.
• Requires dedicated resources for deployment, configuration, and ongoing
management.
Security Article for Tactic Hub 30
HND 52 Thut Htet Htoo
c. Network Packet Analysis
Wireshark
Wireshark is a widely-used network protocol analyzer that allows users to capture
and interactively browse the traffic running on a computer network. It provides detailed
information about network packets, helping to troubleshoot network issues and analyze
security threats.
Suitability for Educational Environment
Wireshark is valuable in educational environments for teaching networking concepts,
as well as for security analysis and monitoring. It allows students and administrators to
examine network traffic, understand protocols, and identify security vulnerabilities.
Pros
• Comprehensive protocol support for analyzing various network traffic types.
• User-friendly interface with powerful filtering and analysis capabilities.
• Open-source and freely available, making it accessible for educational use.
Cons
• Requires some level of networking knowledge to interpret captured data effectively.
• Capturing network traffic may raise privacy concerns and require appropriate
permissions.
Security Article for Tactic Hub 31
HND 52 Thut Htet Htoo
d. Endpoint Detection and Response (EDR)
CrowdStrike Falcon
CrowdStrike Falcon is a cloud-native endpoint security platform that provides
advanced threat detection and response capabilities. It uses machine learning and
behavioral analysis to identify and block malware, ransomware, and other security threats.
Suitability for Educational Environment
CrowdStrike Falcon helps educational institutions protect their endpoints, such as
desktops, laptops, and servers, from cyber threats. It provides real-time visibility into
endpoint activities, enabling rapid detection and response to security incidents.
Pros
• Real-time threat detection and response to endpoint security threats.
• Lightweight agent with minimal performance impact on endpoints.
• Centralized management and reporting through a cloud-based platform.
Cons
• Costly subscription-based pricing model, which may be prohibitive for some educational
institutions.
• Requires reliable internet connectivity for cloud-based management and threat
intelligence updates.
Security Article for Tactic Hub 32
HND 52 Thut Htet Htoo
e. User Behavior Analytics (UBA)
Exabeam
Exabeam is a user behavior analytics platform that helps organizations detect and
respond to insider threats, compromised accounts, and other security risks. It uses
machine learning and data science techniques to analyze user activities and identify
anomalies.
Suitability for Educational Environment
Exabeam is beneficial for educational institutions to monitor and analyze user
behavior across their IT infrastructure. It helps detect unauthorized access, data
exfiltration, and other security incidents by analyzing patterns and anomalies in user
activities.
Pros
• Advanced machine learning algorithms for detecting insider threats and unusual
behavior.
• Centralized dashboard for visualizing and investigating security incidents.
• Integration with existing security tools and data sources for comprehensive threat
detection.
Cons
• Complex implementation and configuration may require specialized expertise.
• Costly licensing and subscription fees, especially for large-scale deployments.
Security Article for Tactic Hub 33
HND 52 Thut Htet Htoo
Physical Securities & Policies to control IT Security
In an educational environment, ensuring both physical security and IT security is
crucial for protecting sensitive data, intellectual property, and maintaining a safe
environment for students and staff. Here are some policies and practices to consider:
Physical Securities for Tactic Hub
1. Restricted Access Control
Implement restricted access control to sensitive areas such as server rooms, data
centers, and administrative offices. Use electronic keycards, biometric scanners, or PIN
codes for access control.
Why it is suitable for Educational Environment
Implementing restricted access control measures ensures that only authorized
personnel have access to sensitive areas such as server rooms, data centers, and
administrative offices. This is crucial in an educational environment where there may be
valuable resources such as student records, research data, or expensive equipment that
need protection. By using electronic keycards, biometric scanners, or PIN codes,
institutions can effectively control and monitor who enters these areas, reducing the risk
of unauthorized access and potential security breaches.
Security Article for Tactic Hub 34
HND 52 Thut Htet Htoo
2. Surveillance Cameras
Install surveillance cameras in critical areas to monitor activities and deter
unauthorized access or activities.
Why it is suitable for Educational Environment
Installing surveillance cameras in critical areas provides an additional layer of
security by allowing continuous monitoring of activities. In an educational setting,
surveillance cameras can help deter vandalism, theft, or other unauthorized activities.
Moreover, they can provide valuable evidence in case of incidents or security breaches,
aiding in investigations and ensuring accountability.
3. Visitor Management System
Implement a visitor management system to track and manage visitors entering the
premises. Require all visitors to sign in and provide identification.
Why it is suitable for Educational Environment
Implementing a visitor management system is essential for tracking and managing
visitors entering the premises. In educational institutions, there may be various visitors
such as parents, vendors, or guest speakers who need access to the facilities. By requiring
all visitors to sign in and provide identification, institutions can keep track of who is on
campus at any given time, enhancing overall security and safety measures.
Security Article for Tactic Hub 35
HND 52 Thut Htet Htoo
4. Secure Storage
Ensure that physical documents, storage devices, and other sensitive materials are
stored securely in locked cabinets or rooms.
Why it is suitable for Educational Environment
Ensuring that physical documents, storage devices, and other sensitive materials
are stored securely in locked cabinets or rooms is crucial for protecting confidential
information and preventing unauthorized access. Educational environments often handle
sensitive data such as student records, financial information, or research data that need
to be safeguarded. By securely storing these materials, institutions can mitigate the risk
of theft, loss, or unauthorized disclosure.
5. Physical Security Audits
Conduct regular physical security audits to identify vulnerabilities and ensure
compliance with security policies.
Why it is suitable for Educational Environment
Conducting regular physical security audits is vital for identifying vulnerabilities and
ensuring compliance with security policies. By regularly assessing the effectiveness of
security measures and identifying potential weaknesses, educational institutions can
proactively address security concerns and implement necessary improvements.
Additionally, physical security audits help maintain compliance with regulatory
requirements and demonstrate a commitment to ensuring a safe and secure learning
environment for students, staff, and visitors.
Security Article for Tactic Hub 36
HND 52 Thut Htet Htoo
6. Vehicle Security
Installing adequate lighting in parking lots and garages enhances visibility, deters
theft, vandalism, and other criminal activities, while conducting regular patrols by security
personnel or law enforcement officers monitors parking areas, and responds to any
suspicious activities or incidents.
Why it is suitable for Educational Environment
Parking areas and transportation hubs are integral parts of educational campuses,
accommodating the vehicles of students, faculty, staff, and visitors. However, these areas
also present security challenges, including theft, vandalism, and unauthorized access. By
implementing parking lot lighting, security patrols, and access controls, educational
institutions can mitigate risks associated with vehicle-related incidents, enhance visibility,
and deter criminal activities. Ensuring the safety and security of vehicles not only protects
personal property but also promotes a sense of trust and confidence among campus
stakeholders, facilitating a positive and secure environment for all.
Security Article for Tactic Hub 37
HND 52 Thut Htet Htoo
7. Physical Barriers
Installing revolving doors at building entrances regulates pedestrian traffic and
prevents unauthorized entry, while deploying retractable or sliding security gates in
corridors, stairwells, or other critical areas controls access during non-operational hours
or in emergencies.
Why it is suitable for Educational Environment
Educational environments often feature high-traffic areas such as entrances,
corridors, and stairwells that require effective crowd management and access control.
Physical barriers such as revolving doors and security gates provide controlled entry and
egress, regulating pedestrian flow and preventing unauthorized access to sensitive areas.
By deploying these barriers strategically, educational institutions can maintain order,
streamline traffic patterns, and enhance security without compromising convenience or
accessibility. Furthermore, physical barriers serve as visible reminders of security
protocols, reinforcing the importance of safety and vigilance within the campus
community.
Security Article for Tactic Hub 38
HND 52 Thut Htet Htoo
IT Security Policies for Tactic Hub
1. Acceptable Use Policy (AUP)
Develop and enforce an AUP that outlines acceptable uses of IT resources, including
guidelines for internet usage, email usage, and software installation.
2. Data Protection Policy
Establish policies and procedures for the protection of sensitive data, including
encryption protocols, data backup procedures, and access controls.
3. Password Policies
Enforce strong password policies requiring regular password changes, minimum
length, complexity, and multi-factor authentication where possible.
Security Article for Tactic Hub 39
HND 52 Thut Htet Htoo
4. Network Security
Implement firewalls, intrusion detection systems, and antivirus software to protect
the network from external threats.
5. Software Updates and Patch Management
Ensure that all software and operating systems are regularly updated with the latest
security patches to address known vulnerabilities.
6. Security Awareness Training
Provide regular training to staff and students on IT security best practices, including
how to recognize phishing attempts, social engineering tactics, and other common threats.
Security Article for Tactic Hub 40
HND 52 Thut Htet Htoo
7. Incident Response Plan
Develop and regularly test an incident response plan to effectively respond to and
mitigate security incidents such as data breaches or cyber-attacks.
By implementing these physical security measures and IT security policies,
educational institutions can better protect their assets, data, and stakeholders from
various threats and risks. Regular monitoring, updates, and training are essential for
maintaining a secure environment in the ever-evolving landscape of cybersecurity.
What is Risk Management?
Risk management is the process of identifying, assessing, and prioritizing risks,
followed by coordinated efforts to minimize, monitor, and control the impact of potential
negative events. It involves systematically analyzing uncertainties that could affect an
organization's objectives, and implementing strategies to mitigate these risks to an
acceptable level. Risk management encompasses various techniques, including risk
identification, risk analysis, risk evaluation, and risk treatment, to ensure that
organizations can navigate uncertainties effectively and achieve their goals while
safeguarding their interests.
Security Article for Tactic Hub 41
HND 52 Thut Htet Htoo
Importance of Risk Management in Educational Environment
In the realm of education, risk management plays a pivotal role in safeguarding the
safety, well-being, and prosperity of students, faculty, staff, and the institution as a whole.
Initially, it aids in identifying potential hazards and vulnerabilities within the educational
sphere, spanning from physical risks like accidents and emergencies to intangible risks
such as academic, financial, or reputational challenges. Through systematic evaluation of
these risks, educational establishments can formulate comprehensive strategies to
mitigate them, thereby fostering a safer and more conducive learning atmosphere.
Additionally, proficient risk management in education contributes to the continuity of
operations and minimizes disruptions stemming from unforeseen circumstances such as
natural disasters, public health crises, technological breakdowns, or financial downturns.
The implementation of robust risk management protocols enables educational institutions
to respond promptly and effectively, thus mitigating the impact on teaching, learning, and
administrative functions. By proactively addressing risks and instating preventive
measures, educational institutions demonstrate their commitment to providing a secure
and supportive environment for all stakeholders, thereby nurturing academic excellence
and organizational resilience.
Risk Management Procedures
Risk management procedures for the education environment involve several key
steps to identify, assess, mitigate, and monitor risks effectively. Here's a simplified
overview:
1. Risk Identification: Begin by identifying potential risks that could impact the
educational institution. These risks may include physical hazards, such as safety
concerns on campus, or non-physical risks, such as academic, financial, or reputational
challenges. This process often involves brainstorming sessions, surveys, and
consultations with stakeholders to ensure comprehensive coverage of potential risks.
Security Article for Tactic Hub 42
HND 52 Thut Htet Htoo
2. Risk Assessment: Once risks are identified, assess their likelihood and potential
impact on the institution. This involves assigning a level of severity to each risk based
on factors such as probability of occurrence, potential consequences, and vulnerability.
Risks are often categorized based on their severity, allowing for prioritization of
mitigation efforts.
3. Risk Mitigation: Develop strategies to mitigate identified risks and reduce their
likelihood or impact. This may involve implementing preventive measures, such as
safety protocols, security enhancements, or financial controls. Additionally, consider
transferring or sharing risks through insurance or contractual agreements where
appropriate.
Security Article for Tactic Hub 43
HND 52 Thut Htet Htoo
4. Risk Monitoring and Control: Continuously monitor and review the effectiveness of
risk mitigation strategies. Regularly reassess risks to account for changes in the
educational environment or external factors. Implement controls and procedures to
monitor risks proactively and address emerging threats promptly.
5. Communication and Reporting: Maintain open communication channels to ensure
all stakeholders are informed about potential risks and mitigation efforts. Establish
reporting mechanisms for stakeholders to report new risks or incidents promptly.
Regularly report on risk management activities and outcomes to relevant parties, such
as the board of trustees, administration, faculty, staff, and students.
6. Training and Education: Provide training and education to staff, faculty, and students
on risk management principles and procedures. This empowers individuals to identify
and respond to risks effectively within their respective roles and responsibilities.
Security Article for Tactic Hub 44
HND 52 Thut Htet Htoo
7. Documentation: Keep detailed records of risk assessments, mitigation strategies,
monitoring activities, and incident responses. Documentation provides a historical
record of risk management efforts and supports accountability and transparency.
By following these risk management procedures, educational institutions can effectively
identify, assess, and mitigate risks to ensure a safe, secure, and successful learning
environment for all stakeholders.
Summarization of risk management procedures and risk matrix for
Tactic Hub
Risk management in education involves several key steps. Firstly, it begins with the
identification of potential risks, encompassing both physical threats and non-physical
challenges that could impact the institution. Once risks are identified, the assessment
phase evaluates the likelihood and potential impact of each risk to prioritize mitigation
efforts effectively. Subsequently, strategies are developed and implemented to mitigate
the identified risks, aiming to reduce their likelihood or impact on the institution.
Monitoring and control play a crucial role in risk management, as continuous monitoring
of risks and reassessment of mitigation strategies help in addressing emerging threats
promptly. Additionally, maintaining open communication channels and reporting risk
management activities and outcomes to stakeholders ensures transparency and fosters
trust within the educational community. Providing training to staff, faculty, and students
on risk management principles and procedures enhances awareness and preparedness for
managing potential risks. Lastly, keeping detailed documentation of risk assessments,
mitigation strategies, monitoring activities, and incident responses is essential for
maintaining accountability and facilitating continuous improvement in risk management
practices.
Security Article for Tactic Hub 45
HND 52 Thut Htet Htoo
By following these procedures, educational institutions can create a safer, more secure
learning environment for all stakeholders. Here is a risk matrix for Tactic Hub. Risk matrix
is helpful because it shows how likely and how serious risks are, making it easier to decide
which ones to focus on first and communicate about them clearly.
Risk matrix for Tactic Hub
Likelihood/Severity Low Medium High
Temporary network Minor data
Low Phishing attacks
outage corruption
Moderate data
Medium Software glitches Ransomware attack
breach
Distributed denial
Password
High of service (DDoS) Major data breach
compromise
attack
Security Article for Tactic Hub 46
HND 52 Thut Htet Htoo
What is an audit?
An audit is a thorough check-up on something, usually financial records, procedures,
or practices, to ensure they meet set standards, rules, or guidelines. Auditors, who are
skilled professionals, carry out these checks to verify the accuracy, completeness, and
validity of the information they are examining. I have already mentioned about the audit
in accountability ways for Tactic Hub.
Why audit is important for educational environment?
Audits are essential in educational settings because they ensure everything runs
smoothly and transparently. By checking financial records, operational procedures, and
compliance with rules, audits help spot any problems and suggest ways to improve. They
reassure everyone involved—students, parents, staff, and governing bodies—that things
are being done properly. Audits also help identify and deal with any risks, protecting the
school's reputation. Ultimately, audits help maintain high standards and trust in the
education system.
Security Article for Tactic Hub 47
HND 52 Thut Htet Htoo
Analyzing the impact of Audit
Analyzing the impact of audit is also curial. In analyzing the impact, this include
advantages and disadvantages of audit.
Advantages of audits in an educational environment:
1. Transparency and Accountability: Audits promote transparency by ensuring that
financial records, procedures, and practices are accessible and understandable. This
fosters accountability among educational institutions.
2. Quality Assurance: Audits help maintain and enhance the quality of education by
identifying areas for improvement and ensuring compliance with established standards
and guidelines.
3. Resource Optimization: By examining financial records and operational procedures,
audits can identify inefficiencies and opportunities for cost-saving measures, thus
optimizing resource allocation within educational institutions.
4. Risk Management: Audits help identify and mitigate risks such as fraud,
mismanagement, or non-compliance with regulations, thereby safeguarding the
reputation and credibility of the educational institution.
5. Stakeholder Confidence: Conducting audits demonstrates a commitment to
responsible governance and effective management, which can enhance the confidence
of stakeholders, including students, parents, staff, and regulatory bodies.
Security Article for Tactic Hub 48
HND 52 Thut Htet Htoo
Disadvantages of audits in an educational environment:
1. Financial and Time Costs: Audits can be expensive and time-consuming, requiring
resources and personnel to conduct the examination thoroughly.
2. Potential for Disruption: The audit process may disrupt the regular operations of
educational institutions, diverting attention and resources away from core activities
such as teaching and learning.
3. Overemphasis on Compliance: In some cases, a focus on compliance with
regulations and standards through audits may lead to a bureaucratic approach that
prioritizes paperwork over innovative teaching methods or student-centered
approaches.
4. Limited Scope: Audits may not capture all aspects of educational effectiveness, such
as student outcomes or the quality of teaching, as they primarily focus on financial and
administrative aspects.
5. Resistance to Change: Audits may encounter resistance from staff or management
who perceive them as intrusive or unnecessary, hindering the implementation of
recommended improvements.
In conclusion, analyzing the impact of audits in educational environments is crucial
for understanding their role in promoting transparency, accountability, and quality
assurance. While audits offer numerous advantages such as enhancing stakeholder
confidence and identifying areas for improvement, they also come with challenges such
as financial costs and potential disruptions. By recognizing both the benefits and
drawbacks of audits, educational institutions can effectively leverage them to optimize
resources, manage risks, and uphold standards of excellence in education delivery and
administration.
Security Article for Tactic Hub 49
HND 52 Thut Htet Htoo
Recommendations for Tactic Hub to Align Misaligned Security
Policies
To align with misaligned security policies in an educational environment, it is
essential to take a systematic approach that prioritizes communication, collaboration, and
flexibility. Here are some recommendations:
1. Identify the Gaps: Conduct a comprehensive assessment to identify where security
policies are misaligned with current practices or needs. This includes reviewing existing
policies, procedures, and practices, as well as gathering feedback from stakeholders
such as faculty, staff, students, and IT professionals.
2. Communicate Effectively: Establish open channels of communication to ensure that
all stakeholders are aware of the misalignments and understand the importance of
addressing them. Clearly communicate the goals and objectives of aligning security
policies to foster buy-in and support from all parties involved.
Security Article for Tactic Hub 50
HND 52 Thut Htet Htoo
3. Collaborate Across Departments: Security policies often involve multiple
departments and stakeholders, including IT, administration, faculty, and students.
Foster collaboration among these groups to identify solutions that address security
concerns while also supporting the educational mission of the institution.
4. Prioritize Risks and Mitigation Strategies: Prioritize security risks based on their
potential impact and likelihood of occurrence. Develop mitigation strategies that
balance security requirements with the needs of students, faculty, and staff. Consider
implementing multi-factor authentication, encryption, access controls, and regular
security awareness training as part of the mitigation strategy.
5. Update Policies and Procedures: Revise existing security policies and procedures to
address the identified misalignments and incorporate feedback from stakeholders.
Ensure that policies are clear, concise, and easy to understand, and regularly review
and update them to reflect changes in technology, regulations, and organizational
needs.
Security Article for Tactic Hub 51
HND 52 Thut Htet Htoo
6. Provide Training and Education: Offer training and education programs to increase
awareness of security risks and best practices among faculty, staff, and students.
Empower individuals to take responsibility for their own security by providing them with
the knowledge and tools they need to protect sensitive information and systems.
7. Monitor and Evaluate: Establish metrics and key performance indicators (KPIs) to
monitor the effectiveness of security policies and procedures. Regularly evaluate the
impact of alignment efforts and make adjustments as needed to ensure continuous
improvement.
By following these recommendations and adopting a proactive and collaborative
approach, educational institutions can successfully align with misaligned security policies
while balancing the needs of all stakeholders and maintaining a safe and secure learning
environment.
Security Article for Tactic Hub 52
HND 52 Thut Htet Htoo
Justifying the elements that I had chosen for Tactic Hub
In this report, I discuss the importance of IT security in educational environments
and provides recommendations for aligning security policies in the Tactic Hub. The selected
elements for Tactic Hub in securing educational environments reflect a comprehensive
approach to IT security, as outlined in the document. Authentication methods such as
Multi-Factor Authentication (MFA), Biometric Authentication, One-Time Passwords (OTP),
and Token-based Authentication offer robust means to verify user identities, ensuring
access control to sensitive data and intellectual property. Authorization approaches
including Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC),
Mandatory Access Control (MAC), and Rule-Based Access Control (RBAC) further refine
permissions, allowing tailored access to resources based on roles and attributes.
Meanwhile, accountability mechanisms such as audit logs, activity monitoring tools,
network packet analysis, endpoint detection and response (EDR), and user behavior
analytics (UBA) establish a framework for tracking user actions, detecting anomalies, and
ensuring compliance. These elements collectively form a versatile and adaptable security
strategy, essential for mitigating cyber risks, preserving data integrity, and promoting
digital responsibility within educational environments.
Moreover, I have discussed about risk management procedures along with risk
matrix plan for Tactic hub. Discussing risk management procedures along with a risk
matrix plan for Tactic Hub is essential as it provides a structured approach to identify,
assess, prioritize, and mitigate potential threats and vulnerabilities, thereby enabling
educational institutions to proactively manage and minimize security risks effectively.
Finally, including talks about audits in this framework makes the security strategy
more complete. It helps to show why audits are important, how they ensure compliance,
and what impact they have.
Security Article for Tactic Hub 53
HND 52 Thut Htet Htoo
Evaluating the suitability of tools for educational security policies
I have provided excerpt outlines various tools and mechanisms for ensuring IT
security in educational environments, including authentication methods (Multi-Factor
Authentication, Biometric Authentication, One-Time Passwords, and Token-based
Authentication), authorization approaches (Role-Based Access Control, Attribute-Based
Access Control, Mandatory Access Control, and Rule-Based Access Control), and
accountability mechanisms (Audit Logs, Activity Monitoring Tools, Network Packet
Analysis, Endpoint Detection and Response, and User Behavior Analytics).
Here is an evaluation of the suitability of these tools for educational security policies:
Authentication Tools
Multi-Factor Authentication (MFA)
Highly suitable for educational environments due to its ability to provide an
additional layer of security beyond passwords, mitigating the risk of unauthorized access
to sensitive information. Pros include enhanced security, while cons may involve additional
hardware or software requirements.
Biometric Authentication
Convenient and secure for users in educational settings, eliminating the need to
remember passwords. However, concerns over biometric data theft or spoofing may arise.
One-Time Passwords (OTP)
Useful for scenarios requiring temporary access codes, such as online exams or
remote access. However, vulnerabilities exist if sent via insecure channels.
Token-based Authentication
Offers portability and security, suitable for educational environments requiring
convenient yet secure authentication methods. However, requires implementation and
management of token systems.
Security Article for Tactic Hub 54
HND 52 Thut Htet Htoo
Authorization Tools
Role-Based Access Control (RBAC)
Efficiently manages access based on predefined roles, simplifying access control in
educational institutions. However, requires careful planning and maintenance of role
definitions.
Attribute-Based Access Control (ABAC)
Provides granular control over access permissions based on various attributes,
offering flexibility in educational settings. Implementation may demand significant effort
and ongoing management.
Mandatory Access Control (MAC)
Ensures strict access control, suitable for protecting sensitive data in research
facilities or institutions. May limit flexibility and require careful planning.
Rule-Based Access Control (RBAC)
Offers a customizable approach to access control, suitable for educational
environments requiring flexibility. However, expertise in rule definition and maintenance
is necessary.
Accountability Tools
Audit Logs
Essential for maintaining accountability and complying with security policies and
regulations in educational settings. However, requires storage and management of large
volumes of data.
Activity Monitoring Tools
Enhance cybersecurity awareness and facilitate proactive detection of security
incidents. May raise privacy concerns and demand significant resources for
implementation.
Security Article for Tactic Hub 55
HND 52 Thut Htet Htoo
Network Packet Analysis
Provides comprehensive threat detection capabilities, suitable for safeguarding
sensitive data in educational environments. Requires expertise for effective interpretation
and analysis.
Endpoint Detection and Response (EDR)
Protects endpoints from cyber threats, ensuring continuous academic activities.
However, may be expensive to implement and maintain.
User Behavior Analytics (UBA)
Proactively identifies security threats by analyzing user behavior patterns,
enhancing cybersecurity defenses. Complex implementation and high costs may be
deterrents.
Overall, the suitability of these tools for educational security policies depends on factors
such as usability, scalability, effectiveness, cost-effectiveness, compliance, adaptability,
and support. Educational institutions should carefully assess their specific security needs
and requirements before selecting and implementing these tools.
Security Article for Tactic Hub 56
HND 52 Thut Htet Htoo
References;
Xcitium (n.d.). What Is IT Security? | Importance Of IT Security Services. [online]
Xcitium.
Available at:
https://www.xcitium.com/itsecurity/#:~:text=IT%20security%20protects%20informati
on%20technology [Accessed 5 Apr. 2024].
Kelley, K. (2022). What is Cyber Security & Importance of Cyber Security | Simplilearn.
[online] Simplilearn.com. Available at: https://www.simplilearn.com/tutorials/cyber-
security-tutorial/what-is-cyber-security.
Patterson, N. (2021). What is Cyber Security and Why is it Important? [online]
www.snhu.edu. Available at: https://www.snhu.edu/about-us/newsroom/stem/what-is-
cyber-security.
Saxena, A. (2023). Importance of Cyber Security: Benefits and Disadvantages. [online]
Sprinto. Available at: https://sprinto.com/blog/importance-of-cyber-security/.
STEPS (2021). SECURITY ENHANCED LINUX(SELinux) -. [online] Available at:
https://blog.stepskochi.com/security-enhanced-linuxselinux/ [Accessed 8 Apr. 2024].
Clayton, Mi. (2023). Risk Identification Techniques and How to Brainstorm Well. [online]
MPUG. Available at: https://www.mpug.com/risk-identification-techniques-and-how-to-
brainstorm-well/.
www.holocroncyber.com.au. (2023). Information Security Audit for Australian Businesses |
Holocron. [online] Available at: https://www.holocroncyber.com.au/information-security-
assessment/?gad_source=1&gclid=Cj0KCQjwztOwBhD7ARIsAPDKnkCXMmm5FXTwyL9KTnBuVsdq
Xt0F6XvzbPrqPh656rD9QfmhoHs2MhYaAlh7EALw_wcB [Accessed 9 Apr. 2024].
Security Article for Tactic Hub 57
You might also like
- Cisco Identity Services Engine User Guide, Release 1.2No ratings yetCisco Identity Services Engine User Guide, Release 1.2786 pages
- ISACA CERTIFIED INFORMATION SECURITY MANAGER (CISM) QUESTIONS & DUMPS Exam Prep Questions for ISACA-From EverandISACA CERTIFIED INFORMATION SECURITY MANAGER (CISM) QUESTIONS & DUMPS Exam Prep Questions for ISACA-No ratings yet
- CISSP Domain 1 Study Guide Security and Risk Management: CISSP Study Guide - Updated 2024, #1From EverandCISSP Domain 1 Study Guide Security and Risk Management: CISSP Study Guide - Updated 2024, #1No ratings yet
- The Certified Ethical Hacker Exam - version 8 (The concise study guide)From EverandThe Certified Ethical Hacker Exam - version 8 (The concise study guide)3/5 (9)
- Stay Safe!: A Basic Guide to Information Technology SecurityFrom EverandStay Safe!: A Basic Guide to Information Technology SecurityNo ratings yet
- CEH: Certified Ethical Hacker v11 : Exam Cram Notes - First Edition - 2021From EverandCEH: Certified Ethical Hacker v11 : Exam Cram Notes - First Edition - 2021No ratings yet
- Cybersecurity Simplified for Small Business: A Plain-English GuideFrom EverandCybersecurity Simplified for Small Business: A Plain-English GuideNo ratings yet
- Ethical Hacking: A Beginner's Guide to Cybersecurity. Master the Basics of Computer Systems, Networks, and Security to Protect Yourself OnlineFrom EverandEthical Hacking: A Beginner's Guide to Cybersecurity. Master the Basics of Computer Systems, Networks, and Security to Protect Yourself OnlineNo ratings yet
- Defending the Digital Perimeter: Network Security Audit Readiness StrategiesFrom EverandDefending the Digital Perimeter: Network Security Audit Readiness StrategiesNo ratings yet
- The Promise of Cybersecurity: From Prevention to Response: Building a Fortified Cyber EnvironmentFrom EverandThe Promise of Cybersecurity: From Prevention to Response: Building a Fortified Cyber EnvironmentNo ratings yet
- Exploring The Intersection Of Artificial Intelligence And Cyber DefenseFrom EverandExploring The Intersection Of Artificial Intelligence And Cyber DefenseNo ratings yet
- Hacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber SecurityFrom EverandHacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber SecurityNo ratings yet
- Managing Modern Security Operations Center & Building Perfect Career as SOC AnalystFrom EverandManaging Modern Security Operations Center & Building Perfect Career as SOC AnalystNo ratings yet
- Fortifying Digital Fortress: A Comprehensive Guide to Information Systems Security: GoodMan, #1From EverandFortifying Digital Fortress: A Comprehensive Guide to Information Systems Security: GoodMan, #1No ratings yet
- Guardians of the Virtual Realm: From Protection to Penetration: Navigating Cybersecurity and Ethical Hacking TechniquesFrom EverandGuardians of the Virtual Realm: From Protection to Penetration: Navigating Cybersecurity and Ethical Hacking TechniquesNo ratings yet
- The Cybersecurity Mindset: A Virtual and Transformational Thinking ModeFrom EverandThe Cybersecurity Mindset: A Virtual and Transformational Thinking ModeNo ratings yet
- Cybersecurity's Next Frontier: Navigating the Cyber Threat Landscape: A Comprehensive GuideFrom EverandCybersecurity's Next Frontier: Navigating the Cyber Threat Landscape: A Comprehensive GuideNo ratings yet
- Cyber Combat: Learn to Defend Against Cyber Attacks and Corporate SpyingFrom EverandCyber Combat: Learn to Defend Against Cyber Attacks and Corporate SpyingNo ratings yet
- SECUDE Secure Login 5.1 Installation Administration and Usage Manual en r17No ratings yetSECUDE Secure Login 5.1 Installation Administration and Usage Manual en r17275 pages
- Rsa Authentication Manager 8.4 Administrators GuideNo ratings yetRsa Authentication Manager 8.4 Administrators Guide202 pages
- Advanced Network Defense: Architectures and Best Practices for Today’s PerimeterFrom EverandAdvanced Network Defense: Architectures and Best Practices for Today’s PerimeterNo ratings yet
- CompTIA CySA+ Certification The Ultimate Study Guide to Practice Questions With Answers and Master the Cybersecurity Analyst ExamFrom EverandCompTIA CySA+ Certification The Ultimate Study Guide to Practice Questions With Answers and Master the Cybersecurity Analyst ExamNo ratings yet
- The Business Owner's Guide to Cybersecurity: Protecting Your Company from Online ThreatsFrom EverandThe Business Owner's Guide to Cybersecurity: Protecting Your Company from Online ThreatsNo ratings yet
- IT Induction and Information Security Awareness: A Pocket GuideFrom EverandIT Induction and Information Security Awareness: A Pocket GuideNo ratings yet
- "Careers in Information Technology: Cybersecurity Analyst": GoodMan, #1From Everand"Careers in Information Technology: Cybersecurity Analyst": GoodMan, #1No ratings yet
- GUARDIANS OF THE BOTTOM LINE: Demystifying Cybersecurity for Today’s LeadersFrom EverandGUARDIANS OF THE BOTTOM LINE: Demystifying Cybersecurity for Today’s LeadersNo ratings yet
- CP R81.10 Harmony Endpoint WebManagement AdminGuideNo ratings yetCP R81.10 Harmony Endpoint WebManagement AdminGuide106 pages
- Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1From EverandCybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1No ratings yet
- DellEMC Unity Condor TTT XT ServiceabilityNo ratings yetDellEMC Unity Condor TTT XT Serviceability100 pages
- CYBER SECURITY HANDBOOK Part-2: Lock, Stock, and Cyber: A Comprehensive Security HandbookFrom EverandCYBER SECURITY HANDBOOK Part-2: Lock, Stock, and Cyber: A Comprehensive Security HandbookNo ratings yet
- CYBER SECURITY HANDBOOK Part-1: Hacking the Hackers: Unraveling the World of CybersecurityFrom EverandCYBER SECURITY HANDBOOK Part-1: Hacking the Hackers: Unraveling the World of CybersecurityNo ratings yet
- MDT - On-Off Boarding Checklist - Template - V.4. - Revised 2013-11-25 - Medisetty100% (1)MDT - On-Off Boarding Checklist - Template - V.4. - Revised 2013-11-25 - Medisetty3 pages
- RSA SecurID Access RSA SecurID Authentication API Developer's GuideNo ratings yetRSA SecurID Access RSA SecurID Authentication API Developer's Guide42 pages
- Safeguarding the Digital Fortress: A Guide to Cyber Security: The IT CollectionFrom EverandSafeguarding the Digital Fortress: A Guide to Cyber Security: The IT CollectionNo ratings yet
- Safestone Technologies Limited: Rsa Securid Ready Implementation GuideNo ratings yetSafestone Technologies Limited: Rsa Securid Ready Implementation Guide21 pages
- Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certificationsFrom EverandCyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certificationsNo ratings yet
- RSA Authentication Manager 7.1 Security Best Practices GuideNo ratings yetRSA Authentication Manager 7.1 Security Best Practices Guide23 pages
- Check Point Remote Access RSA SecurID Access ClientNo ratings yetCheck Point Remote Access RSA SecurID Access Client15 pages
- Check Point: Rsa Securid Ready Implementation GuideNo ratings yetCheck Point: Rsa Securid Ready Implementation Guide22 pages
- 6chapter 6: Information Systems Security: Learning ObjectivesNo ratings yet6chapter 6: Information Systems Security: Learning Objectives13 pages
- SSH Insecure HMAC Algorithms Enabled and SSH CBC Mode Ciphers Enabled Security Vulnerabilities Come Up Against Authentication Manager 8.xNo ratings yetSSH Insecure HMAC Algorithms Enabled and SSH CBC Mode Ciphers Enabled Security Vulnerabilities Come Up Against Authentication Manager 8.x3 pages
- What Conditions Must Be Met in Order To Use The Hronestop Att Login Platform?No ratings yetWhat Conditions Must Be Met in Order To Use The Hronestop Att Login Platform?3 pages
- Cybersecurity Threats and Digital Safety: Protecting Yourself in a Connected WorldFrom EverandCybersecurity Threats and Digital Safety: Protecting Yourself in a Connected WorldNo ratings yet
