TO:
FROM:
DATE:
SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls
REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1)
How Grade: One hundred points total. See each section for specific points.

Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | |

Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.)

# | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. | | | 3. | Sensitive laptop data is unencrypted and susceptible to physical theft. | Monitor for port scanning and malware | Encrypt the data | 4. | Remote users do not have recent patches or current updates. | | | 5. | Legitimate traffic bearing a malicious payload exploits network services. | | | 6. | An invalid protocol header disrupts a