@zaasmi said in CS204 Assignment 2 Solution and Discussion:
Respond as if the network has already been breached. Adopting this mindset forces the IT team to prioritize the most business-critical parts of the network and use network segmentation as a strategy. When done correctly, network segmentation, achieved through the creation of network zones, limits the ability for a hacker to move laterally across a compromised network. Network segmentation requires continual updates and configurations, but it can mean the difference between a hacker getting only as far as an employee’s infected computer and helping themselves to the bank’s ATM systems. Implement an enterprise-wide security policy. A well-defined security policy serves as a crucial road map for any bank IT team to maintain a truly adaptive security architecture. It’s what helps the people tasked with protecting the bank’s systems determine the best way for the network to operate with minimal risk. Additionally, the security policy should take into consideration all regulatory and enterprise compliance requirements and how to apply timely patches to maintain compliance. Security policy enforcement. It’s one thing to have a security policy that defines how the IT platform behaves and another to actually validate that it is being enforced across your network. Doing the former but not the latter might allow you to comply with some regulations, but it won’t make your network safer. Organizations must constantly monitor their network for changes to configurations and ensure that these changes are approved and compliant with policy. It’s a collaborative effort across the enterprise—network operations, security operations, and the CIO.Suppose that if you’ve ever tried to login to your online bank account and find that not all of your savings are being accounted for, it could be an indication that you’ve been targeted by cyber criminal. Although there are several ways that cyber criminals could have gotten your account data, there’s a fair chance you’ve accidentally come across a phishing website in the past, misinterpreting the login page of your online bank. Enlist all possible security measures to protect your online banking account from cyber criminals.