Project 2: CSIS 341 Information Security Planning Instructio

Project 2csis 341information Security Planninginstructionsthis Project

This project requires that students work with the VirtualBox installation of Microsoft Windows Server 2012 R2 Standard 64-bit that was developed in Project 1. Instructed tasks include determining and implementing at least five Defense in Depth Access Controls on the virtual server, running the Microsoft Baseline Security Analyzer to scan and analyze security issues, mitigating any 'Severe Risk' vulnerabilities found, and re-running the scan until all severe risks are addressed. Finally, students must compile a Word document with screenshots validating the implementation of each control and include the Security Report from the Analyzer. Both documents should be submitted via Blackboard.

Paper For Above instruction

Introduction

In modern cybersecurity frameworks, implementing effective access controls and security assessments are foundational to protecting digital assets. The project in question focuses on practical application of these principles within a virtual environment, specifically utilizing Microsoft Windows Server 2012 R2 Standard on VirtualBox. This integration requires a systematic approach to defense-in-depth strategies, vulnerability assessments, and documentation, providing a comprehensive learning experience in information security planning.

Implementing Defense in Depth Access Controls

Defense in Depth is a multi-layered approach designed to enhance security by deploying several protective measures that collectively reduce vulnerabilities. For the virtual server environment, five key access controls are recommended and commonly effective:

1. Account Privilege Management: Restrict administrative privileges to essential personnel only, adopting the principle of least privilege. This minimizes the risk of accidental or malicious misuse of privileges.
2. Strong Authentication Methods: Implement multifactor authentication (MFA) for administrative and remote access, adding layers such as smart cards or OTPs to ensure stakeholders are properly verified.
3. Network Segmentation: Segment the virtual network to isolate sensitive servers and control traffic flow, reducing the scope of potential breaches.
4. Firewall Configuration: Configure Windows Firewall or external firewalls to restrict unauthorized inbound and outbound traffic, allowing only necessary communications.
5. Audit Logging and Monitoring: Enable comprehensive logging of user activities, system events, and access attempts. Regular review of logs facilitates early detection of suspicious activities.

These controls align with best practices recommended by security standards such as NIST and ISO/IEC 27001, providing layered security that mitigates a broad spectrum of threats.

Security Assessment with Microsoft Baseline Security Analyzer (MBSA)

Following the implementation of access controls, the next critical step is to evaluate the security posture of the server environment using MBSA. This tool identifies missing security patches, weak configurations, and known vulnerabilities.

To perform the assessment, the MBSA software is downloaded—either from an official site or a designated folder—and executed following existing instructional videos. The tool scans the server and generates a detailed security report highlighting issues rated as 'Severe Risk,' 'Moderate Risk,' or 'Low Risk.'

Addressing severe findings involves applying patches, adjusting configurations, or disabling vulnerable services. After mitigation, the scan is rerun until the report shows no severe risks remaining. This iterative process ensures continuous improvement to the security posture.

Validation and Documentation

To verify the effectiveness of the security controls, students must capture screenshots demonstrating each control’s proper implementation within the Windows Server environment. For instance, screenshots showing restricted user privileges, MFA configurations, segmented network settings, firewall rules, and enabled audit logging serve as proof of compliance.

Additionally, the security report generated by MBSA must be included to substantiate the assessment and mitigation efforts. The collected screenshots and report should be compiled into a Word document, clearly labeled, and submitted alongside the report file on the Blackboard platform. This documentation process ensures transparency, accountability, and a record of security practices applied.

Conclusion

The integration of defense-in-depth controls with thorough vulnerability assessments empowers organizations to strengthen their security stance effectively. The hands-on approach, involving implementation, evaluation, mitigation, and documentation, exemplifies best practices in information security planning. This process not only addresses immediate vulnerabilities but also establishes a foundation for ongoing security management amid evolving threats.

References

• National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity. NIST Special Publication 800-53 Revision 5.
• Owens, R. (2017). Security Strategies in Windows Platforms and Applications. Pearson.
• Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94.
• ISO/IEC 27001:2013. Information security management systems — Requirements.
• Microsoft. (2013). Security Recommendations for Windows Server 2012. Microsoft Docs.
• Farkas, C., & Bejtlich, R. (2018). The Practice of Network Security Monitoring. No Starch Press.
• Grimes, R. (2017). CompTIA Security+ Study Guide. Wiley.
• Gordon, L., Loeb, M., & Zhou, L. (2011). The Impact of Information Security Breaches: Has there Been a Catching Up? Journal of Cybersecurity.
• Honeyman, P. (2019). Virtualization and Cloud Security. Springer.
• Kim, D., & Solomon, M. (2016). Fundamentals of Information Systems Security. Jones & Bartlett Learning.