Download and read the document and answer all questions in the document. Please see attached document H3 & APA Criteria doc.
Please use APA style formatting.
Question 1
For the pharmaceutical company in HW-3, were tasked to develop an access control policy for the company. Currently, you are performing an as-is analysis and assessing current security practices. You’ve found three critical problems with current practices. These are:
1) The accounts of the former employees are not always removed after the termination of the employment.
2) The database server is in the same network as the computer workstations.
3) Server administrators use the same “Administrator” account.
Download NIST Special Publication 800-53 from this URL:
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4
NIST SP 800-53 is titled Security and Privacy Controls for Federal Information Systems and Organizations.
This publication helps federal agencies and contractors meet the requirements set by the Federal Information Security Management Act (FISMA). Review the document to familiarize yourself with its contents.
Go to TABLE D-3: SUMMARY — ACCESS CONTROL, which is in the Appendix-D of the document. Fill out the following table.
Security Problem in Pharmaceutical Company |
Control No and Control Name in SP 800-53 |
Question 2
Although your company is not a federal organization, explain how NIST SP 800-53 can help your organization in increasing security maturity as if you are explaining it to your CEO or another important non-technical person.