Cybersecurity – Coursework Example
Question All network infrastructure and applications need distinct security requirements before being entrustedwith an organization’s critical information. Wireless LAN should be secured in two levels: radio frequency, RF and frame levels (Terril, 2008). To secure en-route data integrity and confidentiality in shared medium, encryption algorithms should be used in encoding information that would only be decoded and read by intended parties hence inhibit alteration by hackers. Non-repudiation ensures that neither the receiver nor sender denies an already granted access. Authorization should ensure that only authenticated persons access the network on the virtue of privileges given. This should be combined with data non-repudiation and integrity concepts which inhibit alteration of data by hackers. System mangers should use sophisticated implementations to define access control policies which would grant unique access and security settings for different groups or users accessing different network resources. For identification and removal of threats, wireless intrusion detection and prevention services, Wireless IDS/IPS should be used but should at the same time allow co-existence with neighboring WLANS without access to each other’s resources. This latter requirement would only be applicable on RF level of security according to (Dale & Anderson, 2012).
Federal Information Security Management Act, FISMA was introduced in 2002. FISMA requires that all systems using and accessing federal information be identified and validated for compliance. It also assess risks involved and has an agency-wide program on information security that has checks and controls which other than ensuring effectiveness, also report on current risks and the responses. This includes intrusion detection where there should be reporting on cyber security and the concerned risks and responses (Levinson, 2011).
FISMA has new procedure for all government agencies referred to as continuous monitoring that automatically tests and tracks security. All US government departments and agencies have been sensitized on vulnerability to cyber attacks and have been provided with mitigation measures. In coordination with Homeland Security Department, DHS, agencies work to ensure that federal networks do not get compromised by cyber attacks. DHS has unique qualifications and technical bodies to ensure that cyber security policies have been implemented. The cyber strategy currently implemented by FISMA has the capacity to protect systems because it dictates that information security managers concentrate on ensuring system security against cyber threats. Nonetheless, there have been complaints that FISMA systems fail to monitor the firewalls and databases of government departments which posses threat from spies and hackers (Sternstein, 2011).
Dale, C. & Anderson, T. (2012). Achieving Systems Safety. London: Springer-Verlag.
Levinson, B. (2011). Federal Cyber-Security Best Practices: FISMA Continuous Monitoring. CircleID Inc. Retrieved 21 February 2012 from http://www.circleid.com
Sternstein, A. (2011). Debate Over State’s Cyber Security. Retrieved 21 February 2012 from http://cybersecurityreport.nextgov.com/fisma/
Terril, W. (2008). WLAN Security Today: Wireless More Secure than Wired. Siemens Enterprise Communications.