Denzel Chiuseni

H190672R
Introduction to Information Security
Assignment 2

a) The National Institute of Standards and Technology (NIST) Special Publication (SP)
800-30 framework is a risk management framework providing a comprehensive guide
for the development of an effective risk management program for an organisation’s IT
systems. The risk management process of the NIST SP 800-30 involves 3 basic
components which include, risk assessment, risk mitigation and evaluation. During
risk assessment there is identification and evaluation of risks and risk impacts,
recommendations risk-reducing measures. Risk assessment is a 9 stage process
involving the following steps: system security characterisation, threat identification,
vulnerability identification, control analysis, likelihood determination, impact
analysis, risk determination, control recommendation and result documentation. Risk
mitigation involves the prioritising, implementation and maintaining the appropriate
risk reducing measures recommended during the risk assessment process. The
following options are considered for risk mitigation: risk assumption, risk avoidance,
risk limitation, risk planning, research and acknowledgement and risk transference.
The evaluation stage involves the continuous evaluation process for implementing a
successful risk management program.

b) Important employment policies expected from an employee within an organisation

involves the code of conduct that is the disciplinary policy of the organisation which
highlights who the employee is expected to operate within the working environment.
Also there is the equal opportunity policy which facilitates the on time payment of
salaries to the employees. The third policy is the directed to the usage of the
company’s assets and facilities by the employees

The important practises expected from an employee within an organisation include the
provision of clear expectations from the employee, giving of equal opportunities to
employees as well as allowing employees to get involved in decision making and learning
to contribute ideas are proven to be function employment practises.

c) Controls for enforcing physical security involves usage of the following methods:
 Usage of CCTV surveillance- this serves the purpose of monitoring the
geographical area in which the hardware components of a computer
systems are located
 Use of biometric access control systems- biometric systems offer a
secure security option because they make use of unique identifying
characteristics such as fingerprints and face recognition.
 Use of security Guards- these patrol and survey the area which has the
hardware components of the security system.
 Use of locks- these serve the purpose of restricting access into
restricted rooms housing the computer system’s hardware
Denzel Chiuseni
H190672R
Introduction to Information Security
Assignment 2

d) Network based IDS is a security system used to monitor and analyse network traffic
to protect a system from network based threats. The NIDS scans all inbounds packets
and searches for any suspicious patterns and in the event that a threat is detected, an
appropriate action is taken depending on the severity of the theat.
Host based IDS is a security system that monitors a computer system on which it is
installed to detection intrusion or misuse and responds by logging the activity and
notifying the designated authority.