Discussion 1. Implementing Network Access Control
Companies face stronger regulations, such as HIPAA, SEC/SOX, and PCI DSS, which makes Network Access Control more critical.
o Using the Google search engine, search for the following term: Security Controls Implementation Plan. Click here (or click link below) to open the pdf from SANS.org called "Implementing the Critical Security Control". Summarize the process to implement the CIS critical Security Controls. Out of the list of twenty controls, pick the top two pertinent controls that every company should implement. Explain your reasoning. Explain the best approach to determining which controls should be implemented first.
o What are the benefits of implementing the CIS Critical Security Controls?
Discussion 2. Remote Authentication
More companies are allowing users to work from home, which extends a company's network and introduces new security concerns.
o Your company has decided to allow employees to work from home two days a week. Your CISO has requested a high-level comparison between RADIUS, TACACS and VPN. How does each of these services leverage Kerberos and the AAA framework? Make a recommendation and justify your answer based on your findings. Make sure to outline any limitations associated with each service
o What recommendation would you make to secure web authentication when logging into a website?
The response should include a reference list. Double-space, using Times New Roman 12 pnt font, one-inch margins, and APA style of writing and citations.