Assignment: Analyzing Critical Security Control Points
Learning Objectives and Outcomes
Analyze critical security control points in an information technology (IT) infrastructure.
Assignment Requirements
You are a network administrator at XYZ, a large, publicly traded health care organization. XYZ has 25 sites across the region, 2,000 staff members, and thousands of patients.
Protecting sensitive customer information is highly important to XYZ management and stakeholders. Due to the nature of business and HIPAA requirements, XYZ is audited regularly. Your manager wants you to identify five critical controls that are typically verified during a compliance audit. The controls should be a part of the SANS Critical Security Controls for Effective Cyber Defense.
Based on this organizational scenario, complete the following tasks:
1. Identify five critical security control points throughout the IT infrastructure that must be verified for compliance.
2. Formulate a plan to help the organization strengthen the security control points.
3. Write areport that addresses the tasks above. Include an introduction, summary sections for your findings and recommendations, and a conclusions section. You must cite your research properly so that your manager may add or refine this report before submission to senior management.