Scenario
You have been hired as a security analyst at a midsize financial organization, FinSecure Corp. The company is undergoing a security review and has asked you to assess its current access management practices, operational security processes, and system threat activity. You have been provided with a user role matrix, access control policies, operational policy excerpts, and system logs from the past 48 hours. Your goal is to review the provided materials, identify potential issues, and recommend improvements aligned with industry best practices.
Refer to the attached “Security Operations Artifact” in the Supporting Documents section.
Requirements
A. Apply an access control model to the provided user role matrix and access control policies in the attached “Security Operations Artifact” by doing the following:
1. Choose an access control model to apply to the provided user role matrix, and explain how the principles of your chosen model apply to the organization’s access control structure.
2. Identify four misalignments in the provided user role matrix based on your chosen access control model, and explain how each misalignment conflicts with your model’s principles.
3. Recommend three changes to resolve the misalignments identified in part A2. Justify each recommendation based on applicable industry standards, frameworks, or best practices (e.g., NIST SP 800-53, ISO/IEC 27001, CIS Controls, principles from the SSCP Common Body of Knowledge).
4. Revise the provided user role matrix to reflect your chosen access control type and to incorporate the changes recommended in part A3.
B. Evaluate the organization’s access control policies and related operational practices by doing the following:
1. Identify three policy gaps or inconsistencies in the organization’s access control policies that could affect access management or operational security.
2. Recommend one policy change or update for each gap identified in part B1 to strengthen policy alignment with security best practices.
C. Using the attached “Security Operations Artifact,” evaluate the organization’s broader operational processes and practices (e.g., change management, security awareness, asset handling, physical security operations). Include the following elements in your evaluation:
• an identification of three weaknesses in operational practices
• an explanation of how each identified weakness affects the confidentiality, integrity, or availability (CIA) of organizational information
• a recommendation of one improvement to address each identified weakness
D. Analyze the system logs provided in the attached “Security Operations Artifact” to identify potential security threats by doing the following:
1. Identify three threats within the system logs, and classify each threat by type (e.g., insider, malware, brute force, misconfiguration).
2. Propose one mitigation strategy for each identified threat, and justify each strategy by referencing a recognized operational risk analysis model (e.g., NIST RMF, OCTAVE, ISO 27005) or accepted security best practices (e.g., CIS Controls, least privilege).
E. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
F. Demonstrate professional communication in the content and presentation of your submission.