Last day of the OFFER FLAT 20% off & $20 sign up bonus Order Now

Last day of the offer FLAT 20% off & $20 sign up bonus

us

Free Resources

  • icon 67K+ Completed Assignments
  • icon 1.5K+ PhD Experts
  • icon 100+ Subjects we cater
  • icon 100% Secure Payment

BUS401 Management Leadership

Published : 21-Sep,2021  |  Views : 10

Question:

As the CIO/CISO, discuss how you'd implement a vulnerability scanning process and how you would prioritize those vulnerabilities. As the business leader, how would you mitigate the risk of vulnerabilities via an effective patching process? 

Answer:

Introduction

CIO/CISO has the responsibility to mitigate the risk of vulnerability testing as a special tool. This is where incorporation is enhanced in the aspect of ensuring that the institution as in relation to the computing objects and where the computer systems are operating efficiently. The activity of undertaking the vulnerability is conducted in such a way that it ends up assisting the management to monitor and detect fraud as well as the detection of risks. The devices are administered by individuals who are the responsible in avoiding the potential threats are addressed and managed appropriately.

The cybercrime aspect is safeguarded by instituting of the security standards thus the institution is able to work in an effective manner. The operation is correctly installed such that whenever a problem related to the systems occurs a troubleshooting that is automatic commences immediately. The resolution is able to provide in an ample time such that the remediation is found to be at risk in any given moment. “The main responsibility of the policy measure is to impose the institution requirements and the hopes that pertain to the scan conducted in a vulnerability scan conducted” (Samuel, 2013).

The compliance is ascertained where the risk and the dangers are identified in a prior basis. The formality is used in the aspect of the workers, contractors and the suppliers with the easier accessibility to the campus systems of computing. There is an extension to other personally owned devices. The campus owned devices are joined in a local area network for the application of the exclusive undertaking of the institution related operations.

The cisco is mandated with the responsibility of overseeing approval and emphasizing on the institution use of the enterprise scanning. There are certain criteria of the recommended tools of assessment. As Cisco I am provided with the necessary remediation in terms of suggestions. The tools that are used for scanning is capable of analyzing the information systems given the location that is central up to point where there is achieved solution.

An assessment should be undertaken which is supposed to be in a predetermined periodic basis where the management gives the cisco necessary communication. This regards to the assessment and the networked of the computing apparatus in terms of the periodic basis. The automated authenticated scans are supposed to take place on predetermined intervals. This is where the tool of scanning on the basis of quarterly terms in correspondence to the networked computer devices are found in the given control.

The devices of the university that contain level one data are subject to the scanning frequently. This pertains to the devices supposed to meet the given outlined specific regulatory requirements as under the cisco and the PCI given standards. There are files and the images or machine templates that are applicable in the images for the purpose for construction and deploying the workstations that are to be established. The servers that are applied in hosting function and the storage of the database of the university is subject to be scanned. These devices are networked into eh infrastructure and the equipment.

There is a given timeframe for undertaking the scans in order to avoid interfering with the normal business operations into eh institution. The hours that are supposed to be appropriate are the one that the business is less disrupted, however the functions or rather the operations are continuing appropriately. “Conflict of interest is avoided in the highest degree possible where the system administrators are not supposed to make the temporary changes to the devices that are connected to the computers” (Charles, 2016).

   The disciplinary action is imposed for anyone who is deemed to be interfering with the systems. The students who hack into the systems are subject to be disciplined by the relevant body in the university in order to mitigate the occurrence of the same actions. There are proper repair and the analysis of the methodologies. The mistake is seen that the fault is occurring at a given instance. There are supposed to be no devices that are haltering the network and the configuration of the scans from the engines that have been authorized specifically. “There are assessments that assist in the maintained aspect of the systems and the cisco networks” (Felix, 2014).                                                  

Conclusion

This is where the vulnerabilities are documented appropriately for the purpose of documentation. The vendors equipment is set aside to avoid any conflicting aspect and this relates to the free of the risks and the harm that can cause the information systems” (Peter, 2012). The information is spread appropriately and this is to be permitted to have a staff at a given time of scanning.  There are current status of the security and the devices that are found in the residence.

References

Felix, C. (2014). There are assessments that assist in the maintained aspect of the systems and the cisco networks: Hungarian press, Sydney.

Charles, B. (2016). Conflict of interest is avoided in the highest degree possible where the system administrators are not supposed to make the temporary changes to the devices that are connected to the computers, Vol, 45, 567-664.

Samuel, C. (2013). The main responsibility of the policy measure is to impose the institution requirements and the hopes that pertain to the scan conducted in a vulnerability scan conducted, Vol, 34, 45-78.

Peter, G. (2012). The vendors’ equipment is set aside to avoid any conflicting aspect and this relates to the free of the risks and the harm that can cause the information systems. Herman press, Australia.

Our Amazing Features

delivery

No missing deadline risk

No matter how close the deadline is, you will find quick solutions for your urgent assignments.

work

100% Plagiarism-free content

All assessments are written by experts based on research and credible sources. It also quality-approved by editors and proofreaders.

time

500+ subject matter experts

Our team consists of writers and PhD scholars with profound knowledge in their subject of study and deliver A+ quality solution.

subject

Covers all subjects

We offer academic help services for a wide array of subjects.

price

Pocket-friendly rate

We care about our students and guarantee the best price in the market to help them avail top academic services that fit any budget.

Not sure yet?

Get in touch with us or

get free price quote.

Get A Free Quote