CIS 341 All Assignments CIS 341 All Assignments | Page 7

Technical Project Paper: Information Systems Security
Due Week 10 and worth 150 points
Suppose you are the IT professional in charge of security for a small pharmacy that has recently
opened within a shopping mall. The daily operation of a pharmacy is a unique business that
requires a combination of both physical and logical access controls geared toward protecting
medication and funds located on the premises, as well as the customers’ personally identifiable
information and protected health information that resides on your system. Your supervisor has
tasked you with identifying inherent risks associated with your pharmacy and establishing
strong physical and logical access control methods to mitigate the identified risks.
1) Firewall (1)
4) Desktop computers (4)
2) Windows 2012 Active Directory Domain Controllers (DC) (1)
5) Dedicated T1 Connection (1)
3) File Server (1)
Write an eight to ten (8-10) page paper in which you:
Identify at least five (5) potential physical threats that require attention.
Determine the impact of at least five (5) potential logical threats that require attention.
Detail the security controls (i.e., administrative, preventative, detective, and corrective) that
the pharmacy could implement in order to protect it from the five (5) selected physical threats.
Explain in detail the security controls (i.e., administrative, preventative, detective, and
corrective) that could be implemented to protect from the five (5) selected logical threats.
For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e.,
risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen
strategies.