As a manager, you will be required to understand and draw conclusions based on security data. Your skills to analyze and interpret security data can help you allocate the required budget and implement appropriate security measures and controls at your organization. The attached file indicates a sample of logins at a fictitious organization. Assume that the company is selling products to business customers via its website. It contains data on the following:
Name of the individual logging in
Organization they represent
Address
Phone Numbers
Email Address
Website the users are logging into
User id
Password
Login Successful? (failed, successful, expired means that the password expired and the users needed to update password)
Account Type (New or Old account)
IP Address from which the users are logging
Authentication Type: Authentication via Phone or OTP (one time password) or Regular (which means using user id and password).
Using this file, you can address questions such as the following:
How many logins have been successful versus how many unsuccessful? What is the percentage of successful versus unsuccessful logins?
What percentage of logins were successful versus failed versus expired (passwords) for different authentication types: call, OTP, regular?
What is the distribution of logins in the categories of successful, failed, expired by state? What are the percentages by state?
What is the distribution of logins in the categories of successful, failed, expired by user id? What are the percentages by user id?
Your organization is thinking of implementing one of the following four policies. If you analyzed the Excel file for passwords, what percentage of passwords will satisfy each of the policies 1, 2, 3, and 4?:
POLICY 1: Password should be at least 8 characters long with at least one number, at least one upper-case letter, and at least one lower-case letter
POLICY 2: Password should be at least 8 characters long with at least one number, at least one upper-case letter, and at least one lower-case letter; in addition, password should contain at least one of the following three special characters: @, #, $
POLICY 3: Password should be at least 10 characters long with at least one number, at least one upper-case letter, and at least one lower-case letter
POLICY 4: Password should be at least 12 characters long with at least one number, at least one upper-case letter, and at least one lower-case letter
Instructions:
You are expected to complete this assignment in Microsoft Excel.
Leave a Reply