Competencies Measured By successfully completing this assignment, you will demonstrate your proficiency in the following course competencies and scoring guide criteria: Competency 2: Describe...

Competency 2
Determine access control application and identify management to protect stored data, data in transit, and/or data in use in the company.
The identity and access management can be defined as the framework and this framework can be used for technologies, policies and the business processes to provide the digital identities for the management. This framework can be used by the managers of information technology and help them to control the user access for critical information residing in the organization.
All the systems which are used for the access management can be the single sign on system, two factor authentication, multi factor authentication and privileged access for the management. All these technologies can be used in the organization, and it help them to get the ability of storing profile and identity data of the users at the secured place and utilise data governance functions to make sure that the data is shared which is required and relevant. This system can be used by organization in multiple manners. This identity and access management system can be easily deployed with the help of third-party vendor, hybrid model and on premises. It can be done with the help of cloud-based subscription model.
Define at least two policies or guidelines to include in the organization's data security manual.
There are many policies or the guidelines which can be used in the manual of data security in the organization but the most commonly used are acceptable use policy and access control policy. in the acceptable use policy, it has guidelines for practices and constraints which can be implied over the employees who are using assets of the organization and they need to agree to all the guidelines so that they are able to access corporate network or the Internet. It behaves like the standard for the employees who are joining the organization and each of them will be provided the acceptable use policy for reading it and then signing before they are granted to use the network. It is recommended that legal, HR, security and IT department of the organization discusses about the all the points which need to be included in the policy.
Another one is access control policy which is used for securing information systems and data of the organization. The access control and implementation guides and there are few other topics which are included in the access control standards and other items which are covered in this policy for network access control, user access, complexity of the passwords and operating system software controls.
Competency 3
Describe vulnerabilities and threats associated with data being stored, in transit, and in use.
The data can be in motion or in transit or it can be moving from one location to another across the network or through the private...