Essay Available:
You are here: Home → Coursework → Literature & Language
Pages:
5 pages/≈1375 words
Sources:
10 Sources
Level:
Harvard
Subject:
Literature & Language
Type:
Coursework
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 21.6
Topic:
Management of Information Security (Coursework Sample)
Instructions:
Use a software of your choice (spreadsheet, database, statistical package etc) to analyze the provided SAP Security Audit Log File (Userdata.xls), and generate the required eight user activity reports listed below and provide a brief description for each user activity report (About 500 words in total for all eight required reports/graphs) (hint this assignment 2 task 2 is best done using MS Excel pivot tables or Microsoft Access database SQL queries). The required eight user activity reports are:
1. Alphabetic list of all actions and their frequency by any selected user, e.g. USER-040.
2. List of users performing unsuccessful activities.
3. List of transaction codes performed, with their frequency by each user.
4. List of users engaging in security-related actions.
5. Top 10 users in terms of frequency of activity.
6. List of users who are dormant – in the range USER-001 to USER-050.
7. You should also produce at least 2 reports or charts based on any of the above previous reports that summarise user activity over time using YYYYMM date format.
source..
Content:
MANAGEMENT OF INFORMATION SECURITY
By (Name)
(Course)
(Tutor)
(University)
City
The Date
TASK 2
Specifications
The excel file provided contains summarized records of the activity of users on a SAP R/3 System. Each of the user records is composed of the following fields: USERID to identify a given user of the SAP system, YYYYMM to specify the month and year when a user action took place, TCODE to represent the transaction that a user has performed, TEXT to specify the result of a transaction action – success or failure, TCODESTAT stands for the transaction code of each user action specifying whether the given action was failed (-1) or was successful (-0), TCD is a field similar to TCODESTAT except that it does not have -1 or -0, TSTATUS shows whether an action was successful or not (0/1), TCOUNT gives the frequency of user action is a given period YYYYMM, and finally TTEXT describes TCODE.
Requirements
1 Alphabetic list of all actions and their frequency by any selected user, e.g. USER-040.
Description
The question requires an alphabetical list of user actions and the frequency with which they occur. In this instance, USER-001 has been selected. The frequency of actions by USER-001 has been listed and the actions arranged in an alphabetical order. Excel spreadsheet pivot tables have been used to select and filter out the user. In total 44 actions have been discovered and listed in SHEET 1 as shown in the table below. SHEET 3 has been used to organize the actions in an alphabetical order as shown in figure 1 below. TOTAL represents the total frequencies of the specific transaction codes.
Table SEQ Table \* ARABIC 1 - All USER-001 Actions and their Frequency
Figure SEQ Figure \* ARABIC 1 - Actions in Alphabetical Order with Frequencies
2 List of users performing unsuccessful activities.
Description
The TSTATUS column of the spreadsheet shows whether actions or activities performed by specific users are successful or failed. The data is extracted and used to come up with a list of the users who performed unsuccessful actions. Failed activities are represented by TSATUS ‘1’ while successful ones are represented by TSTATUS ‘0’. The figure below shows a list of users with unsuccessful actions. SHEET 2 has the full list of 91 users. However, the figure below shows just a section of the users.
Figure SEQ Figure \* ARABIC 2 - List of Users with Failed Actions
3 List of transaction codes performed, with their frequency by each user.
Description
In SHEET 3, I have calculated the total frequency of transaction codes performed by each user. There are 49 users in total. I have indicated their blank total in the sheet. Only the required fields have been taken. The table below will capture just a section of the whole list of users with the frequency of their transaction codes.
Table SEQ Table \* ARABIC 2 - List of All Users with TCODEs
4 List of users engaging in security-related actions.
Description
From the whole spreadsheet provided, I have taken a list of users that are concerned with security related actions as specified in the TEXT column. The users have then been listed in SHEET 4 with the columns being USERID and TCODE. In total, 352 uses were found to engage in security-related activities. However, the figure below represents just a section of the users.
Figure SEQ Figure \* ARABIC 3 - Users Engaging in Security-Related Actions
5 Top 10 users in terms of frequency of activity.
Description
From the data provided users are ranked based on the frequency of their activities then the top 10 are selected. SHEET 5 captures the USERIDs and frequencies of Top 10 users. The users are: USER-041, USER-12, USER-040, USER-022, USER-006, USER-018, USER-020, USER-026, USER-017, and USER-007 as shown below.
Figure SEQ Figure \* ARABIC 4 - Top 10 Users in Frequency
6 List of users who are dormant – in the range USER-001 to USER-050.
Description
Users whose TSTATUS is represented by (*) instead of 0 or 1 are deemed DORMANT. From the SAP_Security_Log sheet, a table of dormant users within the given range can be obtained. The dormant users are those that have not performed any action within the period specified. The figure below shows a list of the dormant user with the respective transaction codes, periods and frequency as obtained in SHEET 6. From the table, it is noted that only USER-033 fits inside the range.
Figure SEQ Figure \* ARABIC 5 - Dormant Users (USER-001 - USER-050 range)
7 You should also produce at least 2 reports or charts based on any of the above previous reports that summarise user activity over time using YYYYMM date format.
Description
The question requires us to produce chars based on the reports above. The charts are generated below with bars and columns. Each chart is described using the YYYYMM date format.
Question 5 in TASK 2 above requires that Top 10 users in terms of frequency of activity be listed. The chart below captures exactly at January 2016.
Figure SEQ Figure \* ARABIC 6 - Top 10 Users in Frequency
From the chart, it can be noted that the highest frequency is 77 which is performed by USER-041.
A chart can also be used to represent dormant users as shown below.
Figure SEQ Figure \* ARABIC 7 - Dormant Users
From the graph, it is clear that USER-033 is the only dormant user in the group of dormant users between USER-001 and USER-050.
TASK 3
Specifications – Analysing SAP System-Wide Security Settings
The System-wide security settings of the SAP R/3 system are reviewed. The excel file provided contains user security information from the SAP system. The file is opened to view the system-wide security settings. The relevant literature on SAP System Security settings is researched and used to fill the table below on the recommended values of each setting.
Requirements
Task 3a) SAP System Security Setting
SAP System-Wide Security Settings
User-Defined Value
System Default Value
Recommended
Value
User-Defined Value
No auto user SAP*
0
0
0
0
Failed logins to end
0
3
3
0
Failed logins to lock
5
5
5
5
Auto failed unlock
0
0
1
0
Min password length
0
6
7
0
Password expiry (days)
0
0
40
0
Idle Screen logout (seconds)
1800
1800
900-1200
1800
No check on Tcodes
0
0
Y
0
Login client No
100
100
100
100
Task 3b) Evaluation of each SAP System Security Settings
1 No auto user SAP*
By default this parameter has deleted the automatic use of SAP which enables easy log in by the use of SAP and the password PASS. It grants unrestricted system access privileges to SAP to counter the absence of the user master record. The use of the id SAP is discouraged since it can customize various activities.to discourage security breaching and destruction of the entire company, the id SAP is not recommended for emergency users.
2 Failed logins system end
It clearly defines the number of times a password can be entered inc...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Other Topics:
- Tata Jaguar Land Rover Case StudyDescription: Tata Jaguar Land Rover Case Study Literature and Language Coursework...14 pages/≈3850 words| 20 Sources | Harvard | Literature & Language | Coursework |
- Ethical LeadershipDescription: The values of a leader are central to his leadership style because of the impact they have on organizations value and the need to engage their members in accomplishing organizations goals...3 pages/≈825 words| No Sources | Harvard | Literature & Language | Coursework |
- Training RequirementsDescription: The training requirement includes customer database application end user and corporate privacy guidelines training...4 pages/≈1100 words| 3 Sources | Harvard | Literature & Language | Coursework |