...Selecting Security Countermeasures IS3220 As a technology associate in the information system department at Corporation Tech I have reviewed the new network design and identified possible security threats and appropriated countermeasures. Entering the internet without proper security can be harmful in many ways. The first thing that should be added is a firewall. Firewalls can prevent unwanted traffic from infiltrating the network. This is essential now that the company is deciding to add a web server and internet access. The other priority is to protect business and customer data and to prevent their unauthorized use whether the data is printed or stored locally, or transmitted over a public network to a remote server or service provider. Maintain a Vulnerability Management Program: Vulnerability management is the process of systematically and continuously finding weaknesses in the Corp Techs IT infrastructure system. This includes security procedures, system design, implementation, or internal controls that could be exploited to violate system security policy. Implement Strong access Control Measures: Access control allows Corp Tech to permit or deny the use of physical or technical means to access Corp Techs data. Access will be granted on a business need to know basis. Antivirus software is also needed to make sure the computers and servers aren’t infected with malicious programs that could cause major losses. The WIFI needs to have a password to keep unauthorized users...
Words: 307 - Pages: 2
...You are provided with the following list of privileges, roles, rights, and actions: 1. Must authenticate when accessing network resources 2. Is allowed remote access 3. Periodically reviews all user accounts 4. Authorizes risk assessments 5. Performs security assessments 6. Creates group policy objects 7. May send inbound e-mail 8. Is allowed to install software in a secured network 9. Performs daily log reviews 10. Is allowed to change the firewall rules 11. Manages incident response 12. Provides user awareness training 13. Access the file system within authorized system and groups 14. Develop infrastructure architecture plan 15. Manages Internet service provider (ISP) and Internet connectivity 16. Install patches on production system 17. May delete files from group folder 18. Installs security software 19. Create system users 20. Monitors systems for dormant accounts 21. May request file system changes 22. Develops and implements configuration standards 23. Grants access to resources 24. Create user accounts 25. May make file system changes 26. Run a backup program to capture changes to data and systems 27. May appoint a data/application custodian 28. May disable/delete unused accounts 29. May bypass authentication 30. Approves access to resources In the table given below, you need to relate the matching privileges, roles, rights, and actions to the account type on the left...
Words: 269 - Pages: 2
...| Unit 7 Assignment 1 | Implementation of Authentication Process | | | WLANs (wireless local area networks) are becoming increasingly prevalent, not only in schools, but in many businesses and establishments. They can provide a plethora of benefits within a school environment including flexibility, speed, and resource mobility. A WLAN would assist in ease of use, and make many of the day-to-day functions of school employees easier. If a WLAN were implemented into the school, it would need to have groups with users assigned to their pertinent groups. Possible groups include students, teachers, IT department, administration, counselors, and high-level admin (Principals, Vice Principals). Of course, within the teachers/educators group, would be all teachers in the classroom. Within the IT department group would be the IT department and any other employees involved in managing and configuring any IT systems. Within the administrators group would be anyone in the front office and does daily administration duties within the school. Counselors would include any student or education counselors in the office. Lastly, high-level administrators would be the highest ranking individuals in the school including the Principal and Vice Principal. With any network, including a WLAN, there are inherent risks involved. With a WLAN, the wireless aspect opens up additional avenues for hackers or data being compromised. There could be tech-savvy students who could access the network...
Words: 549 - Pages: 3
...Unit 7 Assignment 1 The scalability of the mobile computing in this infrastructure will benefit the school district by being cost effective and the IT technician would not have to monitor/manage many devices in this environment. Reducing the cost of deployment on WLAN implementation, you will want to address many areas of concern: individuals accessing your network, risk of deploying new Software/Configuration, compliant with standards and laws, classification, encryption, security, protocols, and the use of mobile devices. The implementation of access controls in your WLAN will assist in making your environment a little more secure than without. Utilization of the Acceptable Use Policy (AUP), will instruct staff members and students on how to utilize WLAN correctly by law, policies, and standards. Any individual that is not compliant will be subject to disciplinary measures by the school district. Staff members will use access control Role Base Access Control (RBAC), using this control will assign user rights based on the user’s job specification within the school. As for the student body, students will be issued temporary usernames and passwords that will be issued quarterly. Students will have minimum accessibility to files, folders, and services. All accounts are subject to being audited at any given moment notice. There will always be risk involved with any network. Deploying WLAN in a school environment will be a concern with security always. The protection of data...
Words: 499 - Pages: 2
...test√1, Windows Security Features. Chapter 1; Chapter 2. 2, Secure Access Control. Chapter 3. Lab 1; Assignment 1. 3, Windows Encryption. Chapter 4. IS 3340 - Windows Security - ITT Tech Flint Study Resources www.coursehero.com/sitemap/schools/1177-ITT.../1724144-IS3340/ Looking for help with IS 3340 at ITT Tech Flint? Course ... IS 3340 - Windows Security - ITT Tech Flint Study Resources ...... Quality answers or your money back. IS3340 Lab Unit 5 Assignment 1 : WINDOWS SE IS3340 ... www.coursehero.com/file/8721414/IS3340-Lab-Unit-5-Assignment-1/ Jan 26, 2014 - MOST POPULAR MATERIALS FROM WINDOWS SE IS3340. 1 Page ... IS3340 Lab Unit 5 Security Assessment Potential Risk ... Access Security > Ali > Notes > IS4670_15_Syllabus.pdf ... www.studyblue.com/notes/note/n/is4670_15_syllabuspdf/.../9759518 Feb 7, 2014 - Find and study online flashcards from Access Security. ... IS3350 Security Issues in Legal Context IS3230 Access Security IS3340 Windows Security IS3440 .... Don?t assume there is only one correct answer to a question ? You've visited this page 2 times. Last visit: 5/28/14 [DOC] Assignment www.webonthecloud.com/is3340/Assignments.docx This assignment builds on the scenario of Ken 7 Windows Limited, which was ... Provide the answers to the following questions to satisfy the key points of ... IS3340 Windo ws Security STUDENT COPY: Graded Assignment Requirements. [DOC] Syllabus - ITT Tech. www.webonthecloud.com/is3340/Syllabus.docx IS3340. Windows Security...
Words: 287 - Pages: 2
... Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 NT1210 Structure and Introduction to ComputerLogic Networking IS3120 IS3110 NT1210 Network Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...
Words: 2305 - Pages: 10
