...IS3230 Access Security Unit 1 Introduction to Access Control, Authentication, and PKI skong@itt-tech.edu k @itt t h d © ITT Educational Services, Inc. All rights reserved. Learning Objective and Key Concepts Learning Objective Define authorization and access to an information technology (IT) infrastructure based on an access control policy framework. Key Concepts Access control policies, standards and procedures, and guidelines U.S. Federal d State U S F d l and St t compliance l li laws Fundamental access control concepts Identification, authentication Identification authentication, and authorization IS3230 Access Security © ITT Educational Services, Inc. All rights reserved. Page 2 EXPLORE: CONCEPTS IS3230 Access Security © ITT Educational Services, Inc. All rights reserved. Page 3 Access Control Enables an authorized person to control access to areas and resources in a given physical facility or computer-based information system IS3230 Access Security © ITT Educational Services, Inc. All rights reserved. Page 4 Primary Components of Access Control Policies: Defined from laws, requirements, and industry guides Subjects: People who need to access or are restricted from accessing Objects: Resources or information that need protection IS3230 Access Security © ITT Educational Services, Inc. All rights reserved. Page 5 Compliance Laws and Industry Guides Federal Laws State Government Laws Industry Guides IS3230 Access...
Words: 836 - Pages: 4
...Antonio Johnson Class: Access Security Unit: IS3230 September 25, 2014 Lab 2 Design Infrastructure Access Controls for a Network Diagram Lab 2 Answers 1. To check it there I any malware, updates where it be made, and to know if any other viruses are the system or application 2. help to cut down storage and backup cost, to meet legal regulatory requirements for retrieving specific information within a set timeframe. Data strategies are different types and volume. 3. Have backup/ restore for the patch management 4. Networking monitoring allows real-time communication to take place on a data path that’s established and does change. Performances monitoring is circuit-switched networks known for stability and reliability with industry standards, it alarms the network engineers of new attack protocols. It also helps secure IT infrastructure be increasing storage needs 5. I think passwords and PIN are required for multi-factor authentication 6. Systems/Application domain because attackers will target that first. 7. Network-based firewall is a computer network firewall operating at the application layer protocol stack. Hose-based firewall is monitoring any application input, output, or systems services calls are made from. I put in the implementation, the firewall will block out malware and it let me know when the firewall needs to be updated. 8. Consuming Entering Using All 3 controls use permission called authorization which gives users right to...
Words: 323 - Pages: 2
...Course: IS3230 Lab 1 1. Discretionary Access Control Lists form the primary means by which authorization is determined. An ACL is conceptually a list of <account, access-rights> pairs. 2. Sometimes an entire group needs access or permissions, and by giving the group permission any new person will automatically be given the permissions needed, with no need to add each person individually. 3. Modify, Read & Execute, Read, Write, List contents. 4. Read only, sometimes users need to be able to get information from the network, but without them being able to modify anything. 5. Some password policies are, password length, character diversity, time required to change password. 6. The only time it’s a good idea is when an application needs to read stored passwords. Normally they are encrypted, so storing passwords using reversible encryption should be done on a per-user basis. 7. Local group policies govern smaller groups on the network such as a hand full of machines or users. A domain group policy affects every workstation or user on the domain. 8. Local GPO, GPO linked to sites, GPO linked to domains, and GPO linked to organizational units. 9. Administrative Templates are a large repository of registry-based changes (in fact, over 1300 individual settings) that can be found in any GPO on Windows 2000, Windows XP, and Windows Server 2003. The Administrative Templates are Unicode-formatted text files with the extension .ADM and are used to create the Administrative...
Words: 335 - Pages: 2
...Lab #3 – Assessment Worksheet Identify & Classify Data for Access Control Requirements Course Name & Number: IS3230 ______________________________________________________________ Student Name: Heather Young ______________________________________________________________________ Instructor Name: MR. Gibbs _____________________________________________________________________ Lab Due Date: Jan. 2014 _______________________________________________________________________ Overview This lab provides the student with the opportunity to develop a data classification standard with procedures and guidelines to classify data access based on the job responsibilities – not an organizational position. In this lab, students aligned a data classification standard with the job function and roles that are required to access specific data. This alignment allows access controls policy definition to be properly implemented throughout the IT infrastructure to mitigate risk from unauthorized access. Lab Assessment Questions & Answers 1. What is the Data Classification Standard used in the U.S. Department of Defense (DoD)/Military?Google “Data Classification Standard + DoD”. Summarize the different data classifications. Top Secret- highest level of information sensitivity Secret- information that would cause serious damage, most common classification level Confidential- Is the lowest of sensitivity. This information may only be handled by personnel with a clearance, may...
Words: 993 - Pages: 4
... Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 NT1210 Structure and Introduction to ComputerLogic Networking IS3120 IS3110 NT1210 Network Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...
Words: 2305 - Pages: 10
...Jasimere Fairman IS3230 Project: Access Control Proposal In this report we will be discussing making improvements to our great company, Integrated Distributors Incorporated (IDI). We are a publicly traded company that is headquartered in Billings, Montana with over 4,000 employees in 8 locations spread all throughout the world. This multinational organization operates a fleet of freight delivery trucks at each location, while also offering freight forwarding and storage, has multiple business accounts with high level retailers, Federal, and large State governments. Recently, IDI has suffered a number of network compromises through an unsecured JV website leading to the exposure of extremely sensitive business strategies pertaining to current company documented developments. These leaks were ultimately the result of the company’s IT core infrastructure being ignored for far too long and having the majority of its operating locations running severely outdated hardware and software. This is where my team and I come in. With the understanding that this will be a process, we will be recommending a plan for phased improvements to IDI’s IT Infrastructure. Presently, the organization’s infrastructure weaknesses far outweigh its’ strengths. The obvious problem is with the hardware and software being extremely outdated, but one of major weaknesses is the lack of security implementations at some of the sites. As I completed further evaluations of some of IDI sites, the decision became...
Words: 3307 - Pages: 14
...Unit 1 – Integrated Distributors Incorporated Marcial Norori IS3230 Mr. James Hollis ITT Technological Institute – Miami 5/29/2014 IDI cannot continue operating with a neglected IT infrastructure. A plan needs to be prepared to identify every issue with the IT infrastructure. Such plan should describe actions to eliminate or mitigate the risks, and provide a framework within which the improvement, development and delivery of information technology could be increasingly responsive, stable, and secure in the coming years. Some of the upgrades included on that plan are the following: •Network infrastructure should be upgraded to Gigabit Ethernet, considerably increasing network speed •Port speed needs to be increased from 10 Mbps to 100 Mbps •IDI Internet bandwidth should double immediately and significantly increased annually from that point forward •Deteriorating network infrastructure components have to be identified, replaced, and upgraded, and network reliability improved through the implementation of greater redundancy •Digital modems should replace the analog modems, improving reliability and connection speed •Wireless network standards need to be developed and implemented, and wireless access needs to be provided to several other locations •A new central directory needs to be created and developed as the authoritative source for identity information and authentication •A state-of-the-art backup system will be implemented for centralized backup of enterprise...
Words: 3341 - Pages: 14
