...Week 3 Course Lesson Plan IT2580 Introduction to Information Systems Security—Unit 3 Mr. Phillip Parrinelli pparrinelli@itt-tech.edu 619-327-1800 Unit 3: Appropriate Access Controls for Systems, Applications, and Data Access Learning Objective Explain the role of access controls in implementing security policy. Key Concepts The authorization policies applying access control to systems, application, and data The role of identification in granting access to information systems The role of authentication in granting access to information systems The authentication factor types and the need for two- or three-factor authentication The pros and cons of the formal models used for access controls Reading Kim and Solomon, Chapter 5: Access Controls. GROUP ACTIVITY Discuss and complete the following worksheet: ------------------------------------------------- IT2580: Unit 3 Types of Authentication Instructions: In the following table, identify the type of authentication for the given authentication methods. Authentication Method | Authentication Type (Knowledge, Ownership, or Characteristic) | Password | | Smart card | | Fingerprint | | Personal identification number (PIN) | | Token | | Badge | | Signature | | ------------------------------------------------- DISCUSSION ------------------------------------------------- IT2580: Unit 3 Access Controls Discussion: Access controls can be...
Words: 716 - Pages: 3
...NT 2580 Intro to Info Security Project part 1 December 8, 2015 Headquarters Phoenix, AZ Branch 1 Branch 2 Branch 3 Atlanta, GA Chicago, IL Cincinnati, OH User Domain * Have employees sign confidential agreement * Introduce an AUP acceptable use policy * Have HR verify an employee’s identity with background checks * Conduct security awareness training * Enable content filtering and antivirus scanning * Restrict access to only info needed to perform job * Track and monitor abnormal behavior of employees Workstation Domain * Implement workstation log on ids and password * HR must define proper access controls for workers based on jobs * IT security must then assign access rights to systems, apps, and data * IT director must ensure workstation conforms to policy * Implement second level test to verify a user’s right to gain access * Start periodic workstation domain vulnerability tests to find gaps * Define workstation application software vulnerability window policy * Use content filtering and antivirus scanning at internet entry and exit * Mandate annual security awareness training LAN Domain * Setup of user LAN accounts with logon ID and password access controls * Make sure wiring closets, data centers , and computer rooms are secure * Define strict access control policies * Implement second level identity check * Define a strict software vulnerability window policy ...
Words: 1912 - Pages: 8
...Some of the strategies to harden a VPN Network are: Quarantine Control Quarantine Control provides phased network access for remote (VPN) clients by restricting them to a quarantine mode before allowing them access to the network. After the client computer configuration is either brought into or determined to be in accordance with your organization's specific quarantine restrictions, standard VPN policy is applied to the connection, in accordance with the type of quarantine you specify. Quarantine restrictions might specify, for example, that specific antivirus software is installed and enabled while connected to your network. Although Quarantine Control does not protect against attackers, computer configurations for authorized users can be verified and, if necessary, corrected before they can access the network. A timer setting is also available, which you can use to specify an interval at which the connection is dropped if the client fails to meet configuration requirements. VPN client credentials The credentials received by Forefront TMG when a user connects through a VPN client connection can vary depending on the connection scenario. When a user establishes a VPN connection from a client computer, Forefront TMG associates those credentials with the connection. Note that if other users use that connection, Forefront TMG will not receive their credentials, but will continue to associate the traffic with the credentials used to establish the connection, which could...
Words: 890 - Pages: 4
...To create an effective multi-layer security plan, all seven of the domains of the IT infrastructure must be addressed. An improvement on each of the domains will help to fight against an attacker. For this part of the project we will address five of the domains. Probably the best place to start beefing up security is with the user domain. Most attacks on security are from users. You cannot allow users to have simple passwords. A complex password is paramount to defending the user domain. A complex password is at least eight characters, uses a mix of upper and lower case letters, and contains special characters such as an @ or $. Passwords need to be changed regularly as well. They should be change every so many months and users should not be able to use a password twice in a year. In the LAN domain we need to protect against malicious emails. Users should know better than to open suspect emails at work, but a reminder could not hurt. Spam filters are extremely important so that user do not get as many suspect emails. In the workstation domain we need to make sure our workstations are protected. Internet security or at least antivirus should be used an all workstations. It seems like a no brainer in this day and age, but we still need to ensure it is implemented. Another way to secure our workstations is to encrypt the hard drives. We should also deactivate all media ports. In the WAN domain we need to set up firewalls. The firewalls we block things our company does not...
Words: 335 - Pages: 2
...Unit 7 assignment 2 design an encryption strategy Richman Investment needs and new enterprise encryption strategy. This is for a more secure network. They are wanting to grow to 10,000 employees worldwide. Richman Investment wants to operate out of 20 different countries in the future. This is very easy to do but to have a secure network there are many things that would have to happen which will make this more difficult to do. Have a secure network takes a lot of work and has to be monitored 24 hours a day 7 days a week. There are many different ways to go about this topic the one I am going to pick is a public key infrastructure (PKI). One of the security options that we are going to use is Privacy or confidentiality. This will keep all information secret from all people unless you are authorized to see it. This will help with employee’s not finding things that they should not see like social security numbers, address, and sensitive documents for the company and so on. Having this as a security options is great. I would implement this on all of the networks that I would manage. The next feature that I will suggest to Richman Investment would be Access control. Access control restricts access to network resources and would require the user to have privileges to the resources. This would go hand and hand with the first feature that I suggested. You will need this for the first feature that I picked to give the users proper permissions to resources and this will help keep...
Words: 338 - Pages: 2
...Windows 8 is a Microsoft operating system that is designed for home users as well as for business purpose. Its development started even before its predecessor’s release Windows 7 in 2009.Windows 8 is a system that is particularly orientated to touchscreen hardware. There are some important changes and additives that make it look and differently than the users are used to. For example, the Start menu is completely substituted by a Start screen that can be taken away from the desktop easily by touch screen pen and also by just a normal mouse or keyboard key combination. It contains all the important applications also the ones that are active at the moment. All the icons in the old version of the operating system are changed into tiles that can be juggled with. It can stay constantly on the screen or can be hidden.And now the most important that users expect to hear – when will it be available for the public and for what price? The official release date is the 26th of October, 2012. It was preceded by three pre-release editions while still being developed and tested for the period of the 13th of September 2011 until 31st of May 2012. There will be four editions issued on the market – two general editions just for conventional use, one Pro release of Windows most ardent devotees and Enterprise edition which is for business purposes. ² Windows 8 is the current release of the Windows operating system, produced by Microsoft for use on personal computers, including home and business...
Words: 327 - Pages: 2
...WEEK 8, ASSIGNMENT 2Ireti Kayode Strayer University | | CIS 175 Dr. William McConnell12/03/2013 | | | | | Ocper, Inc. Server Proposal Given Ocper, Inc.’s expanding network scenario there is a clear need to maximize the available resources between employees then it is appropriate to add additional servers to facilitate the sharing of files as well as the configuration of remote access services to allow for remote and secure working. In order to complement the existing network scenario this proposal is based around the configuration and deployment of Microsoft Windows Server 2012 as the network operating system. This is a stable and secure server environment which will allow the designated services to be configured and will equally allow for scalability while at the same time decreasing the overall maintenance and administration to support the network and associated servers. Given the size of the current organization and the IT systems at present, Windows Server 2012 Standard edition would be the most appropriate version for deployment as this will also keep the up-front costs down to a minimum – there is no requirement for the Enterprise Edition whose features will not be required in this implementation. One of the critical roles for the new server implementations will be that of a File Server capability – this can be easily configured within the Ocper, Inc. network through a Static IP address being assigned to this machine and then the...
Words: 630 - Pages: 3
...Updating From Microsoft Windows XP to Microsoft Windows 7 A lot of problems can arise when trying to update an older machine such as this from Microsoft Windows XP to Microsoft Windows 7. Microsoft has not made it easy for XP users to move to Win7. You won't be able to run the upgrade disk and have the newer operating system install on top of XP, leaving your data and programs in place. Instead, you have two options: 1. You can do a Clean install, in which you wipe the hard drive clean and install a virgin copy of Windows 7, then reinstall your software and copy your data back to the drive. 2. You can do a Custom install, in which your older setup is squirreled away in a folder called WINDOWS.OLD. This will include your program files, though you won't be able to run your software from there. It will also include data files, but you shouldn't rely on this as your sole backup strategy prior to upgrading. First and foremost When performing and update such as this: make sure that all hardware on the machine that is being updated is compatible and will meet Windows 7's minimum system requirements. A good way to do this is simply to go to the Microsoft website and download the windows 7 advisor at: http://windows.microsoft.com/en-us/windows/downloads/upgrade-advisor. This tool can be very helpful in determining if a system is capable of running windows 7. Some of the Windows 7 system requirements are: * 1 GHz processor (32- or 64-bit) * 1 GB of RAM (32-bit); 2 GB of...
Words: 498 - Pages: 2
...The current architecture of the Riordan Manufacturing Company Inc. Wide Area Network and network security in place requires updated documentation. The purpose of this paper is to gather the existing information into a single format and evaluate the WAN and security documentation for an executive overview. Riordan Manufacturing, Inc. is an industry leader in the field of plastic injection molding. With state-of-the art design capabilities, they create innovative plastic designs that have earned international acclaim. Attention to detail, extreme precision and enthusiastic quality control are the hallmarks of Riordan Manufacturing. With facilities in San Jose, California, Albany, Georgia, Pontiac, Michigan and Hangzhou, China, the company is heavily dependent upon their communication networks. The documentation produced by this analysis will give the management at Riordan Manufacturing an understanding of their networks today, a plan for future upgrades and a baseline to evaluate security. The goal of this exercise is three fold. Our first will be to provide an inventory of the existing network components for Riordan Manufacturing designated by location, review the network security for each site, and our last goal is to document the current security plan for use in future planning. Because of the limited scope of the project, several assumptions must be made. The first assumption is that Riordan Manufacturing has accurate records of the current infrastructure and no changes will...
Words: 11081 - Pages: 45
...Курс по операционным системам (на примере ОС Windows) Основан на учебном курсе Windows Operating System Internals Curriculum Resource Kit (авторы David A. Solomon, Mark E. Russinovich, Andreas Polze), Цель курса: дать основы функционирования современных операционных систем на примере ОС Windows с возможностью модификации исходного кода учебной операционной системы (Project OZ) с последующей её сборкой и отладкой на виртуальной машине. Краткое содержание курса Тема 1: Введение в операционные системы Тема 2: Принципы функционирования операционных систем Тема 3: Параллельное выполнение операций Тема 4: Планировщик задач Тема 5: Управление памятью Тема 6: Управление устройствами и система ввода-вывода Тема 7: Защита и безопасность Тема 8: Файловая система Тема 9: Встраиваемые системы и реальное время Тема 10: Отказоустойчивость Тема 11: Оценка производительности Тема 12: Автоматизация управления Дополнительные разделы Тема 1: Сетевые возможности Windows Тема 2: Сравнение ядер Linux и Windows Тема 3: Возможность взаимодействия Windows и Unix Содержание разделов курса Тема 1: Введение в операционные системы Обзор курса Эволюция операционных систем Семейство операционных систем Windows – концепции и инструменты Тема 2: Принципы функционирования операционных систем Структурирование операционных систем Windows Базовые механизмы работы Windows Окна в ОС Windows Windows API – типы данных и соглашения о именовании идентификаторов Тема 3: Параллельное...
Words: 447 - Pages: 2
...Windows 3.0 was released May, 22 1990. Microsoft Windows 3.0 full version was priced at $149.95 and the upgrade version was priced at $79.95. 1991 Following its decision not to develop operating systems cooperatively with IBM, Microsoft changes the name of OS/2 to Windows NT. 1991 Microsoft Windows 3.0 or Windows 3.0a with multimedia was released October, 1991. 1992 Microsoft Windows 3.1 was released April, 1992 and sells more than 1 Million copies within the first two months of its release. 1992 Microsoft Windows for Workgroups 3.1 was released October, 1992. 1993 Microsoft Windows NT 3.1 was released July 27, 1993. 1993 Microsoft Windows 3.11, an update to Windows 3.1 is released December 31, 1993. 1993 The number of licensed users of Microsoft Windows now totals more than 25 Million. 1994 Microsoft Windows for Workgroups 3.11 was released February, 1994. 1994 Microsoft Windows NT 3.5 was released September 21, 1994. 1995 Microsoft Windows NT 3.51 was released May 30, 1995. 1995 Microsoft Windows 95 was released August 24, 1995 and sells more than 1 Million copies within 4 days. 1995 Microsoft Windows 95 Service Pack 1 (4.00.950A) is released February 14, 1996. 1996 Microsoft Windows NT 4.0 was released July 29, 1996. 1996 Microsoft Windows 95 (4.00.950B) aka OSR2 with FAT32 and MMX support is released August 24, 1996. 1996...
Words: 1502 - Pages: 7
...NTFS AND HYPER V The New Technology File System (NTFS) is the standard file structure for the Windows NT operating system. It is used for retrieving and storing files on the hard disk. The NTFS introduced a number of enhancements, including innovative data structures that increased performance, improved metadata, and added expansions like security access control, reliability, disk space utilization, and file system journaling. The NTFS replaced the OS/2 High-Performance File System and the Windows 95 file allocation table (FAT), which was used in MS-DOS and earlier operating system versions. NTFS is also used with Windows 2000, Windows XP, and Windows Server 2003.NTFS was initially designed for the Intel i860 XR processor released by Microsoft in 1993. Although IBM and Microsoft worked together to create the graphical operating system known as the OS/2, they disagreed on many important issues and they eventually separated. IBM continued to work on the OS/2, while Microsoft started working on Windows NT. The OS/2 HPFS had many new features that were also used with Windows NT. Both HPFS and NTFS share the same disk partition identification type code (07), which is unusual because there are dozens of codes available. The new reliable features of the NTFS include a fault tolerance system that automatically repairs hard drive errors without error messages. The NTFS also retains detailed transaction records that keep track of hard drive errors. This feature is beneficial in...
Words: 651 - Pages: 3
...H Hoffman Trucking Operating Systems Overview POS 355 January 23, 2012 Hoffman Trucking Operating Systems Overview Hoffman Trucking is using a mix of operating systems based on technology which is at least ten years old. The company started out in Cleveland, Ohio and really started to grow with the acquisition of five other regional trucking companies from 1948 through 1976 and became a national carrier after 1980. The home office’s current operating systems consist of a mainframe system probably running Unix or Linux in the maintenance plant. The users interface with the mainframe through dumb terminals connected to a token ring network. The administrative offices use Novell 5.1 to handle directory services, Lotus Notes to handle e-mail services, Linux is used at the operating system for the web server, A Macintosh computer for marketing, Windows 2000 Workstation, Windows XP Pro and ten machines running Windows 2000 Server. These systems are also running on a token ring network with a Fractional T1 connection to the Internet to allow communications with the other offices. The Missouri office is a mirror image of the home office. The offices in New Jersey and California are also duplicates of each other but are totally different in architecture. The office system are very old as well centering around Microsoft operating systems ranging from Windows 3.1 which is a DOS based operating system to Windows 2000 Server running as the IIS server. Other operating systems...
Words: 460 - Pages: 2
...Microsoft Windows File Systems Jon Bartholf POS421: Windows Server Networking December 13, 2010 Ali Shokraee TABLE OF CONTENTS INTRODUCTION..................................................................................................................... 3 FILE AND FILE SYSTEM: WHAT THEY ARE.................................................................. 3 FILE ALLOCATION TABLE (FAT)...................................................................................... 4 FAT12 (12-bit)....................................................................................................................... 4 FAT16 (16-bit)....................................................................................................................... 4 FAT32 (32-bit)....................................................................................................................... 5 HIGH PERFORMANCE FILE SYSTEM (HPFS)................................................................ 5 NEW TECHNOLOGY FILE SYSTEM (NTFS).................................................................... 5 CONCLUSION.......................................................................................................................... 6 APPENDIXES............................................................................................................................ 7 Appendix A: File Allocation Table (FAT) Bit and Usage (Figure...
Words: 1524 - Pages: 7
...Roberto Gonzalez Cpmt 1445 04/06/10 http://technet.microsoft.com/en-us/library/cc722173(WS.10).aspx Microsoft Windows Vista includes Windows Reliability and Performance Monitor, which is a Microsoft Management Console (MMC) snap-in that combines the functionality of previous stand-alone tools including Performance Logs and Alerts, Server Performance Advisor, and System Monitor. It provides a graphical interface for customizing Data Collector Sets and Event Trace Sessions. http://technet.microsoft.com/en-us/library/cc766260(WS.10).aspx This collection contains information to help IT Pros troubleshoot and resolve specific system errors and events, as well as networking and Group Policy issues. It also provides links to general Windows Vista troubleshooting topics at the Windows Vista Help and How-to Support site and Windows Vista Solution Center site. http://technet.microsoft.com/en-us/library/cc766048(WS.10).aspx Windows Recovery Environment (Windows RE) is an extensible recovery platform based on Windows Preinstallation Environment (Windows PE). When the computer fails to start, Windows automatically fails over into this environment, and the Startup Repair tool in Windows RE automates the diagnosis and repair of an unbootable Windows Vista installation. Furthermore, Windows RE is a starting point for various tools for manual system recovery. The primary audience of this technology includes original equipment manufacturers (OEMs), original device manufacturers...
Words: 318 - Pages: 2