...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system. * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation Domain ...
Words: 508 - Pages: 3
...What are the phases of a computer attack? Phase I: Reconnaissance Probing During the first phase of a computer attack, the attacker will gather as much information as he can to identify the weakest points of entry on a network. It is important that he collects as much information as he can because this will determine how successful the attack will be. An attacker uses various tools found on the internet designed to exploit various targets. He will use those tools accordingly. Some of the tools are: -DNS and ICMP tools within the TCP/IP protocol suite -Standard and customized SNMP tools -Port scanners and port mappers -Security probes Attackers will use these tools to view detailed information about the network. By knowing a specific domain name, an attacker can easily find registered addresses, server names, and domain names via ICMP and WHOIS. Reverse DNS lookup and nslookup also provide searches for DNS information. Phase II: Access and Privilege Escalation Once the attacker has gathered the information they need to facilitate the attack he must make the connection or access the targeted system and gain administrative access. This can be done via secondary remote gateways and/or unattended modem boxes on the outside of an organizations building. An attacker...
Words: 346 - Pages: 2
...Three IT infrastructure domains that would be mostly affected by the “Internal Use Only” data classification standard would be the User Domain, the Workstation Domain, and the LAN domain. The first domain that would be affected is the User Domain. The User Domain defines the people who access an organization’s information system. One of the roles and tasks is that the user can access systems, applications, and data depending upon their defined access rights. Inside the User domain is where the user would find the acceptable user policy or AUP. The AUP defines what users are allowed to do within the organization-owned IT assets. The User Domain is considered the weakest and most affected domain. One reason why is that it has a lack of user awareness. Another reason is that when users are downloading various content and different files, they generally do not conform to the established security guidelines. To protect from these issues, there should be enabled content filtering as well as automatic antivirus scans. A way to protect from an user doing Employee blackmail or extortion is to enable intrusion detection system/intrusion prevention system (IDS/IPS) monitoring. The monitoring will examine the IP data streams for inbound and outbound traffic. A second domain that is affected is the Workstation Domain. The Workstation Domain is where most users connect to the IT infrastructure. A workstation can be a desktop computer, laptop or any device that connects to the network....
Words: 581 - Pages: 3
...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...
Words: 258 - Pages: 2
...William Burns-Garcia NT 2580 Unit 1 Assignment 2 Re: Impact of a Data Classification Standard Per your request, I have included information regarding the data classification standards designed for Richman investments. This report will include information that pertains to the IT infrastructure domains and how they are affected. Though there are several, I want to concentrate on three of the most vulnerable. 1. User Domain: Of all domains, this can be the most vulnerable as it usually affects any user on the network. Most companies should have an Acceptable Use Policy (AUP) with standards that can be monitored at any time. Not only does this policy affect internal users, it should also be enforced by any outside vendors such as, off-site IT support. There should be on-going information sessions to remind users of AUP. 2. Workstation Domain: Every person with access to the network of Richman Investments must have authorized personal credentials to use a workstation assigned to them. A few exceptions can be Major IT administration and authorized upper management. A change password should be implemented no less than 45-60 days on Richman’s network. Administrative passwords should also be changed no less than 30-45 days, Since Administrative access has the most immediate vulnerability. 3. LAN Domain: The Local Area Network (LAN), which includes most things in the computer closet that helps all devices connect to the network. This domain can be vulnerable because...
Words: 364 - Pages: 2
...Unit Assignment 2: Impact of a Data Classification The Internal Use Only data classification standard of Richman Investments has many different infrastructures domains that are affected via internal use only data classification. More than all others, the three infrastructures that are affected the most are the User Domain, Workstation Domain and the LAN Domain. The reason why the User Domain infrastructure is one of the most affected infrastructures is because the User Domain infrastructure is the infrastructure that allows users to access the network. This is a problem because many users do not fully understand everything, all the time and thus is bound to make a mistake sooner or later. With so many users on our network, this is probably the most vulnerable domain infrastructures in our network. The Workstation Domain is also another domain infrastructure that has great reason to be affect by internal use only data because this is where the user connects to the our network. The reason that this can cause security threats and other problems is because this domain can be connected via a personal laptop or even a cell phone or other mobile device. The final infrastructure domain that is greatly affected is the LAN domain. The reason that this domain infrastructure is affected by internal use only data is because this domain is the open domain available companywide, to anybody in the building or even near the building via a wireless device. If we watch these specific areas...
Words: 280 - Pages: 2
...Charles Elliot 6/20/15 To: Richman Investments Employees. Subject: Internal Use Only Policy This report is to inform all members of Richman investments of their Internal Use Only policy. We will be discussing what this policy means, its effect on running day to day tasks on the network, and what protocols we are to follow when under the enforcement of this policy. Internal use only simply means that the data stays on site, or that an organization shares the information internally. And while the information may or may not be of a sensitive nature, there will be no exchange of data or communication of any kind outside of the organization. Any person(s) who wish to gain access to any information within Richman Investments infrastructure must authenticate themselves by logging on to their User profile and entering their password. All Users must agree and adhere to the AUP-Acceptable Use Policy. The AUP is a policy that states what a user can or cannot do with information from Richman Investments. Failure to adhere to the AUP will result in disciplinary actions both in their profession as well as legal disciplinary actions. The workstation is where the User connects to the infrastructure. There are no personal or recording devices or removable media of any kind allowed at the workstation. Richman Investments will provide and devices and removable media themselves, also these devices are never to leave the premises. The infrastructure administrators will determine which information...
Words: 317 - Pages: 2
...VPN access control model for a large scale company. * This policy will support remote access control for systems, applications, and data access. Remote access Defined Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings. The following diagram shows the VPN server that provides remote access VPN connections. Domain/Network Config: For each employee that is allowed VPN access: * The network access permission on the dial-in properties of the user account is set to Control access through NPS Network Policy. * The user account is added to the VPN_Users group in Active Directory. To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS): * Policy name: Remote Access VPN Clients * Conditions: * NAS Port Type is set to Virtual (VPN) * Windows Groups is set to VPN_Users * Calling Station ID is set to 207.209.68.1 * Permission is set to Grant access. NPS policy settings: * On the Constraints tab, under Authentication Methods, for EAP Types select Microsoft: Smart Card or other certificate. Also enable Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to be...
Words: 339 - Pages: 2
...Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 NT1210 Structure and Introduction to ComputerLogic Networking IS3120 IS3110 NT1210 Network Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications ...
Words: 2305 - Pages: 10
...Technical Institute 3825 West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief report on how the...
Words: 530 - Pages: 3
...Dallas Benning NT2580 Unit 1 Assignment 2: Impact of a Data Classification Standard The “Internal Use Only” data classification standards will affect the user domain, the work station domain and the LAN domain. These three domains are the most basic infrastructure domains and the will cover all users in the company. The classification will cover the company telephone directory, employee training materials and internal policy manuals. The User Domain explains the people who have access to the company’s information. This domains will contain all of the user’s information and will enforce the policies that control what information each user is allowed to access. This domain can also be the greatest weakness in a system and needs to be carefully monitored. The Workstation domain is where users are verified and accounts are set up. They will need to have a user name and password assigned to them by the IT department before they can access any systems or data. Also, no personal devices or any forms of removable media will be allow on the network. There will also be policies in place to ensure that each employee only has access to the information that they need to perform their jobs. The LAN domain includes all physical elements of the LAN network. There must be strong security for this domain because it is the entry point to any WAN networks and makes accessing workstations far easier. Users must have background checks and be screened before given access to the physical...
Words: 290 - Pages: 2
...NT2580 Unit 3 Assignment & Lab Unit 3. Assignment 1 - Remote Access Control Policy Definition There are three key parts I will have to take into account while designing a Remote Access Control Policy for Richman Investments. These three parts (Identification, Authentication and Authorization) will not be all for the Remote Access Control Policy, I will need to include the appropriate access controls for systems, applications and data access. I will also need to include my justification for using the selected access controls for systems, applications and data access. The first part I need to implement for this Remote Access Control Policy is Identification, which is defined in this sense as: physical keys or cards, smart cards, and other physical devices that might be used to gain access to something. What needs to be done for the Remote Access Control Policy is a group member policy needs to be setup which uniquely identifies each user. Users should be identified by rank with higher ranking users requiring more authentication. Each individual user should be assigned to a group based on rank with special permissions. Using this system for Identification will make our company more secure in day to day operations. The second part I need to implement for this remote access control policy is Authentication, which is defined as: what you know or passwords, numeric keys, PIN numbers, secret questions and answers. For remote access, there must be...
Words: 477 - Pages: 2
...network client computers, and related aspects of typical network server functions. Client-Server Networking I Syllabus Where Does This Course Belong? 1st QTR GS1140 NT1110 GS1145 Problem Solving Theory Computer Structure and Logic Strategies for the Technical Professional 2nd QTR NT1210 Introduction to Networking NT1230 Client-Server Networking I MA1210 College Mathematics I 3rd QTR NT1310 NT1330 MA1310 4th QTR PT1420 NT1430 EN1320 5th QTR PT2520 NT2580 EN1420 6th QTR NT2640 NT2670 CO2520 7th QTR NT2799 SP2750 Physical Networking Client-Server Networking II College Mathematics II Introduction to Programming Linux Networking Composition I Database Concepts Introduction to Information Security Composition II IP Networking Email and Web Services Communications Network Systems Administration Capstone Project Group Theory The follow diagram indicates how this course relates to other courses in the NSA program: 1 Date: 8/31/2012 Client-Server Networking I Syllabus NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420...
Words: 1834 - Pages: 8
...Mandie Brayley NT2580 – Intro to Info Sec Unit 1 Assignment 2: Impact of a Data Classification Standard When you hear Internal Use Only, the first thing that seems to pop into your head would be that any data transferred has to stay inside wherever the domains are. While there are seven IT infrastructure domains, there are only three that are actually affected by the “Internal Use Only” data standard. These domains are the user domain, workstation domain and the LAN domain. As with all infrastructures these domains have their own tasks and responsibilities. The user domain is the first layer of the IT infrastructure defense system. This domain is used to access systems, applications, data and more. You will also find the AUP or Acceptable Use Policy here. The AUP is a policy tells the user what they are and are not allowed to do with any organization-owned IT equipment. This domain is affected by the Internal Use Only standard because it is the first partition of the IT Infrastructure. After the user domain, we have the workstation domain. This domain is used to configure hardware and hardening systems. Hardening systems is the process of ensuring that controls are in place to handle any known threats. This process is done by ensuring that the infrastructure has all the latest software revisions, security patches, and systems configurations. But these aren’t the only things that go on in the domain, this is also where the antivirus files are verified. While...
Words: 453 - Pages: 2
...NT2580 Unit 2 Assignment 2 10/1/13 1. The five vulnerabilities that exist for this LAN based workgroup are 2755801, 2501696, 2588513 2639658, 2659883. 2. Yes, the vulnerability that involves privilege elevation is 2639658 (Vulnerability in TrueType Font Parsing), but it is not a high priority. 3. 2719662 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry. 2737111 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange. 2755801 Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting...
Words: 257 - Pages: 2