...infrastructure. Key Concepts Confidentiality, integrity, and availability (CIA) concepts Layered security solutions implemented for the seven domains of a typical IT infrastructure Common threats for each of the seven domains IT security policy framework Impact of data classification standard on the seven domains Reading Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work: Data Classification Standard Information System Information Systems Security Layered Security Solution Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions. Assignment Requirements This is a matching activity. You will receive the Match Risks/Threats to Solutions worksheet, which contains a numbered list of common risks and threats...
Words: 1409 - Pages: 6
...virtualized environment because they had a limited budget for new hardware. They needed a secure solution that would meet HIPAA requirement concerning the security of patient data. XYZ requires all users to connect to their environment through a VPN connection bound to the Cisco ASA firewall. They have three user groups that will need to have access to the environment; however, they have multiple clients that need to remain separated when connected to the network. Given these requirements by XYZ, it was clear they wanted an Active Directory integrated environment so that users would be grouped by job function and by client. XYZ would need at least three high level Organizational Units (OUs), one for each job function; they would also potentially need an OU for each client. They would need Group Policy Objects (GPOs) to provide ease of administration once the design was complete as well as provide access policies to the environment based on job function. Provided with these requirements, background information and expectations of XYZ, it was obvious that a multiphase approach to the project was required. We divided the project into logical phases as follows: • A design phase where the physical network will be defined as well as the server environment using Microsoft’s suggested best practices for physical and virtual machines. The Active Directory Domain will be laid...
Words: 5873 - Pages: 24
... 1. Configure user accounts and access controls in a Windows Server according to role-based access implementation 2. Configure user account credentials as defined policy, and access right permissions for each user 3. Create and administer Group Policy Objects for the management of Windows Active Directory Domain machines within the IT infrastructure 4. Apply the correct Group Policy Object definitions per requirements defined by policies and access right permissions for users 5. Assign and manage access privileges as requested in the case study to apply the recommended and required security controls for the user accounts Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? DACL means discretionary access control list and it is a type of access control defined by the trusted computer system evaluation criteria. 2. Why would you add permissions to a...
Words: 1428 - Pages: 6
...to join all offices into a domain where all workstations and printers are joined together. B. Results B.1. Schedule Projected Project approximate start date is March 5, 2013. Duration of project will be approximately 45 days. Approximate completion date April 18, 2013. Actual All parts of project were completed on time and as scheduled. Reasons for Variance There was no variance with the schedule. B.2. Costs Projected Cost projection is approximately $473,074.50 Actual The final costs for the project are $473,074.50 Reasons for Variance There was no variance in costs B.3. Goals and Objectives Projected: The goal in this project was to understand the needs of the employees in each building, and define every aspect of what needed to be changed. To provide each office with the best solution involving new hardware, software and an updated network, at the best price available. All of these new solutions have to be more reliable and easy to use. Actual The project was understood and our team at Platinum Technologies Unlimited was able to provide a better solution to faster more reliable network, installed new equipment, and supplied each office with new software and the appropriate training. Reasons for Variance There was no variance with our goals and objectives B.4. Requirements and Functionality Projected Set up a configured domain, a filing system for patient records retrievable from all workstations through the domain, design a disaster recovery...
Words: 653 - Pages: 3
...more latency within the network. My two primary recommendations to upgrade this network are to; first go from a 10BaseT network to a 100BaseTX network, and second replace any hub currently in use with a switch capable of 100BaseTX data transfer standards. Transferring from a 10BaseT to a 100BaseTX network will require the additional purchase of networking devices but will increase the overall bandwidth from 10 Mbps to 100 Mbps for each user in the network (Regan, Local area networks, 2004). By replacing the outdated hubs currently in use with switch will create a more specific collision domain (Regan, Local area networks, 2004) that if found when hubs are in use. With the use of hubs all the ports on the hub are part on a collision domain, so each computer connected on the hub can be effected by collision of data as it passes through the hub. When switches are use each port on the switch is its own collision domain and collision rarely occur. This upgraded network will allow the...
Words: 1319 - Pages: 6
...FREE ONLINE RESEARCH PAPERS Navigation Sign In Create Account Forgotten Password About Us Subscription Cancelation SIWES Project in Computer Science CHAPTER 1 INTRODUCTION 1.1 Overview of SIWES SIWES refers to the employment of students nearing under-graduation in firms or organizations, which operate on activities related to the respective student’s major subjects. The course, CSC 3299 as offered in Ajayi Crowther University is a compulsory subject offered by every computer science student in the 2nd semester of the third academic year with the objective of enabling students to come into contact with real life applications regarding the knowledge and skills gained in both theoretical and practical courses of the university. The core courses of Computer Science offered by ACU are both theory and laboratory practical -based and aid in providing a theoretical concept or ‘base’ to the students so that they are equipped with sufficient knowledge for joining the work force after completion of under-graduation. SIWES on the other hand helps the students familiarize themselves with the experience of being employed in their field and effectively learning and applying the knowledge required by carrying out their activities in the offices and fields. 1.2 Objectives of SIWES The general objectives if SIWES are outlined as follows: Helping students break free from the theoretical world of textbooks and class courses and leap into...
Words: 4317 - Pages: 18
...Student Lab Manual © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION Student Lab Manual © Jones & Bartlett Learning, LLC © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT Auditing IT Infrastructures for Compliance © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION IS4680 © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett Learning, LL NOT FOR SALE OR DISTRIBUT © Jones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION © Jones & Bartlett©Learning, LLC Learning, LLC, an Ascend Learning Company Bartlett Current Version Date: 11/21/2011 © Jones & Learning, LLC Copyright 2013 by Jones & Bartlett www.jblearning.com! NOT FOR SALE OR DISTRIBUTION ...
Words: 30948 - Pages: 124
...SYSTEMS SECURITY & ASSURANCE SERIES LABORATORY MANUAL TO ACCOMPANY Security Strategies in Windows Platforms and Applications 1E REVISED 38542_FMxx.indd i 9/5/12 10:48 AM World Headquarters Jones & Bartlett Learning 5 Wall Street Burlington, MA 01803 978-443-5000 info@jblearning.com www.jblearning.com Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com. Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to specialsales@jblearning.com. Copyright © 2013 by Jones & Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner. The Laboratory Manual to accompany Security Strategies in Windowa Platforms and Applications is an independent publication and has not been authorized, sponsored, or otherwise approved by the owners of the trademarks...
Words: 25969 - Pages: 104
...the company will be expanding from one (1) floor to three (3) floors in the very near future you, as the CIO, are responsible for the design of the infrastructure and security protocols. You have been tasked with designing a network that is stable, redundant, and scalable. In addition, speed and reliability are important considerations. Assumptions should be drawn regarding network usage in relationship to network services and resources. All the established criteria that were set at the onset should be adhered to within your plan. The network solution that is chosen should support the conceived information system and allow for scalability. The network infrastructure will support organizational operations; therefore, a pictorial view of workstations, servers, routers, bridges, gateways, and access points should be used. In addition, access paths for Internet access should be depicted. Additionally, the security of the network should be in the forefront of your design because protecting your data is a primary consideration. Section 1: Infrastructure Document 1.Write a four to six (4-6) page infrastructure document in which you: ◦Justify and support the relationship between infrastructure and security as it relates to this data-collection and analysis company. ◦Present the...
Words: 724 - Pages: 3
...References 27 Phase 1 Discussion Board 2 The “Internal Use Only” (IUO) data classification includes all data and information not intended for public access. The best way to describe this classification is all company and client information that we do not want to see in a newspaper or on the internet. Some examples of this are: Client lists, Client account numbers, Human Resource files, Payroll files, E-Mails, and many others. This data classification affects all seven IT domains. The first and most important IT domain that the IUO affects is the “User Domain”. The users have to be taught general security and proper use of the systems they use. The first and most important lesson for users to learn is “The only Stupid question is The Question Not Asked!” Users need to know that errors in, and on their systems are not normal and need to be reported as soon as possible. Another thing users need to be taught is what information and / or data is intended for the IUO classification. The second IT domain that is affected is...
Words: 5085 - Pages: 21
...William Walbuck IT221 Research Assignment Part 1 Windows server 2008 comes in different versions because different versions have different features and price ranges to satisfy individual customer needs and wants. Each version has significant features so that customer may choose which one best suits their business needs. For example; Windows Server 2008 Datacenter delivers an enterprise-class platform for deploying business-critical applications and large-scale virtualization on small and large servers. Improve availability, enhance power management, and integrate solutions for mobile and branch workers. Windows Server 2008 Enterprise is an advanced server platform that provides more cost-effective and reliable support for mission-critical workloads. Windows Server 2008 Standard is the most robust Windows Server operating system to date. With built-in, enhanced Web and virtualization capabilities, it is designed to increase the reliability and flexibility of your server infrastructure while helping save time and reduce costs. Windows Web Server 2008 is a powerful Web application and services platform. Featuring Internet Information Services (IIS) 7.5 and designed exclusively as an Internet-facing server, it offers improved administration and diagnostic tools to help reduce infrastructure costs when used with a variety of popular development platforms. Windows HPC Server 2008 , the Microsoft third-generation HPC solution, provides a comprehensive and cost-effective solution...
Words: 874 - Pages: 4
...is essential. The institution looked at the need and considered it to be the priority. The organizations’ network has different users each with different privileges. The users are the administration, the staff and the students. My aim is to come up with an efficient, modular, resilient, structured and manageable network upon implementation with good structural and engineering principles. To meet the requirements of the organization, I propose a hierarchical network design needs to be implemented. This is because this design allows the use of the other topologies at different levels, growth and robustness. Hierarchical network design A hierarchical network is also called network backbone. The hierarchical system is divided into three tiers, namely core, distribution and access level, with the privileges reducing downwards. This design is most appropriate for the organization since it allows for network administrators to optimize and specify the correct hardware and software for the entire network that is changing from one level to another. Core Level The hardware requirements for this layer includes Cisco Catalyst 6500 that is intended to route signals from the internet and switch them to the different faculties and administration blocks. The core level is used by network engineers, designers, and architects. They have access to the server and control station for the entire...
Words: 2532 - Pages: 11
...Project: Access Control Proposal * Phase I: Risk mitigation plan to identify critical IT assets * Phase II: Policies and procedures for protecting the IT assets Contents I. Introduction 2 II. Diagram of the proposed solution 3 III. Phase I:Access Control Risk Mitigation 3 1. Identified Treats and vulnerabilities 3 2. IT assets 4 3. Treats and vulnerabilities per IT Domain 4 4. The System Security Team 5 5. Access Control Plan 5 IV. Phase II: Policies and procedures for protecting the IT assets 6 1) General Security Practices for VPN Remote Access 6 2. Protecting Cyber Assets: Secure Interactive Remote Access Concepts 7 2. How Employee Accesses the Corporate Network 9 3. How external Partners (Vendor) Access the Corporate Network 9 V. Conclusion 13 I. Introduction Access control mechanisms operate at a number of levels in a system, from applications down through the operating system to the hardware. Higher-level mechanisms can be more expressive, but also tend to be more vulnerable to attack, for a variety of reasons ranging from intrinsic complexity to implementer skill levels. Most attacks involve the opportunistic exploitation of bugs; and software that is very large, very widely used, or both (as with operating systems) is particularly likely to have security bugs found and publicized. Operating systems are also vulnerable to environmental changes that undermine the assumptions used in their design. The main function of access...
Words: 2458 - Pages: 10
...Checking 10 2.2.8 Intrusion and Misuse Deterrence System (IMDS) 11 2.3 Demilitarized Zone (DMZ) 11 2.4 Computing Environment 11 2.4.1 Operating System (OS) Security 12 2.4.2 Host-based IDS 12 2.4.3 Content Security Checking 13 2.5 Application Security 13 2.5.1 World Wide Web (WWW) Applications 13 2.5.2 E-mail Systems 15 2.5.3 Mobile Code 15 2.5.4 Database Applications 17 2.5.5 Domain Name Service (DNS) 17 2.6 Personal Digital Assistants (PDAs) 18 3. VULNERABILITY ASSESSMENTS 21 4. INFORMATION ASSURANCE VULNERABILITY ALERT (IAVA) PROCESS 23 5. SOFTWARE DEVELOPMENT GUIDANCE 25 5.1 Purpose 25 5.2 Recommendations 25 5.3 Protocols 25 5.4 Operating Systems (OSs) 25 5.5 Encryption 26 5.6 General Considerations 26 5.7 Software Development References 26 5.7.1 Microsoft Windows NT OS 27 5.7.2 UNIX OS 27 6. DISA ENCLAVE SECURITY IMPLEMENTATION DESCRIPTION AND EXTENSION REQUIREMENTS 29 6.1 Guidance 29...
Words: 19685 - Pages: 79
...Configuring Version: 30.6 Microsoft 70-640 Exam Topic 1, Exam Set 1 QUESTION NO: 1 You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network run Windows Server 2008. Only one Active-Directory integrated zone has been configured in the ABC.com domain. ABC.com has requested that you configure DNS zone to automatically remove DNS records that are outdated. What action should you consider? A. You should consider running the netsh /Reset DNS command from the Command prompt. B. You should consider enabling Scavenging in the DNS zone properties page. C. You should consider reducing the TTL of the SOA record in the DNS zone properties page. D. You should consider disabling updates in the DNS zone properties page. Answer: B Explanation: In the scenario you should enable scavenging through the zone properties because scavenging removes the outdated DNS records from the DNS zone automatically. You should additionally note that patience would be required when enabling scavenging as there are some safety valves built into scavenging which takes long to pop. Reference: http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845-88d2-4091-8088a6bbce0a4304&ID=211 QUESTION NO: 2 You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network run Windows Server 2008. The ABC.com network has a server named ABC-SR15. You install the Active Directory Lightweight...
Words: 34198 - Pages: 137