... 1. Configure user accounts and access controls in a Windows Server according to role-based access implementation 2. Configure user account credentials as defined policy, and access right permissions for each user 3. Create and administer Group Policy Objects for the management of Windows Active Directory Domain machines within the IT infrastructure 4. Apply the correct Group Policy Object definitions per requirements defined by policies and access right permissions for users 5. Assign and manage access privileges as requested in the case study to apply the recommended and required security controls for the user accounts Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? DACL means discretionary access control list and it is a type of access control defined by the trusted computer system evaluation criteria. 2. Why would you add permissions to a...
Words: 1428 - Pages: 6
...Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: • Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. • Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure • Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization • Prioritize the identified critical, major, and minor software vulnerabilities Week 1 Lab: Assessment Worksheet Part A – List of Risks, Threats, and Vulnerabilities Commonly Found in an IT Infrastructure Overview One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective. Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure is primarily impacted...
Words: 590 - Pages: 3
...in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. * Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure * Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization * Prioritize the identified critical, major, and minor software vulnerabilities Christopher Plummer Week 1 Lab: Assessment Worksheet Part A – List of Risks, Threats, and Vulnerabilities Commonly Found in an IT Infrastructure Overview One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective. Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains of a typical IT infrastructure...
Words: 546 - Pages: 3
...Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts Confidentiality, integrity, and availability (CIA) concepts Layered security solutions implemented for the seven domains of a typical IT infrastructure Common threats for each of the seven domains IT security policy framework Impact of data classification standard on the seven domains Reading Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work: Data Classification Standard Information System Information Systems Security Layered Security Solution Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions. Assignment Requirements This is a matching activity. You...
Words: 1409 - Pages: 6
...to the following questions: * Where does the countermeasure belong in the seven domains of a typical IT infrastructure? * What CIA functions does the countermeasure provide? Provide your answers in the table below. Network Security Applications and Countermeasures | Domains | CIA Function | Ethical hacker | * Workstation domain | Availability | Intrusion detection system/intrusion prevention system (IDS/IPS) | * System/Application domain * Remote access domain * LAN-to-WAN domain | Integrity | Access controls | * LAN-to-WAN domain * WAN domain | Confidentiality | Failover server | * WAN domain * LAN-to-WAN domain | Availability | Automatic updates | * Workstation domain | Availability | Cryptography | * LAN-to-WAN domain | Confidentiality | Data backups | * System/Application domain | Availability | Logon rights | * LAN domain | Integrity | Computer cluster | * Workstation domain | Integrity | Firewalls | * LAN domain | Confidentiality | Proxies | * LAN-to-WAN domain | IntegrityConfidentiality | Antivirus scanners | * Workstation domain | Confidentiality | As a reminder, the seven domains of a typical IT infrastructure include the following domains: * User domain: Actual users * Workstation domain: Workstations, laptops, and end-point devices, such as smart phones and printers * LAN domain: Physical and logical LAN technologies—100 Mbps/1000 Mbps switched Ethernet, 802...
Words: 296 - Pages: 2
...and categorizing the myriad of risks can be an overwhelming one. Thankfully, a company’s IT infrastructure can be divided in a logical manner to more easily sort the risks. These divisions are the seven IT domains. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. In this lab, you will identify known risks, threats, and vulnerabilities, and you will determine which domain of a typical IT infrastructure is affected. You will then discuss security policies to address each identified risk and threat within the seven domains of a typical IT infrastructure. You will next determine which appropriate security policy definition will help mitigate the identified risk, threat, or vulnerability. You will organize your results into a framework that can become part of a layered security strategy. Learning Objectives Upon completing this lab, you will be able to: • Identify risks, threats, and vulnerabilities commonly found in the seven domains of a typical IT infrastructure. Determine which domain is impacted by the risk, threat, or vulnerability. Determine which domain is impacted by the risk, threat, or vulnerability. Determine security policies to address each identified risk and threat within the seven domains of a typical IT infrastructure. Deliverables Create a document encompassing both the hands-on steps of the assignment as well...
Words: 1159 - Pages: 5
...creating a Microsoft Windows Enterprise Patch Management solution for an organization, but you have no budget. What options does Microsoft provide? 4. How does network monitoring, performance monitoring, alarming, and incident response help secure the IT infrastructure? 5. Provide an example of multi-factor authentication and identify an application that you think would require multi-factor authentication. 6. In which of the seven domains of a typical IT infrastructure would be policy definitions for implementation of anti-virus application/tool as a security countermeasure? Explain. 7. What is the difference between a Host-based Firewall and a Network-based Firewall? What domains of the typical IT infrastructure would you deploy each of these within? Explain how firewalls help mitigate risk exposure by preventing or blocking unauthorized access. 8. Give at least 3 examples of controls typically implemented in the User Domain. Explain these controls. 9. Provide 3 example of encrypted remote access communications commonly used through the public Internet (i.e., remote access via Internet) 10. Which domain within a typical IT infrastructure is the weakest link? From am access control perspective, why is the User Domain the greatest risk? 11. True or False. It is a best practice to enable both a host-based IP stateful firewall in servers and workstation along with a perimeter, network-based IP stateful firewall for a layered security solution. 12. What types of...
Words: 376 - Pages: 2
...Jayveu Diaz Instructions: Given the network security applications and countermeasures in the first column of the table below, explore answers to the following questions: ▪ Where does the countermeasure belong in the seven domains of a typical IT infrastructure? ▪ What CIA functions does the countermeasure provide? Provide your answers in the table below. |Network Security Applications and Countermeasures |Domains |CIA Function | |Ethical hacker | | | | |User |Integrity | |Intrusion detection system/intrusion prevention system (IDS/IPS) | | | | | | | | |LAN-to-WAN | | | |Workstation |Integrity | |Access controls | ...
Words: 317 - Pages: 2
... • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief report on how the "Internal Use Only" data classification standard impacts the seven domains of the investment firm's IT infrastructure. Refer to Project Part 1. Multi-Layered Security Plan in the Project section of this instructor guide. Assign the Project Part 1 to students and inform them that they need to submit it by the beginning of Unit 2. In this assignment, students...
Words: 530 - Pages: 3
...Lab 6 1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities? It is important to prioritize because you must be aware of what the risks, threats, and vulnerabilities there are to your infrastructure. You need this so that you know where the most attention needs to be focused on. 2. Based on your executive summary produced in Lab #4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management? Setting up security measures through various means includes the following: * Forcing users to update password every X number of days. * Educating the users. * Firewalls - Anti-malware 3. Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities? Common things such as user activity can be a very big risk, so your best bet is to consider all options as potential threats. You will have to rank some risk higher than the others. 4. What risk mitigation solutions do you recommend for handling the following risk element? A user inserts a CD or USB hard drive with personal photos, music, and videos on organization owned computers. A good antivirus program and have all devices scanned as soon as they are plugged in. Educate employees Disable optical drives/USB ports. 5. What is security baseline definition? A baseline is a starting point or a standard...
Words: 759 - Pages: 4
...Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong 2. Why would you add permissions to a group instead of the individual? It is more resourceful and less time consuming. 3. List at least 3 different types of access control permissions available in Windows. Full Control, Modify, Execute, Read, Write 4. What are the least permissions that you need in order to view the contents of a folder? Read, so the user has access to any file on the system that they are entitled to, but they are not able to make any changes. 5. What are other available Password Policy options that could be enforce to improve security? ...
Words: 1093 - Pages: 5
...Review the seven domains of a typical IT infrastructure In your Lab Report file, describe how risk can impact each of the seven domains of a Typical _IT infrastructure: User, Workstation, Local Area Network (LAN), Local Area Network-to-Wide Area Network (LAN-to-WAN), Wide Area Network (WAN), Remote Access and System/Application domains. The answer is the seven domains of an IT infrastructure are classified below, and their risk factors. A. User Domain: Any user, worker, employee, contractor, or individual. They are considered to be the weakest link in IT security and the risk. B. Workstation Domain: The work station, client or standalone home system. The risk is Hackers use malicious software known as malware. C. LAN Domain: The private LAN, from SOHO’s to large corporations. To protect this domain it must be inside of a firewall if it does not have a firewall it is vulnerable and a risk. D. LAN to WAN Domain: Wan connections between LAN locations, like which are controlled by the third party entities. Here where LAN is in a trusted zone and the WAN is in an untrusted zone, so the LAN to WAN can be protected by firewalls. E. Remote Access Domain: It connects remote users to the organization’s infrastructure. It can be used by VPN and Dialup connections. This can provide access to a private network on a public network, this is where it is untrusted and attackers can attack and can be a major risk. F. WAN Domain: WAN domains are networks, such as ATM’s, frame relays...
Words: 558 - Pages: 3
...Date: ________________________________________________________________ Overview In this lab, you defined the purpose of an IT risk management plan, you defined the scope for an IT risk management plan that encompasses the seven domains of a typical IT infrastructure, you related the risks, threats, and vulnerabilities to the plan, and you created an IT risk management plan outline that incorporates the five major parts of an IT risk management process. Lab Assessment Questions & Answers 1. What is the goal or objective of an IT risk management plan? 2. What are the five fundamental components of an IT risk management plan? 3. Define what risk planning is. 4. What is the first step in performing risk management? 5. What is the exercise called when you are trying to gauge how significant a risk is? 25 6. What practice helps address a risk? 7. What ongoing practice helps track risk in real time? 8. True or False: Once a company completes all risk management steps (identification, assessment, response, and monitoring), the task is done. 9. Given that an IT risk management plan can be large in scope, why is it a good idea to develop a risk management plan team? 10. In the seven domains of a typical IT infrastructure, which domain is the most difficult to plan, identify, assess, treat, and monitor? 11. Which compliance laws or standards does the health care organization mentioned in the HandsOn Steps have to comply with (consider these: Health...
Words: 434 - Pages: 2
...Instructions: Given the network security applications and countermeasures in the first column of the table below, explore answers to the following questions: ▪ Where does the countermeasure belong in the seven domains of a typical IT infrastructure? ▪ What CIA functions does the countermeasure provide? Provide your answers in the table below. |Network Security Applications and Countermeasures |Domains |CIA Function | |Ethical hacker |User |Integrity | |Intrusion detection system/intrusion prevention system |LAN-to-WAN |Integrity | |(IDS/IPS) |Workstation | | |Access controls |Workstation |Confidentiality and integrity | | |LAN | | | |LAN-to-WAN | | | |WAN | ...
Words: 278 - Pages: 2
...Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities? * To know which is first what you need to take care of and the severity level of said threat and vulnerabilities of the risk Based on your executive summary produced in Lab 4 Perform a Qualitative Risk Assessment for an IT infrastructure, what was the primary focus of your message to executive management? Given the scenario for your IT risk mitigation plan, what influence did your scenario have on prioritizing your identified risks, threats, and vulnerabilities? What risk mitigation solutions do you recommend for handling the following risk element? User inserts CDs and USB hard drives with personal photos, music, and videos on organization owned computers. * You may decide to institute an IT security policy in your domain that prohibits use of personal USB devices. In AD we can use Group Policy to limit access to these devices Optical drives, Floppy, Removable etc. What is a security baseline definition? * Minimum security controls required for safeguarding the IT system based on the identified needs for confidentiality, integrity and the protection available. What questions do you have for executive management in order to finalize your IT risk mitigation plan? * Ensure security gaps are closed. * Ensure countermeasures are implemented. What is the most important risk mitigation requirement you uncovered and want to communicate to executive management? In your...
Words: 568 - Pages: 3
