Free Essay

Transportation Command Firewall Modification Request System

In:

Submitted By treasebj
Words 2252
Pages 10
Transportation Command
Firewall Modification Request System

Student Name

Individual Project
IS316 - Systems Analysis and Design
Professor: Erlan Burk
Park University
Fall II 2005

12 December 2005

Table of Contents

System Description 2-3 Functional Description 4-5 Data Dictionary 6-7 Context Level Diagram and Child Diagram 8-9 System Input, Output Forms, and Interfaces 10-14 Testing, Maintenance and Auditing 15-16

System Description

System Name
US Transportation Command Firewall Modification Request System (FMRS)

Type of System
FMRS is a Management Information System using a Microsoft Access Database and front end application. The system provides an avenue for customers to request firewall modifications and for the firewall maintenance team (Operation Information Security – OIS) to validate, track, and process requests in systematic fashion.

Key System Benefits * User friendly interface available to users at any time * Request tracking and history * Report generation of prior activity * Improved firewall manageability * Improved customer response time * Reduction in man hours spent duplicating and researching firewall maintenance efforts

Existing System
Currently there is no automated request or tracking system for firewall modifications and accountability. Requests are made via email to the OIS group email account and are processed from there. With the current process, the requests are subject to be accidentally deleted, read and forgotten about, or completed but with no follow up. Often there is a duplication of effort as well if there is no communication among members of the firewall team.

Interrelations/Interdependencies with other Systems
The FMRS does not contain interfaces that interact directly with the Transportation Command firewalls. All firewall modifications will be implemented manually; however the tracking of the modifications and user notification will be handled by FMRS. All FMRS users require only a workstation running Microsoft 2000 or better and will need a mapped connection to the FMRS server. The FMRS application itself requires a high-end desktop grade workstation only but needs adequate amount of space to store the database and archives. Microsoft 2000 Professional or Server software along with Microsoft Access is required as well.

System Organizational Environment
The Transportation Command is a logistics planning agency that manages air, land and sea transportation both in time of peace and in time of war. Their primary purpose is war fighter support. The IT management directorate is responsible for maintaining secure, reliable and available network and operations systems for the entire command. Firewalls are in place to protect all command resources including equipment, systems, and personnel. Proper maintenance and administration of these firewalls is paramount to the operations of the Transportation Command. The firewalls are maintained by a combination of both military and contract personnel.

Stakeholders: * Firewall Administrators * System Developers * Organizational Information System Administrators * IT Management Team * All Transportation Command personnel and war fighters abroad

Users: * Firewall Administrators (staff of 7) * Organization Information Systems Administrators (staff of 145)

Functional Description

System Functions
The Firewall Modification Request System (FMRS) will allow authorized users (system administrators) to electronically submit modification requests for the command’s firewalls. When systems, applications, or other tools are implemented or removed from the network, access control must be maintained and monitored. There are two main firewalls in the command managing multiple interfaces. The firewall administrators need a more efficient way of tracking and servicing requests from the 145+ administrators that continuously make requests for port access or access removal. FMRS will provide one point of entry for requests and also acts as a tracking system for who makes the requests, what changes were requested, and who made the firewall modifications. The system administrators will submit their requests through a locally developed Microsoft Access application. After they enter the required information and submit the request, the firewall administrators will have access to the request. Status buttons indicate where in the process the request is sitting. When a firewall administrator accesses the request, he or she will mark it as “in progress”, validate the request, make the necessary modifications in the firewalls, enter the firewall changes/rules made into the request record, and “close” the request. When a request is marked complete, an email will be automatically generated to notify the user that their request has been serviced. The firewall administrators can generate reports of requests in the system using any number of search parameters such as request=new, in progress, closed, by date, by firewall administrator, user, or information system name.

System Boundaries
The FMRS application will be hosted on an organizational application server (Microsoft 2000 Server) on a dedicated, protected drive. Access to the system will be limited to internal command personnel. Authorized users will be able to map to this drive. All other LAN users will not have permissions to see or access the application. Firewall administrators and management will have access to generate reports. Output will be through reports and automatically generated notification emails only.

System Interfaces External to the Organization
There are no interfaces with entities external to the organization.

System Interfaces Internal to the Organization
The application will be hosted on a server managed internally by command administrators. Authorized users and firewall administrators will have direct access to the system through drive mapping. Changes made to the firewall will be manually entered by firewall administrators in both the firewalls and FMRS. Interactions with FMRS will rely on LAN access and availability.

How System Relates to Organizational Mission
This system provides a reliable and structured procedure for firewall modification requests which are necessary for the smooth operations of the various logistics information systems within the command. A single point of reference for firewall maintenance reduces duplicate efforts and man hours wasted on researching validity of current rules and requests. This system will improve the commands overall mission of supporting logistics operations in time of peace and war.

How System Supports Organizational Decisions
Proper maintenance tracking provides easily accessible data on firewall operation efforts to aide in properly managing personnel, equipment, and other resource allocation. The effects of this system will allow management to be better informed when making decisions on manning and system upgrade efforts.

Information Processing Input Information * User data: name, phone, command section, email address * System data: information system needing firewall modification, port numbers, protocols, IP addresses

Process Definition * Request submission and creation * Status changes * Email generation * Report generation * Request closure and storage

Output information * Request history reports * Email notifications

CASE Tool Use for Development
Visible Analyst will be used to create the systems diagrams and to map out the processing of the system. The use of this tool will allow convenient and efficient creation of the internal system function layout and will make it easier to transfer the logic into Microsoft Access where the system will ultimately be built.

Data Dictionary and Entity Relationships

Data Dictionary

Data Element Name | Data Type | Size | Special Formatting | Definition | customer_firstname | A | 20 | none | Base element | customer_lastname | A | 30 | none | Base element | customer_userid | A | 8 | none | Base element | customer_email | AN | 50 | none | Base element | customer_officesymbol | AN | 8 | none | Base element | customer_phone | N | 14 | (###) ###-#### | Base element | requesting_system | A | 20 | none | Base element | port_number | N | 10 | none | Base element | protocol_name | A | 20 | none | Base element | source_IP_address | N | 15 | ###.###.###.### | Base element | destination_IP_address | N | 15 | ###.###.###.### | Base element | request_id | N | 8 | none | Auto-generated | rule_entered | A | 400 | none | Base element | fw_admin_userid | A | 8 | none | Base element | request_status | A | 10 | New
In Progress
Completed | (drop down menu) | date_entered | D | 7 | DDMMMYY | Auto-generated | date_closed | D | 7 | DDMMMYY | Auto-generated |

Legend:
A - alpha
AN - alpha-numeric
N - numeric
D - date
# - numbers

customer_record = customer_firstname + customer_lastname + customer_userid + customer_email + customer_phone

request_status = [new | in progress | complete]

request_record = customer_record + request_id + requesing_system + port_number + protocol_name + source_IP_address + destination_IP_address + date_entered + request_status

completed_request = request_record + customer_record + rule_entered + fw_admin_userid + request_status + date_closed

email_notification = customer_name + customer_userid + request_id + request_status + date_closed + fw_admin_userid

Data Flow Diagrams

Context Diagram

Level 0 Diagram

System Input, Output Forms, and Interfaces

Screen 1, the New Request Form, is the first user interface screen. Users enter their user identification number and select the “Submit New Request” button. The user ID used to query the customer database and pull the customers information. This information is used to populate the fields in the next screen, the Request Info screen.

Screen 2, the Request Info screen, displays the complete customer information and new request status. The fields allow the customer to make changes to their information as necessary. This form is where customers enter the information needed to make the necessary firewall modifications. The information submitted with this form is all a part of the request record and is included in the email that is generated and sent to the customer when the request is generated.

Screen 3, the Request Record, is an example of what the firewall administrators see when they log into the system. The request record contains all the information necessary to make the firewall changes. The firewall administrator uses this form to submit the rules that were added to the firewall, the name of the administrator that serviced the request, the date it was serviced, and to change the request status to “complete” or “in progress”.

Screen 4 is a sample report that management can generate for metrics purposes and to manage how efficiently the requests are being serviced.

This sample email is what the customers receive when they submit their requests into the system. The email is automatically generated and includes the information that the customer has submitted. The receipt of this email lets the customer know that their request has been submitted successfully.

Date: date_entered

Dear customer_firstname customer_lastname,

You’re firewall request has been submitted successfully and the firewall administration staff will service your request as quickly as possible. Here are the details of your request.

request_ID request_status requesting_system date_entered port_number protocol_name source_IP_address destination_IP_address

You will be notified when you’re request has been completed. If you have any questions you can contact the firewall administration staff at 555-1234.

This is an automatically generated email; please do not respond to this address.

Thank you.

The Transportation Command Firewall Administration Team

Testing, Maintenance and Auditing

Data Testing The Firewall Request Management System (FRMS) will undergo modular testing as each phase of the program is completed. The system analysts have adopted a top-down designing strategy. Documentation is maintained throughout the design and development process. Test data is used during the program testing phase to make sure the modules are working correctly. Each step of the program, from user access and input to resolution output and report generation are all tested using both valid and invalid data. Link testing is performed to ensure that the system interacts with the organization’s exchange servers correctly and that all interfaces have been properly configured.
Full system testing is performed with both test data and live data and the system users and operators are brought in to load test the system. Test plans will be created to include various scenario testing and checklists to make sure all components of the program are tested. These test plans will be performed by multiple system users and will include both valid and invalid data to help the users familiarize themselves with the system and offer avenues for suggestion and improvement. Data entry is accomplished through keyboard by users and data is also pulled from two different data stores. The information in the data store is valid because it is checked as it is entered into the system. The information entered by the users is validated against format and data constraints. Validating input data is done in the following way. First, each field is configured to accept a certain format. For example, a phone number must include the area code and be delimited by dashes. An email address must have an “@” symbol to be valid. Field length, range and reasonableness, valid data, and checking against stored data are all data checks that are performed during data entry into FRMS. When users enter data, it is automatically checked and an error message is displayed to users who have entered invalid data.

Maintenance

Minor system maintenance and upgrades are performed on a periodic or as-needed basis. Major maintenance and upgrade efforts such as modular redesigning and data structure redesigning are performed once a year. The users are polled to gather their comments, complaints, and suggestions regarding the system. This information is consolidated and analyzed to best determine how to accommodate the users’ needs. As the system grows and more users are authorized access to the system, considerations will need to be made on additional storage and processing capacity. As system modifications are made, the documentation will be upgraded accordingly to keep current. The FRMS will be housed on a low-grade Dell server with redundancy. Replication will be enabled between the primary and backup servers so that both maintain the most current data. Nightly incremental backups will be performed on the system as well as full backups each week. These backup files will be stored on magnetic tape devices in a secure location. In addition to the redundant server and backup configurations, the organization will keep various spare parts in stock to quickly accommodate any hardware failures that may occur. The goal is to minimize downtime for users and firewall administrators.

Auditing

System auditing will be performed by an internal information system auditing team. Because of the nature of the data in the system, using auditors that have the clearance to access this data is recommended for the task. The internal auditors also understand the organizational information system goals and the users’ needs as that their primary job. Spot-check auditing will be performed throughout the design process and a full audit is required when the system is complete.

Similar Documents

Premium Essay

Synopsis

...LUDHIANA COLLEGE OF ENGINEERING & TECHNOLOGY 6 Month SYNOPSIS s Training Submitted to: - Submitted by:- Mr. R.K. Aggarwal Nikhil Sharma Head of Deptt. Electronics & Comm. Electronics & Comm. 8TH (B) 80102108050 ACKNOWLEDGEMENT The beatitude, bliss & euphoria that accompany the successful completion of any task would be incomplete without the expression of the appreciation of simple virtues to the people who made it possible. So, reverence, veneration and honours. I acknowledge all those whose guidance and encouragement has made successful in winding up this synopsis. I owe a huge debt of thanks to a large number of people without whom none of this would have been possible. I am thankful to Dr. J.S. Sohal(Director), Dr. Pawan Kumar(Principal), Mr. R.K Aggarwal(Head of Department) for valuable suggestions and enthusiastic interest during the entire process. For my six months industrial training...

Words: 3916 - Pages: 16

Premium Essay

Impotent Music

...INFORMATION RESOURCE GUIDE Computer, Internet and Network Systems Security An Introduction to Security i Security Manual Compiled By: S.K.PARMAR, Cst N.Cowichan Duncan RCMP Det 6060 Canada Ave., Duncan, BC 250-748-5522 sunny@seaside.net This publication is for informational purposes only. In no way should this publication by interpreted as offering legal or accounting advice. If legal or other professional advice is needed it is encouraged that you seek it from the appropriate source. All product & company names mentioned in this manual are the [registered] trademarks of their respective owners. The mention of a product or company does not in itself constitute an endorsement. The articles, documents, publications, presentations, and white papers referenced and used to compile this manual are copyright protected by the original authors. Please give credit where it is due and obtain permission to use these. All material contained has been used with permission from the original author(s) or representing agent/organization. ii T eofContent abl 1.0 INTRODUCTION........................................................................................................................................................... 2 1.1 BASIC INTERNET TECHNICAL DETAILS ........................................................................................................................ 2 1.1.1 TCP/IP : Transmission Control Protocol/Internet Protocol .........................................

Words: 134858 - Pages: 540

Premium Essay

Computer Security Management

...employees travel from office to office, from office to home, from city to city. Since business have become more fluid, …, information security is no longer the sole responsibility of a small dedicated group of professionals, …, it is now the responsibility of every employee, especially managers.” http://www.businessandleadership.com/fs/img/news/200811/378x/business-traveller.jpg http://www.businessandleadership.com/fs/img/news/200811/378x/businesshttp://www.koolringtones.co.uk/wp-content/uploads/2010/01/mobile-phones.jpg http://www.koolringtones.co.uk/wp- content/uploads/2010/01/mobile- Information Technology • Information Technology – enables storage and transportation of information from one business unit to another in many organizations, information is seen as the most valuable asset • Information System – entire set of data, software, hardware, networks, people, procedures and policies necessary to use information as a resource in an organization each of 7 components has its own strengths, weaknesses, and its own security requirements Information Technology (cont.) Information Security Security = state of being...

Words: 4051 - Pages: 17

Free Essay

Project Scope Statement

...network as well as a state of the art design and equipment for a Law Firm’s work environment. Assure that appropriate telecommunications and computing resources are available to support the mission of the firm Assure that each staff member who uses telecommunications and computing resources in his or her position has a computer of sufficient capability to fulfill their required job responsibilities Ease resource and financial planning by reducing the effort involved in budgeting and planning for new telephone units, computers, network, classroom equipment and server systems. Provide for the cost effective and timely purchasing and installation of new equipment while decreasing the deployment time for new equipment; and disposal of old and obsolete equipment. ------------------------------------------------- Deliverables Dell Desktops and laptops Cisco Routers, switches, and Ip phones will be installed and configured Firewalls will be installed Blade server holding case will be provided Internet services will be provided by Install Cat 6 cable and fiber optic cable Connector’s trays and cable racks will be installed Software i.e. Microsoft Server 2008R2, Windows 7, Exchange Server, Citrix Carpe Diem, Anti-Virus , Spam Server, VPN Server, Web Server, Hummingbird will be installed All servers for the network will be installed Technical requirements Hardware and Software...

Words: 11532 - Pages: 47

Premium Essay

Network Security

...CHAPTER Firewall Fundamentals 2 T o some network administrators, a firewall is the key component of their infrastructure’s security. To others, a firewall is a hassle and a barrier to accomplishing essential tasks. In most cases, the negative view of firewalls stems from a basic misunderstanding of the nature of firewalls and how they work. This chapter will help dispel this confusion. This chapter clearly defines the fundamentals of firewalls. These include what a firewall is, what a firewall does, how it performs these tasks, why firewalls are necessary, the various firewall types, and filtering mechanisms. Once you understand these fundamentals of firewalls, you will be able to look beyond the unschooled opinions, common mythology, and marketing hype surrounding them, and the crucial benefits of effective firewall architecture will become clear. Like any tool, firewalls are useful in solving a variety of problems and in supporting essential network security. Chapter 2 Topics This chapter covers the following topics and concepts: • What a firewall is • Why you need a firewall • How firewalls work and what they do • What the basics of TCP/IP are • What the types of firewalls are • What ingress and egress filtering is • What the types of firewall filtering are • What the difference between software and hardware firewalls is • What dual-homed and triple-homed firewalls are • What the best placement of a firewall is 43 Chapter 2 Goals When you complete...

Words: 15367 - Pages: 62

Free Essay

Air Traffic Control System

...because it causes a huge loss and impact on the society. There are many control systems in an airport, and the report only focus on air traffic control system (ATC). The risks, mitigations strategies, risk management plan is analysis the technology problem and solution to the computer system of ATC. In this report, the hazard, financial and operational risks that cause by information technology vulnerability is assess in the first session. The second session discusses the risk management techniques for the risks that identify in first session. Lastly, the risk mitigation plan is discussed the critical business function and plans to deal with computer outage, power outage when the issues happen. RISK ASSESSMENT Activity, Asset, Data information, risk The Air Traffic Control (ATC) is responsible for several activities in the airport. It involves separation assurance, landing services operating, navigation and ground control. Separation assurance is one of the main ATC components. It maintains the separation of aircraft from each other to avoid collision (Dwyer & Landry, 2013). The separation assurance tracks the position of each aircraft, and air traffic controller collects the information and provides it to the pilot. Both of automated tasks and manual tasks are involved in this function. The flights information such as identification, location and situation is recorded and used in the system. The separation assurance involves different facility such as radar and control...

Words: 6286 - Pages: 26

Free Essay

Ethical Hacking

...This page was intentionally left blank This page was intentionally left blank Hands-On Ethical Hacking and Network Defense Second Edition Michael T. Simpson, Kent Backman, and James E. Corley ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated...

Words: 185373 - Pages: 742

Premium Essay

Quality Control Plan

...Provisions and Directives 4 3.2 Objectives 4 3.3 Organization 5 3.4 Contingency Phases 8 3.4.1 Response Phase 8 3.4.2 Resumption Phase 8 3.4.3 Recovery Phase 8 3.4.4 Restoration Phase 9 3.5 Assumptions 9 3.6 Critical Success Factors and Issues 9 3.7 Mission Critical Systems/Applications/Services 10 3.8 Threats 10 3.8.1 Probable Threats 11 4 System Description 12 4.1 Physical Environment 12 4.2 Technical Environment 12 5 Plan 12 5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6...

Words: 17284 - Pages: 70

Premium Essay

Urban Outfitters

...Provisions and Directives 4 3.2 Objectives 4 3.3 Organization 5 3.4 Contingency Phases 8 3.4.1 Response Phase 8 3.4.2 Resumption Phase 8 3.4.3 Recovery Phase 8 3.4.4 Restoration Phase 9 3.5 Assumptions 9 3.6 Critical Success Factors and Issues 9 3.7 Mission Critical Systems/Applications/Services 10 3.8 Threats 10 3.8.1 Probable Threats 11 4 System Description 12 4.1 Physical Environment 12 4.2 Technical Environment 12 5 Plan 12 5.1 Plan Management 12 5.1.1 Contingency Planning Workgroups 12 5.1.2 Contingency Plan Coordinator 12 5.1.3 System Contingency Coordinators 13 5.1.4 Incident Notification 13 5.1.5 Internal Personnel Notification 13 5.1.6 External Contact Notification 13 5.1.7 Media Releases 14 5.1.8 Alternate Site (s) 14 5.2 Teams 14 5.2.1 Damage Assessment Team 14 5.2.2 Operations Team 15 5.2.3 Communications Team 15 5.2.4 Data Entry and Control Team 15 5.2.5 Off-Site Storage Team 15 5.2.6 Administrative Management Team 15 5.2.7 Procurement Team 15 5.2.8 Configuration Management Team 16 5.2.9 Facilities Team 16 5.2.10 System Software Team 16 5.2.11 Internal Audit Team 16 5.2.12 User Assistance Team 16 5.3 Data Communications 16 5.4 Backups 16 5.4.1 Vital Records/Documentation 17 5.5 Office Equipment, Furniture and Supplies 19 5.6 Recommended Testing Procedures 19 6 Recommended Strategies 20 6...

Words: 17323 - Pages: 70

Premium Essay

Information and Survey Analysis

...1. An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of: A. variable sampling. B. substantive testing. C. compliance testing. D. stop-or-go sampling. The correct answer is: C. compliance testing. Explanation: Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values. Substantive testing substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed. 2. The decisions and actions of an IS auditor are MOST likely to affect which of the following risks? A. Inherent B. Detection C. Control D. Business The correct answer is: B. Detection Explanation: Detection risks are directly affected by the auditor's selection of audit procedures and techniques. Inherent risks usually are not affected by the IS auditor. Control risks are controlled by the actions of the company's management. Business...

Words: 97238 - Pages: 389

Premium Essay

Business Law.Types of Companies

...Definition: An information system can be any organized combination of people, hardware, software, computer networks and data resources that stores and retrieves, transforms, and disseminates information in an organization. Roles of IS in Business: There are three fundamental reasons for all business applications of information technology. They are found in the three vital roles that information system can perform for a business enterprise.  Support of its business processes and operations.  Support of decision making by its employees and managers.  Support of its strategies for competitive advantage. Trends in IS: The business applications of information systems have expanded significantly over the years.  Data Processing (1950s – 1960s): Electronic data processing systems which includes transaction processing, record keeping, and traditional accounting applications.  Management Reporting (1960s – 1970s): Management information systems that include preparation of management reports of pre specified information to support decision making.  Decision Support (1970s – 1980s): Decision support systems include interactive ad hoc support of managerial decision making process.  Strategic and End User Support (1980s – 1990s): o End user computing systems: Direct computing support for end user productivity and work group collaboration. o Executive information systems: Critical information for top management. o Expert Systems: Knowledge based expert advice for...

Words: 13881 - Pages: 56

Free Essay

Is4550 Unit 3 Assignment 1

...The  Critical  Security  Controls   for   Effective  Cyber  Defense   Version  5.0                     1       Introduction   .....................................................................................................................................................................  3   CSC  1:    Inventory  of  Authorized  and  Unauthorized  Devices  ............................................................................  8   CSC  2:    Inventory  of  Authorized  and  Unauthorized  Software  .......................................................................  14   CSC  3:    Secure  Configurations  for  Hardware  and  Software  on  Mobile  Devices,  Laptops,   Workstations,  and  Servers  .......................................................................................................................................  19   CSC  4:    Continuous  Vulnerability  Assessment  and  Remediation  .................................................................  27   CSC  5:    Malware  Defenses  ..........................................................................................................................................  33   CSC  6:    Application  Software...

Words: 31673 - Pages: 127

Premium Essay

Computer Engineer

...their Building Blocks * 1-1 Introduction to Networks * 1-2 Networking Types * 1-3 OSI Reference Model * 1-4 TCP/IP Model * 1-5 Ethernet Technologies and Cabling * 1-6 Cisco 3 Layer Model * 1-7 Summary * Chapter 2 – IP Addressing and Subnets * 2-1 IP Addresses – Composition, Types and Classes * 2-2 Private and Public IP addresses * 2-3 Subnetting * 2-4 Variable Length Subnet Masks (VLSM) * 2-5 Route Summarization * 2-6 Troubleshooting IP Addressing * Chapter 3 Introduction to Cisco Routers, Switches and IOS * 3-1 Introduction to Cisco Routers, Switches, IOS & the Boot Process * 3-2 Using the Command-Line Interface (CLI) * 3-3 Basic Configuration of Router and Switches * 3-4 Configuring Router Interfaces * 3-5 Gathering Information and Verifying Configuration * 3-6 Configuring DNS & DHCP * 3-7 Saving, Erasing, Restoring and Backing up Configuration & IOS File * 3-8 Password Recovery on a Cisco Router * 3-9 Cisco Discovery Protocol (CDP) * 3-10 Using Telnet on IOS * 3-11 CCNA Lab #1 * Chapter 4 Introduction to IP Routing * 4-1 Understanding IP Routing * 4-2 Static, Default and Dynamic Routing * 4-3 Administrative Distance and Routing Metrics * 4-4 Classes of Routing Protocols * 4-5 Routing Loops ...

Words: 95744 - Pages: 383

Premium Essay

Beacuse I Have to

...State of North Carolina Statewide Information Security Manual Prepared by the Enterprise Security and Risk Management Office Publication Date: April 20, 2012 INTRODUCTION FOR STATEWIDE INFORMATION SECURITY MANUAL ...... 1 GUIDANCE FOR AGENCIES .............................................................................. 1 CHAPTER 1 – CLASSIFYING INFORMATION AND DATA ................................ 2 CHAPTER 2 – CONTROLLING ACCESS TO INFORMATION AND SYSTEMS. 7 CHAPTER 3 – PROCESSING INFORMATION AND DOCUMENTS ................. 32 CHAPTER 4 – PURCHASING AND MAINTAINING COMMERCIAL SOFTWARE ..................................................................................................... 107 CHAPTER 5 – SECURING HARDWARE, PERIPHERALS AND OTHER EQUIPMENT .................................................................................................... 122 CHAPTER 6 – COMBATING CYBER CRIME ................................................. 146 CHAPTER 7 – CONTROLLING E-COMMERCE INFORMATION SECURITY 153 CHAPTER 9 – DEALING WITH PREMISES RELATED CONSIDERATIONS . 173 CHAPTER 10 – ADDRESSING PERSONNEL ISSUES RELATING TO SECURITY ........................................................................................................ 185 CHAPTER 11 – DELIVERING TRAINING AND STAFF AWARENESS .......... 192 CHAPTER 12 – COMPLYING WITH LEGAL AND POLICY REQUIREMENTS ......................................................................................................................

Words: 65255 - Pages: 262

Premium Essay

Disaster Recovery Plan

...Template Version 1.0 31 October 2007 TABLE OF CONTENTS DISASTER RECOVERY PLAN – DOCUMENT CHANGE CONTROL 6 EXECUTIVE SUMMARY 8 Overview 8 Recovery Statement Summary 8 Recovery Scenario #1: The Preferred Solution for a Total Data Center Loss 8 Recovery Strategies: Activities and Time Frames 9 Short-Term (2 to 3 Days): 9 Medium-Term (6 to 12 weeks): 9 Longer-Term (6 months to 2 years): 9 Recovery Scenario #2: The Strategy for Loss of a Critical System or Component 9 Summary 10 INTRODUCTION 11 INFORMATION SECURITY POLICY – DEFINITIONS & STATED REQUIREMENTS 11 8.2 Disaster Recovery Plan 11 8.3 Business Recovery Strategy 11 PLAN DISTRIBUTION 11 PLAN OBJECTIVES 11 PLAN ASSUMPTIONS 12 Definitions 12 PROCESSING ENVIRONMENT 13 Scope of Recovery 13 Environment Description 13 Essential Equipment 13 Disaster Recovery Scripts 15 RECOVERY PLAN ELEMENTS 17 1. Recovery Plan for Major Disasters 17 A. Detection and Reaction 17 B. Identifying the problem – Notifying the authorities 17 C. Establishing a Command Center 17 D. Reducing Exposure 17 2. Roles and Responsibilities 20 A. Management / Damage Assessment Team: Initial Response 21 B. Disaster Recovery Teams — Emergency Contact List 22 (AGENCY) FUNCTIONAL AREA MANAGERS 23 3. Recovery Plan for Major Disasters 24 A. Establishment of Full Recovery at Backup Site 24 B. Disaster Recovery Team Checklists 24 C. Restoration of Facilities and Operations at the Original and/or Alternate Site 24 4. DISASTER RECOVERY...

Words: 17396 - Pages: 70