Premium Essay

Unit 3 Access Control

In:

Submitted By griffen
Words 288
Pages 2
Scenario 1: (DAC) Discretionary Access Control. Being that the business is small and not in need of higher security measures, it would be the easiest to maintain and monitor for a small business.
Scenario 2: (MAC) Mandatory Access Control. The employees primarily communicate using smartphones; which proves as a possible security risk. MAC is stronger than DAC but, still easily monitored for a small business; which makes this the top choice for Top Ads.
Scenario 3: (RBAC) Role Based Access Control. With the company being as large as it is and the employees traveling and/or working from home, the roles set by a Security Administrator would be the most secure and efficient way of providing different levels of clearance to individual users. It would take time to start from nothing but, once the security measures are in place it would be easy to monitor and to manage.
Scenario 4: Content-Dependent Access Control. Since everything that the company does depends on the individual material being manufactured the above Access Control type should be apparent. Giving permissions by what is contained in each individual file is more costly but, a lot more secure. It also allows the company to monitor the data sent less as each document is given its own set of roles.
Scenario 5: (RBAC) Role Based Access Control. With RBAC in place the security measures would be assigned to each user and monitored by the security administrator(s). Using this Access control method would allow for high-grade security with manageability in mind. Allowing each user a set of permissions dependent on their group, or role, allows the system admin to more easily monitor security by group; which is perfect for a military

Similar Documents

Premium Essay

Unit 3. Access Controls

...NT2580 Unit 3 Access Controls 01/22/2014 1. For the construction company scenario the data would probably consist of customer contact information, accounting, and inventory. For administrative controls I would administer a password policy. For the logical/technical controls I would have passwords checked and enforced. For the software controls I would make sure that updates are checked regularly. 2. For the advertising company scenario the data would probably consist of customer contact information, accounting, and inventory. For administrative controls I would administer a password policy. For the logical/technical controls I would have passwords checked and enforced. For the software controls I would make sure that updates are checked regularly. 3. For NetSecIT, I would implement all access controls on this organization because of the size of the company and the remote access. For administrative controls I would administer a password policy. For the logical/technical controls I would have passwords checked and enforced. For the software controls I would make sure that updates are checked regularly. For the hardware controls I would utilize MAC filtering and smart card use. For the physical I would utilize security guards and ID badges. 4. For Backordered Parts, I would implement all access controls for this organization because it is a defense contractor that builds communications parts for the military. For administrative controls I would administer a...

Words: 362 - Pages: 2

Free Essay

Unit 3 It255 Access Control

...1. RAS server provides the most secure method for remote access to the network if it is reburied. 2. Never allow client computers on the network to answer remote access connections. 3. Organize all remote access servers in a centrally controlled location. 4. Servers have no need to originate dial-out connections (Except when using telephone lines as low cost WAN connections, but these connections should be relatively permanent). 5. To simplify security administration, allow only one method of remote access into the network. 6. Remote access control procedures must provide adequate safeguards through robust identification, authentication and encryption techniques. 7. Carefully consider the wisdom of providing cellular telephones and modems for use with laptop computers. This technology isn’t usually justified considering the relatively modest increase in productivity compared to the cost and the security risk of a lost laptop. 8. Consider using only the NetBEUI protocol for remote access to limit the extent of intrusions on the network. 9. Control the distribution of remote access software on the network. Never allow client computers to run remote control software. If remote control software is necessary, run the software from centrally controlled computers or thin-client servers. 10. Disable dial-in networking, except in the cases of trusted individuals or to special computers,because dial-in networking can bypass regular network security. ...

Words: 609 - Pages: 3

Premium Essay

Unit 3 Discussion 1: Access Control Models

...Unit 3 Discussion 1: Access Control Models Scenario 1: (DAC) Discretionary Access Control. Being that the business is small and not in need of higher security measures, it would be the easiest to maintain and monitor for a small business. Scenario 2: (MAC) Mandatory Access Control. The employees primarily communicate using smartphones; which proves as a possible security risk. MAC is stronger than DAC but, still easily monitored for a small business; which makes this the top choice for Top Ads. Scenario 3: (RBAC) Role Based Access Control. With the company being as large as it is and the employees traveling and/or working from home, the roles set by a Security Administrator would be the most secure and efficient way of providing different levels of clearance to individual users. It would take time to start from nothing but, once the security measures are in place it would be easy to monitor and to manage. Scenario 4: Content-Dependent Access Control. Since everything that the company does depends on the individual material being manufactured the above Access Control type should be apparent. Giving permissions by what is contained in each individual file is more costly but, a lot more secure. It also allows the company to monitor the data sent less as each document is given its own set of roles. Scenario 5: (RBAC) Role Based Access Control. With RBAC in place the security measures would be assigned to each user and monitored by the security administrator(s). Using this Access...

Words: 295 - Pages: 2

Premium Essay

Unit 3 Discussion 1: Access Control Models

...that have internet access. Discretionary Access Controls should be used in this scenario because the company is small and not in need of high security environment. This solution is the simplest to maintain and monitor for a small business. 2. Top Ads is a small advertising company consisting of 12 computers that have internet access. All employees communicate using smart phones. Mandatory Access Controls should be used in this scenario because the employees primarily communicate using smart phones, which opens up a security risk. Mandatory Access Controls are a step up stronger than Discretionary Access Controls, but are still relatively simple to monitor for a small business. 3. NetSecIT is a multinational IT services company consisting of 120,000 computers that have internet access and 45,000 servers. All employees communicate using smart phones and e-mail. Many employees work from home and travel extensively. Role Based Access Control should be used in this scenario because this is a large company with employees who travel and work from home. The roles should be controlled by a Security Administrator who could provide different levels of security to individual users. There would be some overhead in startup to get up and running but once in place this should be easy to manage. 4. Backordered Parts is a defense contractor that builds communication parts for the military. All employees communicate using smart phones and e-mail. Content-Dependent Access Controls should be used...

Words: 407 - Pages: 2

Premium Essay

Unit 3 Assignment 1 Remote Access Control Policy

...just incase something happens with the network Richman can know exactly when, where, and more details of how this incident transpired. Authorization- Richmann’s investments have to clarify and make known the rules as to who and what computers can gain access to the network resources. I would be best to create a group membership to help avoid accidents within the network. The administrator can assign different users to different group within the network ensuring that everything is place as he/she wants it. The users’ access would be based upon what group they are in that was put in place by the administrator of the network. Authentication- When a user try’s to get into the network system there must be proof in order to enter the network. Some people may think there is a lot of security to enter and access parts of the network but it is better to be safe as possible as a hacker taking or corrupting all the information causing a major or a possible critical problem. Accountability- Users will be held accountable and responsible for anything they do within the network system. I suggest using logs files that information is kept and users have to log in on a daily bases. Using a log book can help prevent, detect, or monitor access to the network...

Words: 261 - Pages: 2

Premium Essay

Week 5 Nt 2580

...Week 3 Course Lesson Plan IT2580 Introduction to Information Systems Security—Unit 3 Mr. Phillip Parrinelli pparrinelli@itt-tech.edu 619-327-1800 Unit 3: Appropriate Access Controls for Systems, Applications, and Data Access Learning Objective Explain the role of access controls in implementing security policy. Key Concepts The authorization policies applying access control to systems, application, and data The role of identification in granting access to information systems The role of authentication in granting access to information systems The authentication factor types and the need for two- or three-factor authentication The pros and cons of the formal models used for access controls Reading Kim and Solomon, Chapter 5: Access Controls. GROUP ACTIVITY Discuss and complete the following worksheet: ------------------------------------------------- IT2580: Unit 3 Types of Authentication Instructions: In the following table, identify the type of authentication for the given authentication methods. Authentication Method | Authentication Type (Knowledge, Ownership, or Characteristic) | Password | | Smart card | | Fingerprint | | Personal identification number (PIN) | | Token | | Badge | | Signature | | ------------------------------------------------- DISCUSSION ------------------------------------------------- IT2580: Unit 3 Access Controls Discussion: Access controls can be...

Words: 716 - Pages: 3

Premium Essay

Asd Rtg

...Unit 3: Appropriate Access Controls for Systems, Applications, and Data Access Learning Objective  Explain the role of access controls in implementing security policy. Key Concepts  The authorization policies applying access control to systems, application, and data  The role of identification in granting access to information systems  The role of authentication in granting access to information systems  The authentication factor types and the need for two- or three-factor authentication  The pros and cons of the formal models used for access controls Reading  Kim and Solomon, Chapter 5: Access Controls. Keywords Use the following keywords to search for additional materials to support your work:  Biometrics  Content Dependent Access Control  Decentralized Access Control  Discretionary Access Control  Kerberos  Mandatory Access Control  Remote Authentication Dial In User Service (Radius)  Role-Based Access Control  Security Controls  Secure European System for Applications in a Multi-Vendor Environment (SESAME)  Single Sign-on  Terminal Access Controller Access-Control System (TACACS) ------------------------------------------------- Week 3 Discussion * Access Control Models * Unit 3 Access Control Models (lT255.U3.TS2) Lab * Enable Windows Active Directory and User Access Controls Assignment * Remote Access Control...

Words: 542 - Pages: 3

Premium Essay

Basic Structures

...use in homes, schools, and business offices. 2. Workstations. Although still of desktop dimensions, these machines have a computational power which is significantly higher than that of personal computers. Workstations are often used in engineering applications, especially for interactive design work (CAD/CAM). 3. Mainframes. A large and powerful computer used for business data processing in medium to large corporations that require much more computing and storage capacity than workstations can handle. 4. Supercomputers. These are used for large-scale numerical calculations found in applications such as weather forecasting and aircraft design and simulation. In mainframes and supercomputers, the main functional units may comprise a number of separate and often large parts. ? In its simplest form, a computer consists of five functionally independent main parts: input, memory, arithmetic and logic, output, and control units. BASIC FUNCTIONAL UNITS OF A COMPUTER ? The Input Unit accepts coded information from human operators or from other computers. Examples: keyboard, joystick, mouse, trackball, scanner, bar code readers ? Memory Unit 1. Primary Storage or Main Memory. This is where programs are stored during their execution. The MM is a fast memory capable of operating at electronic speeds. The information in MM is often processed in groups of fixed size called words. The number of bits...

Words: 707 - Pages: 3

Free Essay

Term Paper on Microprocessor Systems

...System, based on single-chip 8-bit microprocessor KR580VM80AOA with the following characteristics: 1. CPU: KR580VM80A0A. 2. RAM: 24 KBytes 3. ROM: 40 KBytes 4. Controlling for parity. 5. Number of digital inputs: 8. 6. Number of digital outputs: 8. 7. Interrupt controller, with a fixed order of service. 8. DMA channel. 9. Serial channel. 10. Timer / counter. Content Introduction 1. The description of applied elements 2.1 Microprocessor KR580VM80A 2.2 Oscillator of clock pulses KP580ГФ2 2.3 Control unit of interruptions KP580BH5 2.4 System control unit KR580VK28 2.5 Programmed consecutive interface KR580VV51 2.6 Control unit of the keyboard and display KR580VV79 2.7 Microcircuit of random-access memory K537PУ17 2.8 Microcircuit of ROM K573PФ6 2.9 Microcircuit of decoder K155ID3 2.10 Microcircuit K514ИД2 2.11 Buffer register 1533АП5 2. Calculation part 3.12 Calculation and planning of address space of memory 3.13 Construction of circuit designs of decoding of addresses of memory 3.14 Calculation and planning address for input-output devices 3.15 Construction of circuit designs of decoding of addresses of input-output devices 3. The block diagram 4. A circuit diagram Conclusion Reference list Introduction In the given academic year project the microprocessor complete...

Words: 3184 - Pages: 13

Premium Essay

Nt2580

...VPN access control model for a large scale company. * This policy will support remote access control for systems, applications, and data access. Remote access Defined Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings. The following diagram shows the VPN server that provides remote access VPN connections. Domain/Network Config: For each employee that is allowed VPN access: * The network access permission on the dial-in properties of the user account is set to Control access through NPS Network Policy. * The user account is added to the VPN_Users group in Active Directory. To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS): * Policy name: Remote Access VPN Clients * Conditions: * NAS Port Type is set to Virtual (VPN) * Windows Groups is set to VPN_Users * Calling Station ID is set to 207.209.68.1 * Permission is set to Grant access. NPS policy settings: * On the Constraints tab, under Authentication Methods, for EAP Types select Microsoft: Smart Card or other certificate. Also enable Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to be...

Words: 339 - Pages: 2

Free Essay

Computer Generation

...Computer Organization 1. Introduction STUDY MATERIALS ON COMPUTER ORGANIZATION (As per the curriculum of Third semester B.Sc. Electronics of Mahatma Gandh Uniiversity) Compiled by Sam Kollannore U.. Lecturer in Electronics M.E.S. College, Marampally 1. INTRODUCTION 1.1 GENERATION OF COMPUTERS The first electronic computer was designed and built at the University of Pennsylvania based on vacuum tube technology. Vacuum tubes were used to perform logic operations and to store data. Generations of computers has been divided into five according to the development of technologies used to fabricate the processors, memories and I/O units. I Generation II Generation III Generation IV Generation V Generation : 1945 – 55 : 1955 – 65 : 1965 – 75 : 1975 – 89 : 1989 to present First Generation (ENIAC - Electronic Numerical Integrator And Calculator EDSAC – Electronic Delay Storage Automatic Calculator EDVAC – Electronic Discrete Variable Automatic Computer UNIVAC – Universal Automatic Computer IBM 701) Vacuum tubes were used – basic arithmetic operations took few milliseconds Bulky Consume more power with limited performance High cost Uses assembly language – to prepare programs. These were translated into machine level language for execution. Mercury delay line memories and Electrostatic memories were used Fixed point arithmetic was used 100 to 1000 fold increase in speed relative to the earlier mechanical and relay based electromechanical technology Punched cards and paper tape were...

Words: 3359 - Pages: 14

Premium Essay

Cryptography Methods

...Unit 3 Discussion 1: Access Control Models 1. Select an access control model that best prevents unauthorized access for each of the five scenarios given in the worksheet 2. Which types of logical access controls should be used in each scenario? Justify your recommendations. Scenario 1. - Discretionary access controls I s a small company consisting of 12 computers only DAC allows each user to control access to their own data and is typically the default access control mechanism for most desktop operating systems. Scenario 2.-Role-based access control Because RBAC is based on a user's job function within the organization to which the computer system belongs. Scenario 3.-Mandatory access controls Because how big is the company MAC takes a hierarchical approach to controlling access to resources. Under a MAC enforced environment access to all resource objects (such as data files) is controlled by settings defined by the system administrator. As such, all access to resource objects is strictly controlled by the operating system based on system administrator configured settings. Mandatory Access Control the operating system checks the user's classification and categories and compares them to the properties of the object's security label. Scenario 4.- Mandatory access control The design of MAC was defined, and is primarily used by the government. Scenario 5.- Mandatory access control Because all access to resource objects is strictly controlled by the operating...

Words: 452 - Pages: 2

Premium Essay

Abcdef

...PREPARATION FOR MORNING EXAM Computer Science Fundamentals 1.1 Basic Theory of Information 1.1.1 Radix Conversion 1.1.2 Numerical Representations 1.1.3 Non-Numerical Representations 1.1.4 Operations and Accuracy Quiz 1.2 Information and Logic 1.2.1 Logical Operations 1.2.2 BNF 1.2.3 Reverse Polish Notation Quiz 1.3 Data Structures 1.3.1 Arrays 1.3.2 Lists 1.3.3 Stacks 1.3.4 Queues (Waiting lists) 1.3.5 Trees 1.3.6 Hash Quiz 1.4 Algorithms 1.4.1 Search Algorithms 1.4.2 Sorting Algorithms 1.4.3 String Search Algorithms 1.4.4 Graph Algorithms Quiz Questions and Answers 2 3 3 7 10 11 14 15 15 18 21 24 25 25 27 29 30 32 34 37 38 38 41 45 48 50 51 i Chapter 2 Computer Systems 2.1 Hardware 2.1.1 Information Elements (Memory) 2.1.2 Processor Architecture 2.1.3 Memory Architecture 2.1.4 Magnetic Tape Units 2.1.5 Hard Disks 2.1.6 Terms Related to Performance/ RAID 2.1.7 Auxiliary Storage / Input and Output Units 2.1.8 Input and Output Interfaces Quiz 2.2 Operating Systems 2.2.1 Configuration and Objectives of OS 2.2.2 Job Management 2.2.3 Task Management 2.2.4 Data Management and File Organization 2.2.5 Memory Management Quiz 2.3 System Configuration Technology 2.3.1 Client Server Systems 2.3.2 System Configurations 2.3.3 Centralized Processing and Distributed Processing 2.3.4 Classification by Processing Mode Quiz 2.4 Performance and Reliability of Systems 2.4.1 Performance Indexes 2.4.2 Reliability 2.4.3 Availability Quiz 2.5 System Applications 2.5.1 Network Applications 2...

Words: 26218 - Pages: 105

Free Essay

Redhat

...concepts will be introduced to provide a foundation for students planning to become fulltime Linux system administrators. By the end of the five-day course, students will be able to perform installation, establish network connectivity, manage physical storage, and perform basic security administration. LINUX-6 Course Outline Unit 1: Get Started with the GNOME Graphical Desktop Objective: Get started with GNOME and edit text files with gedit Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus Unit 3: Get Help in a Graphical Environment Objective: Access documentation, both locally and online Unit 4: Configure Local Services Objective: Configure the date and time and configure a printer Unit 5: Manage Physical Storage I Objective: Understand basic disk concepts and manage system disks Unit 6: Manage Logical Volumes Objective: Understand logical volume concepts and manage logical volumes Unit 7: Monitor System Resources Objective: Manage CPU, memory, and disk utilization Unit 8: Manage System Software Objective: Manage system software locally and using Red Hat Network (RHN) Unit 9: Get Started with Bash Objective: Understand basic shell concepts, execute simple...

Words: 1463 - Pages: 6

Premium Essay

Is3340 Unit 1

...Unit 1 Assignment1: Adding Active Directory Robert Hanke ITT Tech IS3340 Windows Security Dr. Joseph Martinez 3/27/14 Unit 1 Assignment1: Adding Active Directory Currently, system administrators create Ken 7 users in each computer where users need access. In the Active Directory, the system admins will create Organizational Groups (OU). These OU’s can then can have restriction or Group Policy Objects (GPOs) put in to place that will restrict what a user can and can’t access. An organizational unit is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority. Using organizational units, you can create containers within a domain that represent the hierarchical, logical structures within your organization. You can then manage the configuration and use of accounts and resources based on your organizational model (techNet, 2005). With the users assigned to group accounts or OU’s, you can use to assign a set of permissions and rights to multiple users simultaneously, along with making any changes that are needed to individual users. Computer accounts provide a means for authenticating and auditing computer access to the network and to domain resources. Each computer account must be unique. Once the conversion has taken place, the local users on the client computer will not be affected during domain join. They can still logon on the local machine. Meanwhile, on domain controllers, during the Active Directory Installation...

Words: 430 - Pages: 2