Week 2 Essay Johnathan Terrance NT2580: Introduction to Information Security Brian Alley May 10, 2014 I have been given the task of designing a remote access control policy for establishing secure access between remote offices across several different states. Establishing this policy will protect the company and employees against attacks that may cost them tons of money and even their jobs. The policy will define several different security practices that employees need to adhere to in order
Words: 617 - Pages: 3
Three IT infrastructure domains that would be mostly affected by the “Internal Use Only” data classification standard would be the User Domain, the Workstation Domain, and the LAN domain. The first domain that would be affected is the User Domain. The User Domain defines the people who access an organization’s information system. One of the roles and tasks is that the user can access systems, applications, and data depending upon their defined access rights. Inside the User domain is where the
Words: 581 - Pages: 3
It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each
Words: 258 - Pages: 2
William Burns-Garcia NT 2580 Unit 1 Assignment 2 Re: Impact of a Data Classification Standard Per your request, I have included information regarding the data classification standards designed for Richman investments. This report will include information that pertains to the IT infrastructure domains and how they are affected. Though there are several, I want to concentrate on three of the most vulnerable. 1. User Domain: Of all domains, this can be the most vulnerable as it usually affects
Words: 364 - Pages: 2
1. Discretionary Access Control – For Shovels and Shingles I would use Discretionary Access Controls. This way certain user groups have certain access. Considering there is only 12 clients I would assume the employee base and small and only 2-3 groups would be required with different access levels. 2. Rule Based Access Control – Due to the small client base and the fact most users would most likely be sharing information in a small advertising company I would go with Rule Based. This way there
Words: 321 - Pages: 2
Wesley, Below is a summary of the action plan we established last fall 2015 and your corresponding results. Most of the tasks summarized below showed you performing at an acceptable level. There is one unacceptable rating associated with the multi-application task. At some time in the near future, this task will need be revisited so that I see your rating for that particular task improve. When you are requested to complete the multi-application installation, I would preferred that at the very least
Words: 1084 - Pages: 5
Lab #1 – Report file Identifying Threats and Vulnerabilities in an IT Infrastructure Course Name and Number: Risk Management IS355 Student Name: Sherry Best Instructor Name: Nicole Goodyear Lab Due Date: 1/16/2018 In your Lab Report file, describe how risk can impact each of the seven domains of a typical IT infrastructure: User, Workstation, Local Area Network (LAN), Local Area Network to Wide Area Network (LAN-to-WAN), Wide Area Network (WAN), Remote Access, and System/Application domains. Risk
Words: 695 - Pages: 3
Database Security Solutions Defined There are six different categories of solutions in the matrix above that align with your organization’s compliance and security objectives. • Discovery and Assessment locate where database vulnerabilities and critical data reside. • User Rights Management identifies excessive rights over sensitive data. • Monitoring and Blocking protect databases from attacks, unauthorized access, and theft of data. • Auditing helps demonstrate compliance with industry regulations
Words: 458 - Pages: 2
TASK 4: APPLICATION SECURITY SUPPORT The Supplier will provide oversight and verification of the design of NERC CIP V6 compliant security controls, and the specification of those controls for individual Vendor review and installation. A Concept System Protection Profile (SPP) will be generated for classes of BES Cyber Assets based on a logical grouping of the BES cyber assets. These Concept SPPs will be used to focus vendor security configuration efforts, and provide a method of ensuring
Words: 1209 - Pages: 5
Unit Assignment 2: Impact of a Data Classification The Internal Use Only data classification standard of Richman Investments has many different infrastructures domains that are affected via internal use only data classification. More than all others, the three infrastructures that are affected the most are the User Domain, Workstation Domain and the LAN Domain. The reason why the User Domain infrastructure is one of the most affected infrastructures is because the User Domain infrastructure is
Words: 280 - Pages: 2