It255 Unit1.1

In: Computers and Technology

Submitted By makkak22
Words 452
Pages 2
You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed.
Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat.

Risks or threats:
1. Violation of a security policy by a user ____C___
2. Disgruntled employee sabotage ___I____
3. Download of non-business videos using the Internet to an employer-owned computer ____A ____
4. Malware infection of a user’s laptop ___L____
5. Unauthorized physical access to the LAN ___ N ____
6. LAN server operating system vulnerabilities ____F____
7. Download of unknown file types from unknown sources by local users ___ B _____
8. Errors and weaknesses of network router, firewall, and network appliance configuration file ___H_____
9. WAN eavesdropping ___M_____
10. WAN Denial of Service or Distributed Denial of Service (DDoS) attacks ___D_____
11. Confidential data compromised remotely ___K_____
12. Mobile worker token stolen ___G_____
13. Corrupt or lost data ___E_____
14. Downtime of customer database ___J_____

Solutions or preventative actions:
A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.
B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.
C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
D. Apply filters on exterior Internet Protocol (IP) stateful firewalls and IP router WAN interfaces.
E. Implement daily data backups and off-site data storage…...

Similar Documents


...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms &......

Words: 4114 - Pages: 17

It255 Quiz 2

...IT255 Intro to Info Security June 2012 Quiz 2 Name: Date: 08/21/2012 1. Which of the following are primary categories of rules that most organizations must comply with? a. HR and employee b. Regulatory and employee c. Organizational and technological d. Regulatory and organizational 2. Which of the following is not a part of an ordinary IT security policy framework? a. Specifications b. Standards c. Procedures d. Guidelines 3. Which of the following helps you determine the appropriate access to classified data? a. Job rotation b. Need to know c. Code of ethics d. Change control management 4. Which of the following refers to the management of baseline settings for a system device? a. Baseline standards control b. Configuration control c. Change control d. Hardware asset control 5. Identify a primary step of the SDLC. a. Budget review b. Design c. Replication d. Marketing 6. Which of the following is a process to verify policy compliance? a. Penetration test b. Security audit c. Threat mitigation d. Security assessment 7. When monitoring a system for anomalies, the system is measured against __________. a. Baseline b. Logs c. Security policy d. Results of the penetration test 8. Which of the following is not a type of penetration test? a. Black box b. White box c. Gray box d. Blue box 9. Identify a drawback of log monitoring. a. Amount of information b. Specialized tools requirements c. Accuracy of......

Words: 394 - Pages: 2

It255 Unit 3 Assignment 1

...H. Underwood IT255 4/8/13 UNIT 3: Assignment: 1 Remote Access Control Policy 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman Investment’s network from any host. These standards are designed to minimize the potential exposure of Richman Investment’s to damages which may result from unauthorized use of Richman Investment’s resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to Richman Investment’s internal systems, etc. 2.0 Scope This policy applies to all of Richman Investment’s employees, contractors, vendors and agents with a Richman Investment’s owned or personally-owned computer or workstation used to connect to the Richman network. This policy applies to remote access connections used to do work on behalf of Richman Investment’s, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman Investment’s employees, contractors, vendors and agents with remote access privileges to Richman Investment’s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman Investment’s. 2. General access to the Internet for recreational use...

Words: 1214 - Pages: 5

It255 Assignment 3

...Melissa Burkhardt IT255 Unit 3 Assignment To begin designing a remote access control policy for The Richman Company, several configurations must take place. The Richman corp. uses In a Windows Server 2003-based native-mode domain, you can use the following three types of remote access policies: Explicit allow, the remote access policy is set to "Grant remote access permission" and the connection attempt matches the policy conditions,The remote access policy is set to "Deny remote access permission" and the connection attempt matches the policy conditions. Secondly, I would enforce The Explicit deny policy. The remote access policy is set to "Deny remote access permission" and the connection attempt matches the policy conditions. The connection attempt does not match any remote access policy conditions. After implementation of several security policies, I would create a SSL VPN network. This is a form of VPN that can be used with a standard Web browser. In contrast to the traditional Internet Protocol Security (IPsec) VPN, an SSL VPN does not require the installation of specialized client software on the end user's computer. It's used to give remote users with access to Web applications, client/server applications and internal network connections. Every Richman Employee must meet the Policy Conditions to the properties of the connection attempt made by the remote access client. There can be one or more Remote Access conditions applied to a single Remote Access Policy...

Words: 299 - Pages: 2


...Exam 1 1. Which edition of Windows includes DirectAccess and BranchCache? A. Windows 7 Enterprise B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Home Premium Answer: A Windows 7 Enterprise is targeted for managed environments, mainly large enterprises. It includes all features that Windows 7 offers, including BitLocker, BitLocker To Go, AppLocker, DirectAccess, and BranchCache. 2. How much memory does a 32-bit version of Windows 7 support? A. 1 GB B. 2 GB C. 4 GB D. 8 GB Answer: C A 32-bit version of Windows is based on a 32-bit address bus, which can use up to 4 GB of memory. 3. Which of the following does NOT include Aero? A. Windows 7 Home Premium B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Enterprise Answer: C Aero is not included in Windows 7 Home Basic or Windows 7 Starter. 4. What is the minimum processor that you need to install Windows 7 Home Basic, 32 bit? A. 800 MHz B. 1 GHz C. 1.2 GHz D. 2.0 GHz Answer: B ...

Words: 3862 - Pages: 16


...Answer the following questions a) What is the basic concept of interest? b) How is interest usually expressed? (In terms of the principal) Interested is usually expressed as a percent on the principal. c) What does the interest rate multiply on for simple interest? A 30-year loan for $100,000 with a rate of 6%. The monthly payment would be $599.56 for both the standard and simple interest mortgages. The interest due is calculated differently, however. On the standard mortgage, the 6% is divided by 12, converting it to a monthly rate of .5%. The monthly rate is multiplied by the loan balance at the end of the preceding month to obtain the interest due for the month. In the first month, it is $500. d) What does the interest rate multiply on for compound interest? It multiplies interest* total amount What is the formula for simple interest? I=P *r* t e) Example below f) What is the formula for compound interest? P is the principal (the initial amount you borrow or deposit) r is the annual rate of interest (percentage) n is the number of years the amount is deposited or borrowed for. A is the amount of money accumulated after n years, including interest. When the interest is compounded once a year: A=P(1+r)n*t Also you can use compound interest like this Annually = P × (1 + r) = (annual compounding) Quarterly = P (1 + r/4)4 = (quarterly compounding) Monthly = P (1 + r/12)12 = (monthly compounding) Given the......

Words: 367 - Pages: 2

It255 Project Part 1

...IT255 Project Part 1 4/1/12 User Domain Vulnerabilities * CD dives and usb ports Disable internal drives and usb ports and enable auto antivirus scanning for any inserted media and email attachments * User destruction of data or systems Restrict access to job essential systems/applications. Keep write permissions to a minimum. Workstation Domain Vulnerabilities * Download of photos music and videos from the internet Enable content filtering and workstation auto antivirus scans for all new files * Desktop/laptop application software vulnerabilities Establish a software vulnerability upgrade procedure and push software and security patches in a timely manner LAN Domain Vulnerabilities * Unauthorized access to LAN Implement security measures to gain access to data closets/centers. ie. Access ID cards. * Securing confidentiality of data transmissions via WLAN Use encryption for all wireless transmissions on the WLAN. LAN-to-WAN Domain Vulnerabilities * Router, firewall, and network OS software vulnerabilities Apply security fixes and software patches right away with a 0 day WoV * Unauthorized network probing Disable ping, probing, and port scanning on all external network enabled devices in the domain. WAN Domain Vulnerabilities * Easy to eavesdrop on Use VPN’s and encryption for all transmissions * DoS, DDoS attacks Enable filters to firewalls and router WAN interfaces to block TCP SYN and ping. Remote Access Domain...

Words: 290 - Pages: 2

Itt It255 Research Project Part 1

...Brian Gobrecht IT255 Project Part 1 The domains of an infrastructure are broken down into several parts. The User, Workstation, LAN, LAN-to-Wan, Remote Access, Wan, and System/Application domains. All of these are a very crucial part of a domain structure and if one fails to do its proper job most of it or all of it will come to a screeching halt. The User Domain is pretty self-explanatory yes a system can do without a user but by itself it’s more probable to breakdowns and other things to go wrong. So to help the user out in a way it’s not damaging to the infrastructure. One way is to have the computer scan for viruses in anything that plugs into the usb slot such as a portable hard drive or a memory card. As for unauthorized downloads such as music or photos I suggest enable content filtering. Workstation domains are another vital part of keeping the system healthy at most times. To protect this I suggest either at the door of the server room keycards to get in and at the workstation itself both a physical and pass worded approach to ensure the right person is getting in. And to add further measure of security the room would be camera surveyed and users will be logged. A LAN domain can be a very volatile domain with all the wiring and NIC cards and LAN switches common in most rooms. If we are to hopefully secure this part of the domain I would like to be able to restrict access to the computers and laptops that are only necessary to the work environment. So if someone...

Words: 474 - Pages: 2

It255 Define an Acceptable Use Policy Essay

...IT255 Acceptable Use Policy (AUP) I have reviewed the list of forbidden traffic and came up with this acceptable use policy. Some ports (20&69) would be disabled denying file transfer if all traffic listed is forbidden. I propose the use of content filtering, file transfer monitoring, scanning and alarming for unknown file types from unknown or restricted sources. The restriction on downloading executables could be changed in the same fashion. Both of these guidelines could otherwise interfere with otherwise normal business practice and hinder the productivity of the company. The redistribution copyrighted material is restricted because the system administrator ensures all workstations have what they need. No exporting internal software or technical material in violation of export control laws. If a worker needs such software or material for a location that does not have it then they will be issued license for said use of such property. Workstations will run antivirus and malicious removal software. These programs will be update as new definitions and malicious code data are provided. The organizations data classification standard should address remote access. The company will deny outbound traffic using source IP addresses in access control lists. If remote access is allowed, encrypt where necessary. This will prevent any unauthorized access to internal resources or information from external sources. No unauthorized port scanning or probing on the company’s......

Words: 487 - Pages: 2


...Richman Investment IT 255 INTRODUCTION TO INFORMATION SYSTEMS SECURITY LAB WEEK 1 – PROJECT PART 1 User Domain defines the people who access organization’s information system. I would conduct series of security awareness training for all employees in the company. I will ensure that all USB ports and CD drives are disabled to prevent people from bringing foreign materials to temper with the work site. The workstation domain which can be a computer or any peripheral device connected to the IT infrastructure or network. For security purpose password protection would be setup on workstation for access and auto screen lockout for inactive times. A workstation application software vulnerability window policy in order to scan for viruses, malware, or malicious code. The LAN Domain which is a collection of computers connected to a common computer medium which is the third level in the multi-layered security structure. Security wise I would ensure that wiring closets data centers, and computer rooms are secure and not allow anyone to access without proper ID. I would implement LAN Server and configuration standards, procedures, and guidelines. Fourth is the LAN-to-WAN Domain which is where the IT infrastructure links to a wide area network and the internet. Fourth layer of the security is the LAN-to-WAN Domain. It’s when the IT infrastructure links to a wide area network. The LAN-to-WAN involves both the physical piece and the logical design for security appliances. To......

Words: 309 - Pages: 2

It255 Unit5 Assignment

...TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage......

Words: 295 - Pages: 2


...UNIT 2 ASSIGNMENT2 What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. Advisory Number: CVE Ref: 2401593 CVE-2010-3213 2264072 CVE-2010-1886* 980088 CVE-2010-0255 975497 CVE-2009-3103 98343 CVE-2010-0817* 2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue? Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked. 3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. Advisory Number: 977981 Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights Advisory Number: 979352 Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the......

Words: 279 - Pages: 2


...1. Data Encryption Standard (DES): A predominant algorithm for the encryption of electronic data. It was influential in the advancement of modern cryptography in the academic world. 2. Rivest, Shamir and Adleman (RSA) encryption algorithm: Internet encryption and authentication system that uses an algorithm. It is most commonly used encryption and authentication algorithm used. 3. Triple DES: A block cipher, which applies the data encryption standard cipher algorithm three times to each data block. 4. Diffie-Hellman key exchange: A specific method of exchanging cryptographic keys. It allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. 5. International Data Encryption Algorithm (IDEA): Uses a block cipher with a 128-bit key, and is generally considered to be very secure. It is known as the best public known algorithm. 6. El Gamal encryption algorithm: An asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie-Hellman exchange. It is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. 7. Carlisle Adams and Stafford Taveres (CAST) algorithm: This is a substitution-permutation algorithm similar to DES. It was designed with a public criteria. 8. Elliptic curve cryptography (ECC): A public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient......

Words: 519 - Pages: 3

It255 Project Pdf

...IT255 Introduction to Information Systems Security STUDENT COPY: Project Project Security Domains and Strategies Purpose This project provides you an opportunity to apply the competencies gained in various units of this course to identify security challenges and apply strategies of countermeasures in the information systems environment. Learning Objectives and Outcomes  You will learn the purpose of a multi-layered security strategy.  You will understand the information systems security (ISS) fundamentals including the definition of terms, concepts, elements, and goals.  You will incorporate the industry standards and practices with a focus on the confidentiality, integrity, availability, and vulnerabilities of information systems.  You will fulfill the role of a security professional implementing proper security controls in a specific ® business situation based on Systems Security Certified Practitioner (SSCP ) Common Body of Knowledge domains. Required Source Information and Tools To complete the project, you will need the following: 1. Access to the Internet to perform research for the project 2. Course textbook 2 ® ® 3. (ISC) SSCP Common Body of Knowledge available in the SSCP Candidate Information Bulletin © ITT Educational Services, Inc. All Rights Reserved. -147- Change Date: 10/25/2010 IT255 Introduction to Information Systems Security STUDENT COPY: Project Project Logistics The project...

Words: 1563 - Pages: 7


...Internet DMZ Equipment Policy 1.0 Purpose The purpose of this policy is to define standards to be met by all equipment owned and/or operated by Richman Investments located outside Richman Investment's corporate Internet firewalls. These standards are designed to minimize the potential exposure to Richman Investment from the loss of sensitive or company confidential data, intellectual property, damage to public image etc., which may follow from unauthorized use of Richman Investment resources. Devices that are Internet facing and outside the Richman Investment firewall are considered part of the "de-militarized zone" (DMZ) and are subject to this policy. These devices (network and host) are particularly vulnerable to attack from the Internet since they reside outside the corporate firewalls. The policy defines the following standards: * Ownership responsibility * Secure configuration requirements * Operational requirements * Change control requirement 2.0 Scope All equipment or devices deployed in a DMZ owned and/or operated by Richman Investment (including hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by Richman Investment, must follow this policy. This policy also covers any host device outsourced or hosted at external/third-party service providers, if that equipment resides in the "" domain or appears to be owned by Richman Investment. All......

Words: 1219 - Pages: 5