...Services and Security Course Revision Table Footer Date: 09/30/07 10/10/07 Section: All All Reason for Change: New Curriculum QA Edits Implementation Date: December 2007 December 2007 © ITT Educational Services, Inc. Date: 10/10/07 Exams & Answer Keys [Exam I —Unit 6] DATE: ________________________________ STUDENT NAME: ________________________________ COURSE NUMBER: ________________________________ INSTRUCTOR: ________________________________ ITT COLLEGE: ________________________________ General Instructions: 1. This is a closed-book, closed-notes Exam. No reference material (including assignments and lab) will be permitted for use during the exam session. 2. The exam contains true/false and multiple choice types of questions. 3. Please use the separate answer sheet provided to you for marking your answers. 4. Each question is worth two points. Good luck! © ITT Educational Services, Inc. Date: 10/10/07 Exams & Answer Keys 1. The most common cause of security breaches is ______. a. no alarm system b. weak passwords c. untrained security guards d. poor perimeter lighting 2. Windows Server administrators should not use the Administrator account for everyday activity. They should use the ________ command, only when performing administrative functions. a. super user b. run as c. task manager d. power user 3. For organizations with wireless networks, deployment of ________ is necessary to vastly increase the security of the wireless access points. a....
Words: 3277 - Pages: 14
...Unit 4 Assignment 1: Enhance and Existing IT Security Policy Framework Richman Investments Remote Access Standards Purpose: This document is designed to provide definition of the standards for connecting remotely to Richman Investments’ network outside of the company’s direct network connection. The standards defined here are designed to mitigate exposure to potential damage to Richman Investments’ network, resulting from the use of unauthorized use of network resources. Scope: All Richman Investments agents, vendors, contractors, and employees, who use either Richman Investments company property or their own personal property to connect to the Richman Investments network, are governed by this policy. The scope of this policy covers remote connections, used to access or do work on behalf of Richman Investments, including, but not limited to, the viewing or sending of e-mail, and the viewing of intranet resources. Policy: Richman Investments agents, vendors, contractors, and employees with privilege to remote access to Richman Investments’ corporate network are responsible for ensuring that they adhere to these standards, whether using company-owned or personal equipment for data access, and that they follow the same guidelines that would be followed for on-site connections to the Richman Investments network. General access to the Internet by household members via the Richman Investments network will be permitted, and should be used responsibly, such that all Richman...
Words: 474 - Pages: 2
...while key command line concepts will be introduced to provide a foundation for students planning to become fulltime Linux system administrators. By the end of the five-day course, students will be able to perform installation, establish network connectivity, manage physical storage, and perform basic security administration. LINUX-6 Course Outline Unit 1: Get Started with the GNOME Graphical Desktop Objective: Get started with GNOME and edit text files with gedit Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus Unit 3: Get Help in a Graphical Environment Objective: Access documentation, both locally and online Unit 4: Configure Local Services Objective: Configure the date and time and configure a printer Unit 5: Manage Physical Storage I Objective: Understand basic disk concepts and manage system disks Unit 6: Manage Logical Volumes Objective: Understand logical volume concepts and manage logical volumes Unit 7: Monitor System Resources Objective: Manage CPU, memory, and disk utilization Unit 8: Manage System Software Objective: Manage system software locally and using Red Hat Network (RHN) Unit 9: Get Started with Bash Objective: Understand basic shell concepts, execute simple...
Words: 1463 - Pages: 6
...the vulnerabilities and threats to their vast information systems. Past breaches have illustrated how vulnerable the networks are, and we can look at history to see the development of the defense networks and security. The DoD made a large impact across the computer security field with their security handbook called the “Orange Book”. The official name for the Orange Book is “DoD 5200.28-STD, Department of Defense Trusted Computer System Evaluation Criteria”, which was first written in 1983 and further updated in 1985. (Department of Defense, 1985) It is the computer system criteria book within a series of security related guides and directives called the “Rainbow Series,” which are the numerous standards and guidelines published by the Department of Defense. The document laid the foundation for the communication between the developers and the customers. The model was based on systems meeting six security requirements: security policy, marking of objects, identification of subjects, accountability, assurance, and continuous protection. After evaluation, the system is placed in one of four categories: A, B, C, and D. Category A having the highest security rating down to category D, which is either a failure or a system yet to be evaluated. The model is heavy on both access control based on the users’ authorization for information, and a labeling system to mark the corresponding rating as a measure to enforce protocols. (Department of Defense, 1985) The Orange...
Words: 2282 - Pages: 10
...The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction ..................................................................................................................................................................... 3 CSC 1: Inventory of Authorized and Unauthorized Devices ............................................................................ 8 CSC 2: Inventory of Authorized and Unauthorized Software ....................................................................... 14 CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers ....................................................................................................................................... 19 CSC 4: Continuous Vulnerability Assessment and Remediation ................................................................. 27 CSC 5: Malware Defenses .......................................................................................................................................... 33 CSC 6: Application Software...
Words: 31673 - Pages: 127
...Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 ...
Words: 2305 - Pages: 10
...ITT TECHNICAL INSTITUTE NT1210 Introduction to Networking Onsite Course GRADED ASSIGNMENTS Graded Assignment Requirements Retain all handouts issued in every unit, as well as any assignment, research, or lab documents you prepare as part of assignments and labs. Some may be used more than once in different units. NOTE: Always check with your instructor for specific due dates of assignments. Graded Assignments Unit 1 Assignment 1: Computer Basics Review Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Describe how digital devices store data. * Describe the differences between input and output devices. Assignment Requirements In the Chapter Review Activities at the end of Chapter 1 in the Odom textbook (answers can be found in the textbook): * Respond to the multiple-choice questions. * Complete the List the Words inside Acronyms table. Required Resources * Odom textbook * Computer with word processing software * Internet access * Printer Submission Requirements: Submit your responses as a typed document using Arial or Times New Roman 12-point font, double-spaced. Label your assignment Unit 1 Assignment 1. Unit 2 Assignment 1: Identifying Network Topologies Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Identify the...
Words: 16043 - Pages: 65
...ITT TECHNICAL INSTITUTE NT1210 Introduction to Networking Onsite Course GRADED ASSIGNMENTS Graded Assignment Requirements Retain all handouts issued in every unit, as well as any assignment, research, or lab documents you prepare as part of assignments and labs. Some may be used more than once in different units. NOTE: Always check with your instructor for specific due dates of assignments. Graded Assignments Unit 1 Assignment 1: Computer Basics Review Course Objectives and Learning Outcomes Identify the major needs and major stakeholders for computer networks and network applications. Describe how digital devices store data. Describe the differences between input and output devices. Assignment Requirements In the Chapter Review Activities at the end of Chapter 1 in the Odom textbook (answers can be found in the textbook): Respond to the multiple-choice questions. Complete the List the Words inside Acronyms table. Required Resources Odom textbook Computer with word processing software Internet access Printer Submission Requirements: Submit your responses as a typed document using Arial or Times New Roman 12-point font, double-spaced. Label your assignment Unit 1 Assignment 1. Unit 2 Assignment 1: Identifying Network Topologies Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Identify the classifications of networks and how they are...
Words: 16182 - Pages: 65
...ITT TECHNICAL INSTITUTE NT1210 Introduction to Networking Onsite Course GRADED ASSIGNMENTS Graded Assignment Requirements Retain all handouts issued in every unit, as well as any assignment, research, or lab documents you prepare as part of assignments and labs. Some may be used more than once in different units. NOTE: Always check with your instructor for specific due dates of assignments. Graded Assignments Unit 1 Assignment 1: Computer Basics Review Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Describe how digital devices store data. * Describe the differences between input and output devices. Assignment Requirements In the Chapter Review Activities at the end of Chapter 1 in the Odom textbook (answers can be found in the textbook): * Respond to the multiple-choice questions. * Complete the List the Words inside Acronyms table. Required Resources * Odom textbook * Computer with word processing software * Internet access * Printer Submission Requirements: Submit your responses as a typed document using Arial or Times New Roman 12-point font, double-spaced. Label your assignment Unit 1 Assignment 1. Unit 2 Assignment 1: Identifying Network Topologies Course Objectives and Learning Outcomes * Identify the major needs and major stakeholders for computer networks and network applications. * Identify the...
Words: 16043 - Pages: 65
...IS4550 Security Policies and Implementation INSTRUCTOR GUIDE Course Revision Table Change Date | Updated Section | Change Description | Change Rationale | Implementation Quarter | 12/20/2011 | All | New curriculum | | June 2012 | | | | | | | | | | | | | | | | | | | | | | | | | | ------------------------------------------------- ------------------------------------------------- Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory, 30 Lab) Prerequisite: IS3110 Risk Management in Information Technology Security or equivalent Corequisite: None Table of Contents Course Overview 5 Course Summary 5 Critical Considerations 5 Instructional Resources 6 Required Resources 6 Additional Resources 6 Course Management 8 Technical Requirements 8 Test Administration and Processing 8 Replacement of Learning Assignments 9 Communication and Student Support 9 Academic Integrity 10 Grading 11 Course Delivery 13 Instructional Approach 13 Methodology 13 Facilitation Strategies 14 Unit Plans 15 Unit 1: Information Security Policy Management 15 Unit 2: Risk Mitigation and Business Support Processes 25 Unit 3: Policies, Standards, Procedures, and Guidelines 33 Unit 4: Information Systems Security Policy Framework 42 Unit 5: User Policies 50 Unit 6: IT Infrastructure Security Policies 58 Unit 7: Risk Management 66 Unit 8: Incident Response Team Policies 74 Unit 9: Implementing...
Words: 18421 - Pages: 74
...Unit 1 Assignment1: Adding Active Directory Robert Hanke ITT Tech IS3340 Windows Security Dr. Joseph Martinez 3/27/14 Unit 1 Assignment1: Adding Active Directory Currently, system administrators create Ken 7 users in each computer where users need access. In the Active Directory, the system admins will create Organizational Groups (OU). These OU’s can then can have restriction or Group Policy Objects (GPOs) put in to place that will restrict what a user can and can’t access. An organizational unit is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority. Using organizational units, you can create containers within a domain that represent the hierarchical, logical structures within your organization. You can then manage the configuration and use of accounts and resources based on your organizational model (techNet, 2005). With the users assigned to group accounts or OU’s, you can use to assign a set of permissions and rights to multiple users simultaneously, along with making any changes that are needed to individual users. Computer accounts provide a means for authenticating and auditing computer access to the network and to domain resources. Each computer account must be unique. Once the conversion has taken place, the local users on the client computer will not be affected during domain join. They can still logon on the local machine. Meanwhile, on domain controllers, during the Active Directory Installation...
Words: 430 - Pages: 2
...Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications 300...
Words: 4114 - Pages: 17
...Classify Data for Access Control Requirements Lab Assessment Questions & Answers 1. What is the Data Classification Method used in the Military and Government Agencies that line up with the corporate data classification method defined earlier in this lab? Explain. Secret- This is the second-highest classification. Information is classified Secret when its release would cause "serious damage" to national security. Most information that is classified is held at the secret sensitivity. 2. Describe one way to help prevent unauthorized users from logging onto another person’s user account and accessing his/her data? By authorization, a person have to identify his/herself, the access control system verifies the person’s identity, the access control system must determine whether the person is authorized with a username and passwords 3. What permissions are necessary to allow an Active Directory Group called AD_Group to read and write files in a Sensitive directory such as C:\ERPdocuments\HRfiles? Read-Write permissions (Author) 4. How would you apply the permissions (ACLs) stated above (M,RX) to the AD_Group on C:\ERPdocuments\HRfiles from the command prompt using built-in Windows tools? You can use the extended change access control List tool (Xcals.exe) to modify and view NTFS permissions for files or folders 5. When adding permissions to a directory in an Active Directory Domain, would you prefer to add Groups or individual...
Words: 1377 - Pages: 6
...Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies...
Words: 4296 - Pages: 18
...STANDARDS FOR UNARMED SECURITY GUARD [PRIVATE SECURITY SECTOR] Font: Callibri(Body),Font size 16 Contents 1. Introduction and Contacts..…Page no. 1 2. Qualifications Pack……….……...Page no. 2 3. OS Units……………………..…….….Page no.2 4. Glossary of Key Terms …………Page no.3 OS describe what individuals need to do, know and understand in order to carry out a particular job role or function OS are performance standards that individuals must achieve when carrying out functions in the workplace, together with specifications of the underpinning knowledge and understanding Insert your SSC picture here Introduction Qualifications Pack – Unarmed Security Guard SECTOR: PRIVATE SECURITY SUB-SECTOR: 1. COMMERCIAL 2. INDUSTRIAL OCCUPATION: GUARDING REFERENCE ID: SKS/Q0101 ALIGNED TO: NCO-2004/9152.30 An Unarmed Security Guard in the Private Security Sector form the first level of defence and notice and encounter threats and risks that are detrimental to life, property and premises. Security Guard is responsible for monitoring premises and property through physical presence and by using security and protection systems. Brief Job Description: The primary role of the individual entails guarding designated premises and people by manning the first tier of protection aided by appropriate security devices/equipment. The core responsibility includes guarding against theft, criminal acts, emergencies, fire and other contingencies. Personal Attributes: An Unarmed Security Guard needs to bear...
Words: 8254 - Pages: 34
