...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system. * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation Domain ...
Words: 508 - Pages: 3
...Three IT infrastructure domains that would be mostly affected by the “Internal Use Only” data classification standard would be the User Domain, the Workstation Domain, and the LAN domain. The first domain that would be affected is the User Domain. The User Domain defines the people who access an organization’s information system. One of the roles and tasks is that the user can access systems, applications, and data depending upon their defined access rights. Inside the User domain is where the user would find the acceptable user policy or AUP. The AUP defines what users are allowed to do within the organization-owned IT assets. The User Domain is considered the weakest and most affected domain. One reason why is that it has a lack of user awareness. Another reason is that when users are downloading various content and different files, they generally do not conform to the established security guidelines. To protect from these issues, there should be enabled content filtering as well as automatic antivirus scans. A way to protect from an user doing Employee blackmail or extortion is to enable intrusion detection system/intrusion prevention system (IDS/IPS) monitoring. The monitoring will examine the IP data streams for inbound and outbound traffic. A second domain that is affected is the Workstation Domain. The Workstation Domain is where most users connect to the IT infrastructure. A workstation can be a desktop computer, laptop or any device that connects to the network....
Words: 581 - Pages: 3
...properties of the user account is set to Control access through NPS Network Policy. * The user account is added to the VPN_Users group in Active Directory. To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS): * Policy name: Remote Access VPN Clients * Conditions: * NAS Port Type is set to Virtual (VPN) * Windows Groups is set to VPN_Users * Calling Station ID is set to 207.209.68.1 * Permission is set to Grant access. NPS policy settings: * On the Constraints tab, under Authentication Methods, for EAP Types select Microsoft: Smart Card or other certificate. Also enable Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to be governed by remote access. The IS Dept. is responsible for maintaining the access and access rights and prividgles and restricted as needed by user roles in the organization. All data is encrypted and transmitted via remote and encrypted and used by the vpn tunnel. VPN access will be terminated on a 3 month basis and must be renewed by revisiting based on your access role and permissions....
Words: 339 - Pages: 2
...Institute 3825 West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief report on how the...
Words: 530 - Pages: 3
...Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 NT1210 Structure and Introduction to ComputerLogic Networking IS3120 IS3110 NT1210 Network Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications ...
Words: 2305 - Pages: 10
...network client computers, and related aspects of typical network server functions. Client-Server Networking I Syllabus Where Does This Course Belong? 1st QTR GS1140 NT1110 GS1145 Problem Solving Theory Computer Structure and Logic Strategies for the Technical Professional 2nd QTR NT1210 Introduction to Networking NT1230 Client-Server Networking I MA1210 College Mathematics I 3rd QTR NT1310 NT1330 MA1310 4th QTR PT1420 NT1430 EN1320 5th QTR PT2520 NT2580 EN1420 6th QTR NT2640 NT2670 CO2520 7th QTR NT2799 SP2750 Physical Networking Client-Server Networking II College Mathematics II Introduction to Programming Linux Networking Composition I Database Concepts Introduction to Information Security Composition II IP Networking Email and Web Services Communications Network Systems Administration Capstone Project Group Theory The follow diagram indicates how this course relates to other courses in the NSA program: 1 Date: 8/31/2012 Client-Server Networking I Syllabus NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420...
Words: 1834 - Pages: 8
...NT2580 Unit 3 Assignment & Lab Unit 3. Assignment 1 - Remote Access Control Policy Definition There are three key parts I will have to take into account while designing a Remote Access Control Policy for Richman Investments. These three parts (Identification, Authentication and Authorization) will not be all for the Remote Access Control Policy, I will need to include the appropriate access controls for systems, applications and data access. I will also need to include my justification for using the selected access controls for systems, applications and data access. The first part I need to implement for this Remote Access Control Policy is Identification, which is defined in this sense as: physical keys or cards, smart cards, and other physical devices that might be used to gain access to something. What needs to be done for the Remote Access Control Policy is a group member policy needs to be setup which uniquely identifies each user. Users should be identified by rank with higher ranking users requiring more authentication. Each individual user should be assigned to a group based on rank with special permissions. Using this system for Identification will make our company more secure in day to day operations. The second part I need to implement for this remote access control policy is Authentication, which is defined as: what you know or passwords, numeric keys, PIN numbers, secret questions and answers. For remote access, there must be...
Words: 477 - Pages: 2
...Dallas Benning NT2580 Unit 1 Assignment 2: Impact of a Data Classification Standard The “Internal Use Only” data classification standards will affect the user domain, the work station domain and the LAN domain. These three domains are the most basic infrastructure domains and the will cover all users in the company. The classification will cover the company telephone directory, employee training materials and internal policy manuals. The User Domain explains the people who have access to the company’s information. This domains will contain all of the user’s information and will enforce the policies that control what information each user is allowed to access. This domain can also be the greatest weakness in a system and needs to be carefully monitored. The Workstation domain is where users are verified and accounts are set up. They will need to have a user name and password assigned to them by the IT department before they can access any systems or data. Also, no personal devices or any forms of removable media will be allow on the network. There will also be policies in place to ensure that each employee only has access to the information that they need to perform their jobs. The LAN domain includes all physical elements of the LAN network. There must be strong security for this domain because it is the entry point to any WAN networks and makes accessing workstations far easier. Users must have background checks and be screened before given access to the physical...
Words: 290 - Pages: 2
...Unit 1 Assignment 2: Impact of a Data Classification Standard Course Name & Number: NT2580 Introduction to Information Security Learning Objectives and Outcomes * You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure. Assignment Requirements You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management. Required Resources None Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Citation Style: Chicago Manual of Style * Length: 1–2 pages * Due By: Unit 2 Self-Assessment Checklist * I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. * In my report, I have included details on how those domains are affected. Internal Use Only The term “internal use only” is a term that refers to information or data that could also include communications are...
Words: 835 - Pages: 4
...Mandie Brayley NT2580 – Intro to Info Sec Unit 1 Assignment 2: Impact of a Data Classification Standard When you hear Internal Use Only, the first thing that seems to pop into your head would be that any data transferred has to stay inside wherever the domains are. While there are seven IT infrastructure domains, there are only three that are actually affected by the “Internal Use Only” data standard. These domains are the user domain, workstation domain and the LAN domain. As with all infrastructures these domains have their own tasks and responsibilities. The user domain is the first layer of the IT infrastructure defense system. This domain is used to access systems, applications, data and more. You will also find the AUP or Acceptable Use Policy here. The AUP is a policy tells the user what they are and are not allowed to do with any organization-owned IT equipment. This domain is affected by the Internal Use Only standard because it is the first partition of the IT Infrastructure. After the user domain, we have the workstation domain. This domain is used to configure hardware and hardening systems. Hardening systems is the process of ensuring that controls are in place to handle any known threats. This process is done by ensuring that the infrastructure has all the latest software revisions, security patches, and systems configurations. But these aren’t the only things that go on in the domain, this is also where the antivirus files are verified. While...
Words: 453 - Pages: 2
...NT2580 Unit 2 Assignment 2 10/1/13 1. The five vulnerabilities that exist for this LAN based workgroup are 2755801, 2501696, 2588513 2639658, 2659883. 2. Yes, the vulnerability that involves privilege elevation is 2639658 (Vulnerability in TrueType Font Parsing), but it is not a high priority. 3. 2719662 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry. 2737111 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange. 2755801 Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting...
Words: 257 - Pages: 2
...10/ 1/ 2014 NT2580 Unit 2 assignment 1 The workgroup consists of three primary workgroups, which contain group membership lists of users within the Active Directory infrastructure that currently exists on the SMB Server that is located within the confines of the LAN structure. The security breach, which is defined as any event that results in a violation of any of the CIA (confidentiality, integrity, availability) security principles, was caused by the SMB server being accessed by an unauthorized user due to a security hole that was detected by the server software manufacturer the previous day. The security patch will not be available until possible as long as three days, but hopefully within that timeframe. In addition, the LAN administrator needs at least one week (minimum) to download, test, and install the patch. To calculate the Window of Vulnerability (WoV) for this security breach, the following timeline will be used as a guideline to determine the basis for calculation: First it is important to understand the variables considered in this timeline formula. The WoV is the period within which defensive measures are reduced, compromised, or lacking. The WoV covers a timeline from the moment vulnerability is discovered and identified by the vendor. It also includes the time taken to create, publish, and finally apply a fix to the vulnerability. It is also important to explore the device(s) that were targeted by the attack. In this instance, being the SMB server within...
Words: 286 - Pages: 2
...Dallas Page July 17, 2015 Unit 4 Assignment 2 NT2580 Acceptable Use Policy Definition 1. Overview To protect the integrity, confidentiality and accessibility along with the safety of our clientele and employees it is necessary that a precise set of standards must be defined for anyone who utilizes the electronic devices to access information via the internet. Richman Investments is committed to protecting employees, partners and the company from illegal or destructive actions whether knowingly or unknowingly. Internet or Intranet related systems, including but not limited to the World Wide Web, storage media, operating systems, network accounts and electronic mail are intended to be used for business pertaining to Richman Investments. It is the responsibility of each electronic device user to know the guidelines of the Acceptable Use Policy and to adhere to the Acceptable Use Policy of Richman Investments. 2. Purpose To outline and give a clear precise definition of what is and what isn’t acceptable when using the property of Richman Investments. Property including but not limited to computers, internet service, email service, storage media, operating systems or network accounts. Inappropriate use of either of the aforementioned exposes Richman Investments to legal liability and/or risks of damage to company hardware and/or software. 3. Scope The Acceptable Use Policy applies to all employees, contractors, clients, visitors and partners to...
Words: 689 - Pages: 3
...NT2580 Unit 1 Assignment 2 Internal Use Only Here at Richmond Investments we need to ensure we meet a data classification standard when it comes to our employees accessing the internet from work provided computers and having access to privileged work related data. Under this standard we will implement standards for the LAN Domain, Workstation Domain, and the User Domain. For the LAN Domain we will need to secure the wiring closets, data centers, and computer rooms are secure. For access to these areas personnel will have to have the proper credentials and without them they will not be allowed access. We will need electronic door locks with a push button code. This would ensure that nobody can get into those rooms without that code. For the Workstation Domain we will require user name and passwords on all computers. This will ensure that access to the system will only be available to those that have already been added to the network by an IT Administrator. We will keep the computers up to date with current anti-virus software and regular monitoring. Only approved devices will be allowed to function with the workstations. This will eliminate possible outside threats from getting any data off the network in case they do gain access to an unlocked workstation. For the User Domain we will have an employee manual and acceptable use policy for all employees to follow. Each employee will be placed under the group in which they work for and only have access to the data that...
Words: 421 - Pages: 2
...examined. IP Networking Syllabus Where Does This Course Belong? This course is required in the associate degree program in Network Systems Administration and associate degree in Mobile Communications Technology. The following diagrams indicate how this course relates to other courses in respective programs: Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1201 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming Technology Courses General Education/ General Studies 1 Date: 7/18/2011 IP Networking Syllabus Mobile Communications Technology MC2799 MCT Capstone Project NT2640 IP Networking MC2560 Mobile Wireless Communication I MC2660 Mobile Wireless Communication II MC2665 Mobile...
Words: 2573 - Pages: 11
