NT2580 Ishmael Burch III
Project Part 2 Student SSCP Domain Research Paper
Remote Access Domain is a domain involving Portable devices that use static IP address like Smart phones Laptop computers PDAs Remote E-mail usage Wireless access to cloud resources. Remote access policies are configured using the RRAS console. They are contained within the Remote Access Policies container under the server node in the console tree. There is a default remote access policy created when the RRAS is installed on a computer. Allow or deny remote access depending on the time or day of the week, the group membership of the remote user, the type of connection (VPN or dial-up), and so on. Administrators can configure remote access settings to specify authentication protocols, and encryption schemes used by clients, maximum duration of a remote access session, etc. A wireless link is likely to be limited in bandwidth error rates on a wireless link is much higher than that of a wired link. Different types of communication paths involved, one of which is radio link, particularly vulnerable to attack. Location privacy, any leakage of specific signaling information on the network can lead to an eavesdropper to approximately “locate” the position of a subscriber and thus hindering the subscriber’s privacy.
Securing Internet Communication by using S-HTTP and SSL
Secure Socket Layer (SSL) protocol is a protocol that uses public key encryption to secure channel over public Internet. A Secure Hypertext Transfer Protocol (denoted by S-HTTP) is an extended version of Hypertext Transfer Protocol that is provided for encryption of individual messages between client and server across Internet. S-HTTP is the basic application of SSL over HTTP which allows encryption of information passing between computers by protected and secure connections virtually.
Securing E-mail by using S/MIME, PEM, and PGP
The Secure Multipurpose Internet Mail Extensions (S/MIME) is built on Multipurpose Internet Mail Extensions (MIME) encoding format by adding both encryption and authentication. Privacy Enhanced Mail (PEM) is given as standard to function with public key cryptosystems which uses 3DES symmetric key encryption. Pretty Good Privacy (PGP) technique uses IDEA Cipher for message encoding. Pretty Good Privacy (PGP) is a hybrid cryptosystem designed in the year 1991 by Phil Zimmermann. It is the combined best available cryptographic algorithms to become open source de facto standard for encryption and authentication of electronic mail and file storage applications. It is low cost commercial PGP versions are available for several platforms.

Every mobile device connected to your network needs to follow the same security policies on your network, and the easiest to start with are screen locks and passwords. Our "Security and Privacy" presentation covers tips and polices surrounding secure passwords, and it is important to choose similarly good passwords for your smartphone and mobile devices.
In addition, make sure to use the screen lock function that is standard on most devices. These functions require you to re-enter your password if your phone has been idle for a few minutes, which will prevent the average person from using your phone should they find it. We recommend that you have the screen lock after 3 minutes of inactivity, if not sooner.
Any phone or mobile device that stores any data owned by Richman Investments, whether owned by Richman Investments or an individual staff member, must have the following security measures put in place: * A screen lock (may be known by other names on different devices) must be implemented to require a password or code to be entered after being idle for 2 minutes or more. * Staff members must not use the default passwords provided by their phone or voicemail service, but must create a new one. * No staff may add any data owned by Richman Investments to their personal phone or other device without the express permission of management. Data includes, but is not limited to, email, files, and database access through applications or web browsers. * In addition to the items outlined above, an individual who is given a phone owned by Richman Investments or granted permission to add data owned by Richman Investments on their phone or mobile device, agrees to the following: * They will report any loss or theft of their phone or mobile device to management within 24 hours. * They consent to having their phone’s or mobile device’s data wiped by our network support staff in the event of loss or theft to protect any data stored on the device. * They agree to abide by best practices as outlined in this and other technology policies, which can be amended by management at any time.