Free Essay

Designing for Security

In: Computers and Technology

Submitted By mellowcf
Words 1934
Pages 8
Midterm Examination Written Responses
Presented in
ITS-331 Designing for Security

By

QUESTION 1

In Chapter 1 of Weaver, Weaver, and Farwood (2013), we considered various THREATS to network security, the FUNDAMENTAL goals of network security, and how LAYERED approaches to defense contributed to the overall security posture of an organization’s information infrastructure. Chapter 2 explored Transmission Control Protocol / Internet Protocol (TCP/IP), the Open Systems Interconnect (OSI) Model, and how various protocols operated within, as well as across OSI layers to enable telecommunications to function.
In a scholarly peer-reviewed journal article entitled: "Cyber security in the Smart Grid: Survey and challenges," Wang and Lu (2013) examined security requirements, network vulnerabilities, attack countermeasures, secure communication protocols and architectures in the U.S. Smart Grid. Based upon what you read in Chapters, one, and two of Weaver et al. (2013), as well as the journal article, COMPARE and CONTRAST Vulnerabilities, Attacks, or Threats shared from the text against those provided within the journal article. IDENTIFY Three Similarities AND Three Differences that exists between the text and literature.

Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371.
Weaver, R., Weaver, D., & Farwood, D. (2013). Guide to Network Defense and Countermeasures (third Ed.). Boston, MA: Course Technology.

The goal of this paper is to compare and contrast the article Cyber security in the Smart Grid: Survey and challenges by Wang and Lu with Chapter 1 and 2 of the book. The article is about security in the smart grid. The Smart Grid is a project designed to meet future demands for electric energy without building new generating plants or transmission lines (Penton Inc., 2012). The article talks more about updated and newer technologies while the book just covers the basics of threats that may come up like viruses and Trojans. It talks about the smart grid using IPV6 in the article but the book talks about the regular internet is still using IPV4 but moving slowly to IPV6. The article talks about the smart grid designed to be more reliable and secure unlike the internet. Both the article and the book talk about the CIA model as being very important to the web as well as the smart grid. CIA stands for: Confidentiality, Integrity, and Availability. The CIA is a security model developed to help people think about the important aspects of IT security (Perrin, 2008). Both the book and the article talk about the different layers of the OSI model. In the article in the physical layer, it talks about channel jamming. It works by denying service to authorized users by overwhelming traffic frequencies (Spamlaws.com, 2014). It also talks about the MAC layer. There are standards that deal with the smart grid. One of these is P802.1AC - Standard for Local and metropolitan area networks-Media Access Control (MAC) Service Definition. It defines the Media Access Control (MAC) Service and the Internal Sub layer Service (ISS) provided within MAC Bridges. There are other IEEE standards that help to make sure the smart grid is used the correct way. The article talks about two types of attacks that are not really mentioned in the book. They include selfish misbehaving users and malicious users. Selfish misbehaving users attempt to obtain more network resources than legitimate users by violating communication protocols and malicious users have no intent to benefit but they aim to illegally acquire, modify or disrupt information in the network (Wang & Lu, 2013). Smart grids use an IDS to prevent these sort of attacks. It compares definitions of what activity is considered normal against observed events to identify deviations. This method uses profiles that are developed by monitoring the typical activity over a period of time (Mohammadi, 2013).

QUESTION 2

In Chapter 3 of Weaver et al. (2013), we explored the Common Vulnerabilities and Exposures (CVE) standard, and how it worked in conjunction with Intrusion Detection Systems to assess or evaluate network traffic signatures. Chapter 4 focused upon the fundamentals of Routing, and how various routing protocols were configured, used, or disabled in order to ensure the security of network routing and connectivity.
In a peer-reviewed journal article entitled: "The Denial of Service Dance," Campbell (2005) identified certain "taxonomies," or "classifications" of attacks that would help inform information security practitioners on more effective ways to defend against attacks.
Based upon your comprehension of Chapters 3 and 4 of the text, coupled with your understanding of Campbell (2005), IDENTIFY FOUR SIMILARITIES that existed between the text and the literature. Explain WHY you selected the similarities that you selected.

Campbell, P. L. (2005). The denial-of-service dance. Security & Privacy, IEEE, 3(6), 34 - 40.
Weaver, R., Weaver, D., & Farwood, D. (2013). Guide to Network Defense and Countermeasures (third Ed.). Boston, MA: Course Technology.

A denial-of-service attack is an attempt by attackers to prevent legitimate users of a service from using the service by flooding a network or disrupting connections between two machines (Carnegie Mellon Institute, 2014). The book talks about these as well. One of the first things talked about in both the book and article are CVE’s. Common Vulnerabilities and Exposures is a dictionary of common names for known information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and then you may quickly find fix information (MITRE, 2014). I picked this similarity as I think it is a very useful and vital tool for all security IT professionals. Both also talk about single packet attacks. They are completed by sending a single network packet from a client to a host. A connection does not need to be established between the two computers (Ying, Hoare, & Jones, 2008). I picked this because its interesting to find out about the different ways systems can be attacked so I can know what to look for and be able to identify, block, and protect them. They also both talk about protocol attacks. They exploit a specific feature or implementation bug of a protocol installed in order to consume excess amounts of its resources. They include Smurf attacks, SYN attacks, UDP attacks, ICMP attacks, and CGI request attacks (Rewaskar, 2013). I picked this similarity because it is a way to attack a system that can be varied in so many ways. The final thing that both sources talk about is ping sweeps. A ping sweep is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts. A single ping will tell you whether one specified host computer exists on the network, a ping sweep consists of ICMP ECHO requests sent to multiple hosts. If a given address is live, it will return an ICMP ECHO reply. I picked this similarity because I found it to be a simple but effective way to infiltrate a network.

QUESTION 3

In Chapter 6 of Weaver et al. (2013), we focused our attention on Wireless Networking, and the various components that make up Wireless Local Area Networks (WLANs). Chapter 7 turned our attention to security concerns associated with Wireless Networking, and various countermeasures that may be employed to make WLANs more secure
In a YouTube video entitled: "Hackers Target Social Security Numbers & Wireless," identity theft expert, Robert Siciliano underscored some of the challenges and vulnerabilities faced by consumers when using "Public Wi-Fi Access Points."
Based upon your understanding of Chapters 6 and 7 of the text, as well as your comprehension of what was viewed in the YouTube video, IDENTIFY TWO suggestions made within the video for protecting ones identity - that was SIMILAR to recommendations posed from the text.
LIST THREE steps (Your recommendations) that one could take to ensure that their identity is not compromised when using Wireless connections in public spaces. Provide explanations that support your recommendations.

YouTube video: https://www.youtube.com/watch?v=eFiT1SOZ3iI

Siciliano, R. (2009, July 12). Hackers Target Social Security Numbers & Wireless [Video file]. Retrieved from https://www.youtube.com/watch?v=eFiT1SOZ3iI
Weaver, R., Weaver, D., & Farwood, D. (2013). Guide to Network Defense and Countermeasures (third Ed.). Boston, MA: Course Technology.
The goal of this paper is to compare the book and the YouTube video on ways to protect yourself when dealing with wireless. Both sources talk about hiding what you are doing so others cannot see. They also talk about avoiding using protocols that send traffic in clear text. These protocols include FTP, Telnet, Simple Mail Transfer Protocol (SMTP), HTTP, Post Office Protocol 3 (POP3), Internet Message Access Protocol (IMAPv4), Network Basic Input/output System (NetBIOS), and Simple Network Management Protocol (SNMP). Ways to protect yourself when using Wi-Fi that is public is very important. Make sure you use WPA2 instead of WEP. WPA2 is based on the Robust Security Network mechanism, which provides strong encryption and authentication support for infrastructure and ad-hoc networks. It also reduces overhead during the wireless LAN authentication exchange, support for key caching to reduce the overhead in roaming between access points, support for pre-authentication, and support for the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol encryption mechanism (Wight, 2006). Another way to protect yourself would be using hotspot shield. Hotspot Shield is an application that can be used to protect your identity when surfing the web by ensuring that all web transactions you complete are secured through HTTPS. Hotspot also shields your identity by concealing your IP address from third-party websites and internet service providers. It creates a virtual private network tunnel between your computer and their internet gateway (Cullum, 2010). In addition, I would recommend that you do not do anything to personal like web relying on public Wi-Fi spots. You want to make sure that you keep everything you can secret that you can when you are not at home.

References

Carnegie Mellon Institute. (2014). Denial of Service Attacks . Retrieved from CERT: http://www.cert.org/historical/tech_tips/denial_of_service.cfm
Cullum, B. (2010, October 19). How to Encyrpt Your Web Browsing Session and Hide Your IP Address with Hostspot Shield. Retrieved from Movements: http://www.movements.org/movements/how-to/entry/how-to-encrypt-your-web-browsing-session-and-hide-your-ip-address-with/index.html
MITRE. (2014, April 30). About CVE. Retrieved from CVE: http://cve.mitre.org/about/index.html
Mohammadi, N. (2013). AN IDS for Smart Neighborhood Grid. Retrieved from Ryerson University: http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&ved=0CEkQFjAD&url=http%3A%2F%2Fdigitalcommons.ryerson.ca%2Fislandora%2Fobject%2FRULA%253A2442%2Fdatastream%2FOBJ%2Fdownload%2FAn_Intrusion_Detection_System_for_Smart_Grid_Neighborhood_Area_Net
Penton Inc. (2012, Feburary 17). What Is The Smart Grid? Retrieved from Electronic Design: http://electronicdesign.com/energy/what-smart-grid
Perrin, C. (2008, June 30). The CIA Triad. Retrieved from Tech Republic: http://www.techrepublic.com/blog/it-security/the-cia-triad/488/#.
Rewaskar, S. (2013). Protocol Attacks. Retrieved from University of North Carolina at Chapel Hill: http://www.cs.unc.edu/~jeffay/courses/nidsS05/slides/5-Protocol-Attacks.pdf
Spamlaws.com. (2014). Types of Wireless Network Attacks: Jamming. Retrieved from Spam Laws: http://www.spamlaws.com/jamming-attacks.html
Wang, W., & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks, 57(5), 1344-1371.
Wight, J. (2006, September 11). Explaining WPA2. Retrieved from Wireless Security: http://www.networkworld.com/columnists/2006/091106-wireless-security.html
Ying, Y., Hoare, R., & Jones, A. (2008). A CAM-based intrusion detection system for single-packet attack detection. Parallel and Distributed Processing, 1(8), 14-18.

Similar Documents

Premium Essay

Marketing and Exports Co-Ordinator

...Strategic component answers the question "why do security enterprise problems exist?" This question of security leads to developing security policies that deal with people issues, and evaluates internal/external risks. Organizations are urging top executives to make information security a priority. Therefore, quality and trustworthiness of information are becoming key business issues (Ezingeard et al, 2005). To better accomplish information security in an organization, a management level infrastructure approach is needed. Just as information and data characteristics are different at the different levels of management, information security has different characteristics at the different levels of management. These levels of management are strategic, tactical, and operational. At the operations level, transaction data is produced and serves as input to create information. Maintaining and monitoring of integrity, confidentiality, and availability of the transaction data are primary objectives which are supported by organizational procedures and guidelines. At the tactical level, information is interpreted and utilized in decision making. Implementations of preventative, detective, and responsive controls are a primary objective which is supported by organizational standards. Further analysis/aggregation of the information creates knowledge to help make strategic level decisions Information security policy provides a framework to ensure that systems are developed and operated in...

Words: 1173 - Pages: 5

Premium Essay

Network Mergers Proposal

...Network Merger Proposal Question 1- Opening Statement Prepare an opening statement that specifies your organization’s capabilities to manage a deployment of this size. We are a mid size Network consulting outfit that specializes in LAN configuration, Inter - LAN routing designing, topology designs, VLAN configurations. Our team consists of experts who are CCIE qualified in the services that we provide. We also have some of the highly rated Network consultants on board with us. Our previous work: • Designing and configuring VLAN for enterprises, • Inducing network security by configuring port security on switches. • Designing Address scheme for a Private Network. • Consulting a firm on the brands to be used for Switches, Ethernet, Routers and other such networking devices. • Designing a hierarchical LAN topology. • Application development for LAN search. Adminit As you can see, we have worked on almost all the aspects of an effective Network design. We have a team, which has a proven track record both academically (CCIE, CCNP qualified people) and professionally.  We also have patents in the field of VLAN design and Routing. Our team's consulting profile can be accessed on our website. We also have team leads whose 20+ years experienced in companies like CISCO, Juniper Networks, Huwai etc. and have handled many multi-million...

Words: 427 - Pages: 2

Premium Essay

Is2007

...WHAT IS INFORMATION SECURITY? 0.2 WHY INFORMATION SECURITY IS NEEDED? 0.3 HOW TO ESTABLISH SECURITY REQUIREMENTS 0.4 ASSESSING SECURITY RISKS 0.5 SELECTING CONTROLS 0.6 INFORMATION SECURITY STARTING POINT Information security is defined as the preservation of confidentiality, integrity and availability of information … Information security is defined as the preservation of confidentiality, integrity and availability of information … 0.7 CRITICAL SUCCESS FACTORS 0.8 DEVELOPING YOUR OWN GUIDELINES 1 SCOPE 2 TERMS AND DEFINITIONS 3 STRUCTURE OF THIS STANDARD 3.1 CLAUSES Security controls directly address risks to the organization, therefore risk analysis is a starting point for designing controls. Security controls directly address risks to the organization, therefore risk analysis is a starting point for designing controls. 3.2 MAIN SECURITY CATEGORIES 4 RISK ASSESSMENT AND TREATMENT 4.1 ASSESSING SECURITY RISKS Information security policies, standards, procedures and guidelines drive risk management, security and control requirements throughout the organization Information security policies, standards, procedures and guidelines drive risk management, security and control requirements throughout the organization 4.2 TREATING SECURITY RISKS 5 SECURITY POLICY 5.1 INFORMATION SECURITY POLICY 5.1.1 Information security policy document 5.1.2 Review of the information security policy 6 ORGANIZATION OF INFORMATION SECURITY Defines the hierarchical...

Words: 1623 - Pages: 7

Free Essay

Seaperch

...the assets they have to fabricate a submerged Remotely Operated Vehicle (ROV) in an in-school or out-of-school setting. Understudies fabricate the ROV from a pack involved minimal effort, effectively open parts, taking after an educational module that shows essential building and science ideas with a marine designing subject. The SeaPerch Program furnishes understudies with the chance to find out about apply autonomy, designing, science, and arithmetic (STEM) while fabricating a submerged ROV as a major aspect of a science and building innovation educational module. All through the task, understudies will learn designing ideas, critical thinking, collaboration, and specialized applications. Building a SeaPerch ROV shows essential aptitudes in boat and submarine outline and urges understudies to investigate maritime structural engineering and marine and sea designing standards. It likewise shows essential science and building ideas and device security and specialized strategies. Understudies learn vital building and outline abilities and are presented to all the energizing vocations that are conceivable in maritime structural planning and maritime, sea, and marine designing. The name SeaPerch originated from the USS Perch, a very enlivened World War II U.S. submarine. USS Perch was one of another type of American submarines and was the first to fuse an early type of ventilating. She was dispatched May 9, 1936 by the Electric Boat Company in Groton, CT and was abandoned by her...

Words: 479 - Pages: 2

Premium Essay

Assess the Impact on Access Controls for a Regulatory Case Study Learning Objectives and Outcomes

...credentials as defined policy, and access right permissions for each user 3. Create and administer Group Policy Objects for the management of Windows Active Directory Domain machines within the IT infrastructure 4. Apply the correct Group Policy Object definitions per requirements defined by policies and access right permissions for users 5. Assign and manage access privileges as requested in the case study to apply the recommended and required security controls for the user accounts Week 1 Lab Part 1 - Assessment Worksheet Assess the Impact on Access Controls for a Regulatory Case Study Overview Watch the Demo Lab in the Week 1 Learning Space Unit 1, and answer the questions below. The lab demonstrates creating an Active Directory domain as well as user and group objects within the new domain. Directories will be created and permissions assigned based on the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? DACL means discretionary access control list and it is a type of access control defined by the trusted computer system evaluation criteria. 2. Why would you add permissions to a group instead of the individual? You would add permissions to a group instead of the individual because it will cut down on time and be more resourceful...

Words: 1428 - Pages: 6

Premium Essay

Risk Assessment

...company in the NYSE. With over one thousand employees, GFI has experienced rapid growth through a well-defined strategy that made use of technological innovation and automation of their systems. However, as GFI experienced a steady growth in its financial operation, a significant security risk lack within its network. GFI relies on its application servers; the Oracle database and the email system that are the backbone of the GFI financial operations. The financial and cash flow system of the company solely depends on the network, any network breakdown, and system failure would be catastrophic for the business and its clients. The recent multiple cyber attacks on the GFIs network and the 2012 Oracle server attack that left the company integrity, confidentiality and availability venerable for several days. Although the servers were restored, the damage was extensive and lead GFI to pay for clients damages in their loss of data confidentiality. Another attack left the entire GIF network down that lead to losses in revenues and intangible customer confidence to the tunes of over a million US dollars. Risk Assessment Purpose The aim of this risk assessment is to evaluate the details of GFI network security. Further, the risk assessment is to come up with a structured qualitative assessment of GFIs network environment and provide possible solutions for mitigating the sensitivity, threats, vulnerabilities, risks and safeguards of the GFIs network. Besides, the assessment will recommend...

Words: 2661 - Pages: 11

Premium Essay

Design Psychology

...DESIGNING PSYCHOLOGISTS Designing Psychologists Hill Designing Psychologists This article about design psychology really interested me especially since I am fascinated with interior design and I am currently working towards getting my degree in this field. I especially wanted to do an essay on this subject because I realize that it would help me understand the needs of my future clients better if understood the connection between psychology and interior design. Design psychology is the practice of architecture, planning, and interior design in which psychology is the principal design tool. In an American Psychological Association online article written by Lea Winerman, called “Designing Psychologists,” Susan Painter, PhD, and Constance Forrest, PhD, co-owns their own design firm. In 1990, after becoming a psychology professor at Carlton University, Susan decided to pursue her interests in interior/environmental design at the University of California. Now Susan is an urban and campus planner where she can merge her psychology expertise into her interior/environmental design skills into a new field called design psychology. Susan and Constance also design smaller scale places like offices and private homes through their own firm, Forrest Painter Design, in Venice, California. According to Constance, who is a clinical psychologist, she says ”I think the unique contribution that design psychology makes to design is that it...

Words: 973 - Pages: 4

Free Essay

Is404 Week 1 Lab

...the required access control as defined in the matrix. Group Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong 2. Why would you add permissions to a group instead of the individual? It is more resourceful and less time consuming. 3. List at least 3 different types of access control permissions available in Windows. Full Control, Modify, Execute, Read, Write 4. What are the least permissions that you need in order to view the contents of a folder? Read, so the user has access to any file on the system that they are entitled to, but they are not able to make any changes. 5. What are other available Password Policy options that could be enforce to improve security? Enforce password history, minimum password age, maximum password age, minimum password length, and store passwords using reversible encryption. 6. Is using the option to ‘Store passwords using reversible encryption’ a good security practice? Why or why not? When should you enable the option to ‘Store passwords using reversible encryption’? This option should be a last resort if...

Words: 1093 - Pages: 5

Premium Essay

Security Policy Framework

...Security Policy Framework CIS 462 01 February 2014 As organizations grow, and rely more on information systems as the primary means of conducting operations, keeping those systems and its information secure has become one of the biggest priorities ever. In order to ensure information security, the organization must take appropriate security measures to make sure that no information is put in the hands of unauthorized personnel. Having a comprehensive information security framework in place along with sound standard operations procedure (SOP), and policies and regulations can help any organization keep its systems and information secure. When developing a framework for any organization you must choose what will be best for that organization, although the NIST (SP 800-53), ISO/IEC 27000, and COBIT all are frameworks that offer many different security programs, there is no wrong framework to choose, but choosing the one that works for your organization can be a tough decision for any manager to make. With the insurance organization I would choose to implement the ISO/IEC (27000) framework. That way we can concentrate on establishing and managing an IT security program. The ISO/IEC covers information security standards that are published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that develop and publish international standards. By using this framework we can provide all necessary best practices...

Words: 1310 - Pages: 6

Premium Essay

Unit 8 Lab

...you want to decrypt encrypted messages and files from a trusted sender? Decryption key 3. When referring to IPSec tunnel mode, what two types of headers are available and how do they differ? Authentication Header is used to prove the identity of the sender and ensure the data is not tampered with while Encapsulated Security Payload provides authentication and encryption and encrypts the IP packets and ensures their integrity. 4. Provide a step by step progression for a typical Certificate Enrollment process with a Certificate Authority. Create Enrollment Object Set Enrollment Parameters Create Request Submit Request Process request Get Certificate Accept Certificate 5. When designing a PKI infrastructure what are the advantages and disadvantages of making the CA available publicly over the Internet or keeping it within the private network? Advantages Straight-forward Concept Chain-length limit Less time to obtain a usable certificate within the CA Disadvantages Scalability Single point of trust Still need an impeccable CA 6. Designing a PKI involves several steps. Per the Windows Best Practices for Designing a PKI, what are those steps? In your words, explain what each step is meant to do? * Outline the business scenario * Define the application certificate requirements * Create certificate policies and practices statements * Design the certification authority (CA) infrastructure * Create a certificate renewal...

Words: 634 - Pages: 3

Premium Essay

Computer Security & Privacy - Tjx

...Computer Security & Privacy - TJX Case Backgroud: TJX, largest apparel and home fashions retailers in the off-price segment was struck with Security Breach in all of its eight business units in US, Canada and Europe. Intruder had illegally accessed TJX payment system to hack personal and credit/debit card information of an unspecified number of customers. Security breach had affected Customers - pay for the purchases made by the intruders/ card invalidated / expiring the spending power, Financial Institutions –re-issue the cards for those customers whose information was compromised, Store Associates –change their credentials for system access, Vendors, Merchandisers - Modify the information shared due to mutual network and Richel Owen, CSO- design long and short term strategy to address the security breach issue. Intruders utilized the data stolen to produce bogus credit/debit cards that can be used at self-checkouts without any risks, and had also employed gift card float technique. Case Analysis: TJX learnt about the hacking on December, 2006 through the presence of suspicious software and immediately called in Security consultants for assistance. TJX had been intruded at multiple vulnerable points – Encryption, Wireless attack, USB drives, Processing logs, Compliance and Auditing practice. Encryption - Intruder had accessed the card information during the approval process and had the decryption key for the encryption software used in TJX. This can be addressed by purchasing...

Words: 620 - Pages: 3

Premium Essay

Is3230

...Design a Multi-factor Authentication Process Lab Assessment Questions & Answers 1. In an Internet Banking Financial Institution is Single Factor Authentication acceptable? Why or why not? Yes it can be acceptable because you can buff up security elsewhere. 2. Explain the difference between Positive Verification and Negative Verification? Negative verification is the opposite of positive verification. The customer must contact the bank to verify that the information is correct. 3. What vulnerabilities are introduced by implementing a Remote Access Server? Could Allow Remote Code Execution, two heap overflow, cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. 4. What is a recommended best practice when implementing a Remote Access Policy server user authentication service? Using multi-factor authentication. 5. Name at least 3 remote access protections or security controls that must be in place to provide secure remote access. Authorized secure remote access, Traffic inspection and Coordinated Threat Control, Centralized security management and enterprise-wide visibility and control. 6. When dealing with RADIUS and TACACS+ for authentication methods, what protocols are used at Layer 4 for each of these techniques? UDP for RADIUS and TCP for TACACS+ 7...

Words: 1143 - Pages: 5

Free Essay

Unit 9 Assignment 1 Gpo Planning Scenario

...users, including options for registry-based policy settings, security settings, software deployment, scripts, folder redirection, and preferences. Group Policy preferences new in Windows Server 2008, are more than 20 Group Policy extensions that expand the range of configurable policy settings within a Group Policy Object (GPO). In contrast to Group Policy settings preferences are not enforced. Users can change preferences after initial deployment for information about Group Policy Preferences. By using Group Policy, you can significantly reduce an organization’s total cost of ownership. Various factors such as the large number of policy settings available, the interaction between multiple policies, and inheritance options can make Group Policy design complex. By carefully planning, designing, testing, and deploying a solution based on your organization’s business requirements, you can provide the standardized functionality, security, and management control that your organization needs. Overviewing Group Policy; it enables Active Directory–based change and configuration management of user and computer settings on computers running Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP. In addition to using Group Policy to define configurations for groups of users and computers, you can also use Group Policy to help manage server computers, by configuring many server specific operational and security settings. Group Policy settings you create are contained in...

Words: 377 - Pages: 2

Premium Essay

The Database Approach

...Inconsistency Various copies of data do not agree. In addition, database systems maximize the following issues: ➢ Data security ➢ Data integrity = data meet certain constraints, such as no phonetic characters in a Social Security number field. ➢ Data independence = applications and data are independent of one another. (e.i., applications and data are not oinked to each other, meaning that all applications are able to access the same data) THE DATA HIERARCHY Data are organized in a hierarchy that begins with bits and proceeds all the way to databases. Bit (Binary Digit) = represent the smallest unit of a data that a computer can process. The term binary means that a bit can consist only of a 0 or 1. A group of eight bits called byte, represents a single character. A byte can be a letter, number, or a symbol. A logical grouping of character into a word, a small group of words, or an identification number is called FIELD. RECORD A logical grouping of related fields. (ex. student name, age, course, grades. Etc) TABLE A logical grouping of related records. (ex. The records from particular course, consisting of course code, instructors, and students grades). DATABASE A logical grouping of related tables. Hierarchy of data for computer – based file. DESIGNING THE DATABASE Data must be organized so...

Words: 433 - Pages: 2

Premium Essay

Cis 417 Week 4 Assignment 2 Forensic Lab Design

...university that employs you as an information security professional has recently identified the need to design and build a digital forensic laboratory. You have been tasked with designing the lab for the organization. Write a four to five (4-5) page paper in which you: 1. Explicate the steps you would take to plan a budget for the lab, keeping in mind the general business objective to avoid unneeded costs. 2. Recommend the physical requirements and controls that you would consider implementing in order to keep the lab safe and secure. 3. Identify at least three (3) hardware and software tools that you would include in the design of the lab and explain your reasons behind your choices. 4. Identify the high-level criteria that would be considered when selecting the forensic workstations to be utilized. More Details hidden… Activity mode aims to provide quality study notes and tutorials to the students of CIS 417 Week 4 Assignment 2 Forensic Lab Design in order to ace their studies. CIS 417 WEEK 4 ASSIGNMENT 2 FORENSIC LAB DESIGN To purchase this visit here: http://www.activitymode.com/product/cis-417-week-4-assignment-2-forensic-lab-design/ Contact us at: SUPPORT@ACTIVITYMODE.COM CIS 417 WEEK 4 ASSIGNMENT 2 FORENSIC LAB DESIGN Imagine the university that employs you as an information security professional has recently identified the need to design and build a digital forensic laboratory. You have been tasked with designing the lab for the organization. Write a four...

Words: 640 - Pages: 3