Premium Essay

Is4550 Lab 9

In: Computers and Technology

Submitted By blcasteel
Words 616
Pages 3
Risk-Threat-Vulnerability IT Security Policy Definition
Unauthorized access from Public Internet Acceptable Us Policy
User Destroys Data in application and deletes all files Asset Identification and Classification Policy
Hacker penetrates you IT infrastructure and gains access to your internal network Vulnerability Assessment and Management Policy
Intra-office employee romance gone bad Security Awareness Training Policy
Fire destroys primary data center Threat Assessment and Management policy communication circuit outages Asset Protection Policy
Workstation OS has a known software vulnerability Vulnerability Assessment and Management Policy
Unauthorized access to organization owned Workstations Asset Management Policy
Loss of production data Security Awareness Training Policy
Denial of service attack on organization e-mail server Vulnerability Assessment and Management Policy
Remote communications from home office Asset Protection Policy
LAN server OS has a known software vulnerability Vulnerability Assessment and Management Policy
User downloads an unknown e-mail attachment Security Awareness Training Policy
Workstation browser has software vulnerability Vulnerability Assessment and Management Policy
Service provider has a major network outage Asset Protection Policy
Weak ingress/egress traffic filtering degrades performance Vulnerability Assessment and Management Policy
User inserts CDs and USB hard drives with personal photos, music, and video's Security Awareness Training Policy
VPN tunneling between remote computer and ingress/egress router Vulnerability Assessment and Management Policy
WLAN access points are needed for LAN connectivity within a warehouse Asset Identification and Classification Policy
Need to prevent rogue users from unauthorized WLAN access Vulnerability Assessment and Management Policy…...

Similar Documents

Premium Essay


...IS4550 Security Policies and Implementation INSTRUCTOR GUIDE Course Revision Table Change Date | Updated Section | Change Description | Change Rationale | Implementation Quarter | 12/20/2011 | All | New curriculum | | June 2012 | | | | | | | | | | | | | | | | | | | | | | | | | | ------------------------------------------------- ------------------------------------------------- Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory, 30 Lab) Prerequisite: IS3110 Risk Management in Information Technology Security or equivalent Corequisite: None Table of Contents Course Overview 5 Course Summary 5 Critical Considerations 5 Instructional Resources 6 Required Resources 6 Additional Resources 6 Course Management 8 Technical Requirements 8 Test Administration and Processing 8 Replacement of Learning Assignments 9 Communication and Student Support 9 Academic Integrity 10 Grading 11 Course Delivery 13 Instructional Approach 13 Methodology 13 Facilitation Strategies 14 Unit Plans 15 Unit 1: Information Security Policy Management 15 Unit 2: Risk Mitigation and Business Support Processes 25 Unit 3: Policies, Standards, Procedures, and Guidelines 33 Unit 4: Information Systems Security Policy Framework 42 Unit 5: User Policies 50 Unit 6: IT Infrastructure Security Policies 58 Unit 7: Risk Management 66 Unit 8: Incident Response Team Policies 74 Unit 9:......

Words: 18421 - Pages: 74

Premium Essay


...ITT Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II  ......

Words: 2305 - Pages: 10