Premium Essay

It255 Part 1

In: Computers and Technology

Submitted By ThomasHickokjr
Words 779
Pages 4
IT-255 Part 1
Multi-Layer Security Outline

Task at hand:
Richman Investments Network Division has been handed the task of creating a general solutions outline for safety of data and information that belongs to their organization. This following outline will cover the security solutions of the seven domains that the IT infrastructure is made of. User Domain | The User Domain being the weakest link of the seven layers. This is from lack of users not aware of security policies and procedures. | To secure this link to its fullest. The employees should be trained and updated with security policies and procedures. The system should have firewall and antivirus software installed as well. | Workstation Domain | The Workstation Domain can be made up of desktops, laptops, iPods and or personal assisting tools like Smartphone’s. | The common threat to the Workstation is the unauthorized access to the system. The solution would be to enable password protection and automatic lockout during time of inactivity. | LAN Domain | LAN being a collection of computers connected to each other. The links can use several tools direct connected with a switch and wireless with a router being the most common. | Unauthorized access can tap into and work its way into workstations, data centers (servers). To put a block and set-up counter measures a Firewall and OS Security Software installed and monitored. | LAN-TO-WAN Domain | LAN-to-WAN is where the IT infrastructure links to a wide area network. | Unauthorized network probing and Unauthorized access to the LAN-to-WAN Domain are potential risks. To resolve and prevent threats disabling ping, probing and port scanning on all exterior IP devices within Domain. | WAN Domain | The WAN Domain connects to several remote locations ranging from town to town or Worldwide connections. | The WANS wireless traffic is sent out without...

Similar Documents

Premium Essay

Project Part 1 It255

...G. Angel Bautista Professor Abernathy IT 255 20Apr2012 Security is a fundamental aspect of any network infrastructure. The goal is to always have the most up to date programs and protocols to ensure the protection of the network. No aspect is too small to over look. That could mean the difference between a secure network and a compromised network. The best way to achieve this is to break down every level and approach each one as a separate entity and secure it. Then you can modify it to suit the needs of your network. We can start with the Application layer. The Application layer provides the interface to the user. First the end user should be subjected to a background check to ensure against any potential malicious or questionable acts in the users past. Then the end user should be properly trained in the use of the computer and the proper protocols to access the network. Updates should be made frequently to keep the user up to date. When the user is in the network, make sure that any unnecessary devices, USB ports and any back doors are disabled. You also want to make sure that all files and emails and downloadable attachments are all thoroughly scanned prior to downloading. Finally, be sure to ensure content filtering, and restrict the end user to only what pertains to their primary function. The Presentation layer is responsible for encoding and decoding data that is passed from the application layer to another station on the internetwork. You must first ensure......

Words: 810 - Pages: 4

Premium Essay

It255 - Project Part 1

...Multi Layered Security Plan Richman Investments This Multi layered security plan will give you a brief overview of the security strategies that will be implemented at each level of the companies IT infrastructure. The usage of security awareness training to instruct employees of Richman Investments security policies, auditing of user activity will be implemented at the User Domain level of the infrastructure. The usage of antivirus and anti malware programs on each user computer, strict access privileges to corporate data and the deactivation of media ports will be put in place at the Workstation Domain of the infrastructure. Utilizing network switches, encryption to wireless access points using WPA 2 security shell encryption, as well as securing server rooms from unauthorized access will be implemented at the LAN Domain level of the infrastructure. The closing off unused ports using a firewall to reduce the chance of unwanted network access, monitoring inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent, running all networking hardware with up to date security patches, and operating systems with be set in place within the LAN to WAN Domain structure. Enforcing encryption, and Virtual Private Network (VPN) tunneling for remote connections, configuring routers, and network firewalls to block ping requests to reduce chance of denial of service (DOS) attacks, enforcing anti virus scanning of email attachments, Isolating......

Words: 306 - Pages: 2

Free Essay

It255 Project Part 1

...Richman Investments Security Outline Richman Investments has experienced an increase in security breaches that have resulted in the loss of company proprietary information and damage to systems due to many virus and Trojan Horse infections. The following outline contains some of the security mitigation proposals to be implemented shortly. This is just a basic plan for the moment and if security breaches continue, more stringent policies will be installed. The Seven Domains of a typical IT infrastructure are as follows, with the corresponding security proposed for each domain. 1.) User domain proposal: Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on Acceptable use policy (AUP) monitoring and compliance. 2.) Workstation Domain proposal: Use workstation antivirus and malicious code polices, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 3.) LAN Domain (including wireless LANs) proposals: Implement encryption between workstations and Wireless Access Points (WAPs) to maintain confidentiality. 4.) LAN-to-WAN Domain proposal: Conduct post configuration penetration tests of the layered security solution within the LAN-to WAN Domain. Test inbound and outbound traffic and fix any gaps. 5.) Remote Access Domain proposal: Apply first-level (i.e., user ID and password)......

Words: 335 - Pages: 2

Premium Essay

Itt It255 Research Project Part 1

...Brian Gobrecht IT255 Project Part 1 The domains of an infrastructure are broken down into several parts. The User, Workstation, LAN, LAN-to-Wan, Remote Access, Wan, and System/Application domains. All of these are a very crucial part of a domain structure and if one fails to do its proper job most of it or all of it will come to a screeching halt. The User Domain is pretty self-explanatory yes a system can do without a user but by itself it’s more probable to breakdowns and other things to go wrong. So to help the user out in a way it’s not damaging to the infrastructure. One way is to have the computer scan for viruses in anything that plugs into the usb slot such as a portable hard drive or a memory card. As for unauthorized downloads such as music or photos I suggest enable content filtering. Workstation domains are another vital part of keeping the system healthy at most times. To protect this I suggest either at the door of the server room keycards to get in and at the workstation itself both a physical and pass worded approach to ensure the right person is getting in. And to add further measure of security the room would be camera surveyed and users will be logged. A LAN domain can be a very volatile domain with all the wiring and NIC cards and LAN switches common in most rooms. If we are to hopefully secure this part of the domain I would like to be able to restrict access to the computers and laptops that are only necessary to the work environment. So if someone...

Words: 474 - Pages: 2

Free Essay

Ink Milk More

...I do think that by doing so it looses a lot of its original meaning. I believe that literature can be interpreted in to many different meanings and ways that other people don't see. To one person Shakespeare can be a legendary writer and to anot her person he can be some idiot that wrote a lot of garbage. 
 After reading this section, I find it interesting that Shakespeare can be interpreted in several various ways. I have seen a few different productions of Shakespeare plays and I can understand the different ways that people have perceived the various plays. Personally, I believe that the difference between a “more faithful” versus a “more free” adaptation of a Shakespearean play is that a show that is “more faithful” tends to follow the time frame and setting that the play was placed in, whereas a “more free” adaptation can change to different time frames and have different surroundings than the play was actually placed in. With a more “faithful” adaptation of Shakespeare we learn more about the history behind the play and what it truly is about. Unfortunately, with a more “freer” adaptation we can lose the history behind the play because the context of the play can change based on the decisions of how the play was interpreted.
 
In a faithful version of a play, the language, setting, costumes, and all other major aspects remain as the author originally wrote them; a free adaptation may change one or more of these elements. A more faithful adaptation has the advantage of...

Words: 919 - Pages: 4

Premium Essay

Shakespere Was Not for an Age but for All Time

...``Shakespeare Was Not OF An Age But For All Time`` I agree with the statement ``Shakespeare was not for an age but for all time. `` The words of praise probably the most famous ever written about Shakespeare , were penned by Shakespeare`s good friend and follow writer `Ben Johnson`. For the poet and playwright generally considered the greatest ever is also one of the least known of all literary figures. And his works were indeed created for the popular entertainment of his day with little thought to their immortality. Shakespeare did not take any steps to preserve his writings past their immediate use. (Fortunately his friends did.) With all the academic study of Shakespeare and the trappings of fine culture that have been wrapped around productions of his dramas over the centuries, we often forget what a rollicking, bawdy and entertaining spectacle his plays presented to their original audience — and still can to a modern audience, in the right hands. The timelessness of Shakespeare's themes continue to keep his plays fresh. He dramatized basic issues: love, marriage, familial relationships, gender roles, race, age, class, humor, illness, deception, betrayal, evil, revenge, murder, and death. The essential question that Shakespeare explored in his plays is, "what does it mean to be a human being?" The genius of Shakespeare is that he manged to show us ourselves in every conceivable light. It really doesn't matter when the plays were written since they are about the...

Words: 572 - Pages: 3

Free Essay

The Real Richard

...The True Richard I have chosen to analyze the character of Richard III due to his cynical yet honest personality. One thing that sticks out about his character is his relationship with the reader and how he tells us exactly what he’s planning. Even when we are told what Richard will do, the reader is still surprised when he goes about the actions. For example, Richard tells us he is “subtle, false, and treacherous”(I.i), but there is nothing we can do to stop him from being that way. Another quality of Richard that sticks out to me is his ability to manipulate his peers. In act one scene two Lady Anne is mourning the death of King Henry VI, but Richard is set on manipulating her into loving him. Richard has no interest in Lady Anne, but instead wants to be closer and closer to becoming King. Richard’s dedication to achieve his goal no matter what obstacles come his way is a defining feature that sticks out to me. Throughout the play, Richard is faced with obstacles that test his commitment to becoming king. His first major test is when he has to win over Lady Anne. Richard killed Henry and knows Anne is out for his guts, but he has the courage to lie to her saying that he did not kill him. Later, Richard admits to killing Henry, but sweet talks Anne by making her believe that the murder was in an attempt to win her over. While reading this scene, we see Richard being honest to the audience, but a liar to the characters in the show. He knows that his actions have caused......

Words: 1108 - Pages: 5

Free Essay

Nt2580 Unit 5 Assignment 1

...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...

Words: 258 - Pages: 2

Premium Essay

It255 Unit5 Assignment

...TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage......

Words: 295 - Pages: 2

Premium Essay

It255

...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms &......

Words: 4114 - Pages: 17

Premium Essay

Seeking Help

...IT255 Introduction to Information Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information......

Words: 4296 - Pages: 18