...G. Angel Bautista Professor Abernathy IT 255 20Apr2012 Security is a fundamental aspect of any network infrastructure. The goal is to always have the most up to date programs and protocols to ensure the protection of the network. No aspect is too small to over look. That could mean the difference between a secure network and a compromised network. The best way to achieve this is to break down every level and approach each one as a separate entity and secure it. Then you can modify it to suit the needs of your network. We can start with the Application layer. The Application layer provides the interface to the user. First the end user should be subjected to a background check to ensure against any potential malicious or questionable acts in the users past. Then the end user should be properly trained in the use of the computer and the proper protocols to access the network. Updates should be made frequently to keep the user up to date. When the user is in the network, make sure that any unnecessary devices, USB ports and any back doors are disabled. You also want to make sure that all files and emails and downloadable attachments are all thoroughly scanned prior to downloading. Finally, be sure to ensure content filtering, and restrict the end user to only what pertains to their primary function. The Presentation layer is responsible for encoding and decoding data that is passed from the application layer to another station on the internetwork. You must first ensure that...
Words: 810 - Pages: 4
...Multi Layered Security Plan Richman Investments This Multi layered security plan will give you a brief overview of the security strategies that will be implemented at each level of the companies IT infrastructure. The usage of security awareness training to instruct employees of Richman Investments security policies, auditing of user activity will be implemented at the User Domain level of the infrastructure. The usage of antivirus and anti malware programs on each user computer, strict access privileges to corporate data and the deactivation of media ports will be put in place at the Workstation Domain of the infrastructure. Utilizing network switches, encryption to wireless access points using WPA 2 security shell encryption, as well as securing server rooms from unauthorized access will be implemented at the LAN Domain level of the infrastructure. The closing off unused ports using a firewall to reduce the chance of unwanted network access, monitoring inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent, running all networking hardware with up to date security patches, and operating systems with be set in place within the LAN to WAN Domain structure. Enforcing encryption, and Virtual Private Network (VPN) tunneling for remote connections, configuring routers, and network firewalls to block ping requests to reduce chance of denial of service (DOS) attacks, enforcing anti virus scanning of email attachments, Isolating malicious...
Words: 306 - Pages: 2
...Richman Investments Security Outline Richman Investments has experienced an increase in security breaches that have resulted in the loss of company proprietary information and damage to systems due to many virus and Trojan Horse infections. The following outline contains some of the security mitigation proposals to be implemented shortly. This is just a basic plan for the moment and if security breaches continue, more stringent policies will be installed. The Seven Domains of a typical IT infrastructure are as follows, with the corresponding security proposed for each domain. 1.) User domain proposal: Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on Acceptable use policy (AUP) monitoring and compliance. 2.) Workstation Domain proposal: Use workstation antivirus and malicious code polices, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 3.) LAN Domain (including wireless LANs) proposals: Implement encryption between workstations and Wireless Access Points (WAPs) to maintain confidentiality. 4.) LAN-to-WAN Domain proposal: Conduct post configuration penetration tests of the layered security solution within the LAN-to WAN Domain. Test inbound and outbound traffic and fix any gaps. 5.) Remote Access Domain proposal: Apply first-level (i.e., user ID and password) and...
Words: 335 - Pages: 2
...Brian Gobrecht IT255 Project Part 1 The domains of an infrastructure are broken down into several parts. The User, Workstation, LAN, LAN-to-Wan, Remote Access, Wan, and System/Application domains. All of these are a very crucial part of a domain structure and if one fails to do its proper job most of it or all of it will come to a screeching halt. The User Domain is pretty self-explanatory yes a system can do without a user but by itself it’s more probable to breakdowns and other things to go wrong. So to help the user out in a way it’s not damaging to the infrastructure. One way is to have the computer scan for viruses in anything that plugs into the usb slot such as a portable hard drive or a memory card. As for unauthorized downloads such as music or photos I suggest enable content filtering. Workstation domains are another vital part of keeping the system healthy at most times. To protect this I suggest either at the door of the server room keycards to get in and at the workstation itself both a physical and pass worded approach to ensure the right person is getting in. And to add further measure of security the room would be camera surveyed and users will be logged. A LAN domain can be a very volatile domain with all the wiring and NIC cards and LAN switches common in most rooms. If we are to hopefully secure this part of the domain I would like to be able to restrict access to the computers and laptops that are only necessary to the work environment. So if someone...
Words: 474 - Pages: 2
...I do think that by doing so it looses a lot of its original meaning. I believe that literature can be interpreted in to many different meanings and ways that other people don't see. To one person Shakespeare can be a legendary writer and to anot her person he can be some idiot that wrote a lot of garbage. After reading this section, I find it interesting that Shakespeare can be interpreted in several various ways. I have seen a few different productions of Shakespeare plays and I can understand the different ways that people have perceived the various plays. Personally, I believe that the difference between a “more faithful” versus a “more free” adaptation of a Shakespearean play is that a show that is “more faithful” tends to follow the time frame and setting that the play was placed in, whereas a “more free” adaptation can change to different time frames and have different surroundings than the play was actually placed in. With a more “faithful” adaptation of Shakespeare we learn more about the history behind the play and what it truly is about. Unfortunately, with a more “freer” adaptation we can lose the history behind the play because the context of the play can change based on the decisions of how the play was interpreted. In a faithful version of a play, the language, setting, costumes, and all other major aspects remain as the author originally wrote them; a free adaptation may change one or more of these elements. A more faithful adaptation has the advantage of...
Words: 919 - Pages: 4
...``Shakespeare Was Not OF An Age But For All Time`` I agree with the statement ``Shakespeare was not for an age but for all time. `` The words of praise probably the most famous ever written about Shakespeare , were penned by Shakespeare`s good friend and follow writer `Ben Johnson`. For the poet and playwright generally considered the greatest ever is also one of the least known of all literary figures. And his works were indeed created for the popular entertainment of his day with little thought to their immortality. Shakespeare did not take any steps to preserve his writings past their immediate use. (Fortunately his friends did.) With all the academic study of Shakespeare and the trappings of fine culture that have been wrapped around productions of his dramas over the centuries, we often forget what a rollicking, bawdy and entertaining spectacle his plays presented to their original audience — and still can to a modern audience, in the right hands. The timelessness of Shakespeare's themes continue to keep his plays fresh. He dramatized basic issues: love, marriage, familial relationships, gender roles, race, age, class, humor, illness, deception, betrayal, evil, revenge, murder, and death. The essential question that Shakespeare explored in his plays is, "what does it mean to be a human being?" The genius of Shakespeare is that he manged to show us ourselves in every conceivable light. It really doesn't matter when the plays were written since they are about the...
Words: 572 - Pages: 3
...play will not be as heroic and godly as initially envisioned. This is because there is a shortage in the resources necessary to depict this great spectacle, and it is instead the audience’s responsibility to both create and imagine the play. The opening prologue alone sets the stage for how equivocally this war will be portrayed, and also how frequently the reader’s understanding of Henry will be challenged throughout the play. In Act 1, we are introduced to the crafty Bishop of Canterbury and Bishop of Ely, who discuss a bill that will cause the Church to lose a significant amount of money if passed. They then realize that if they can convince Henry to invade France in order to claim the throne, they can postpone the bill in the meantime, as Canterbury has already proposed to donate a generous amount of money towards the war. Soon after, we meet Henry for the first time, and Canterbury delivers a prolonged speech to justify his claim to declare war with the French, by reassuring Henry that he can indeed inherit the French throne. Leading up to Act 1, scene 2, lines 290-310, King Henry has been presented with a chest full of tennis balls sent from the Dauphin, as a form of mockery to suggest Henry’s immaturity and inability to lead a country. This provokes Henry’s powerful rant, a retaliation to the mockery. This speech provides an essential insight into Henry’s multifaceted personality. It portrays not only Henry’s unpredictable nature, but also in such ambiguity alludes to the...
Words: 1739 - Pages: 7
...The True Richard I have chosen to analyze the character of Richard III due to his cynical yet honest personality. One thing that sticks out about his character is his relationship with the reader and how he tells us exactly what he’s planning. Even when we are told what Richard will do, the reader is still surprised when he goes about the actions. For example, Richard tells us he is “subtle, false, and treacherous”(I.i), but there is nothing we can do to stop him from being that way. Another quality of Richard that sticks out to me is his ability to manipulate his peers. In act one scene two Lady Anne is mourning the death of King Henry VI, but Richard is set on manipulating her into loving him. Richard has no interest in Lady Anne, but instead wants to be closer and closer to becoming King. Richard’s dedication to achieve his goal no matter what obstacles come his way is a defining feature that sticks out to me. Throughout the play, Richard is faced with obstacles that test his commitment to becoming king. His first major test is when he has to win over Lady Anne. Richard killed Henry and knows Anne is out for his guts, but he has the courage to lie to her saying that he did not kill him. Later, Richard admits to killing Henry, but sweet talks Anne by making her believe that the murder was in an attempt to win her over. While reading this scene, we see Richard being honest to the audience, but a liar to the characters in the show. He knows that his actions have caused Lady...
Words: 1108 - Pages: 5
...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...
Words: 258 - Pages: 2
...TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges...
Words: 295 - Pages: 2
...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications ...
Words: 4114 - Pages: 17
...IT255 Introduction to Information Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems ...
Words: 4296 - Pages: 18
