Premium Essay

It255 Unit5 Assignment

In: Computers and Technology

Submitted By stiimpy
Words 295
Pages 2
TO:
FROM:
DATE:
SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls
REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1)
How Grade: One hundred points total. See each section for specific points.

Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | |

Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.)

# | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. | | | 3. | Sensitive laptop data is unencrypted and susceptible to physical theft. | Monitor for port scanning and malware | Encrypt the data | 4. | Remote users do not have recent patches or current updates. | | | 5. | Legitimate traffic bearing a malicious payload exploits network services. | | | 6. | An invalid protocol header disrupts a…...

Similar Documents

Free Essay

Nt2580 Unit 5 Assignment 1

...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...

Words: 258 - Pages: 2

Premium Essay

It255

...Multi-Layered Security Outline To: Richman Investments Senior Management Outline includes: Security solutions for each of the seven domains. User Domain: This is where the first layer of defense starts for a layered security strategy. We will conduct security awareness training, restrict access for users to specific systems and programs, create an acceptable use policy, and track and monitor employee behaviors. Workstation Domain: Start by creating strong passwords to protect workstation access, then enable antivirus protections, and mandate security awareness training to all employees. This domain is almost as vulnerable as the user domain and also needs constant monitoring. LAN Domain: To prevent unauthorized access we can physically secure wiring closets and data centers, implement encryption protection, define strong access control policies and strong second-level authentications. LAN-to-WAN Domain: Disable ping, probing and port scanning, apply strict security monitoring controls, and update devices with security fixes and software patches right away are excellent measures to take. WAN Domain: Use encryption and VPN tunnels for end-to-end secure IP communications, and scan all e-mail attachments for type, antivirus, and malicious software. Back up and store data in off-site data vaults. Remote Access Domain: Establish user ID and password policies requiring periodic changes, set automatic blocking for attempted logon retries, and encrypt all data within......

Words: 257 - Pages: 2

Premium Essay

It255

...Richman Investments To: Don, IT supervisor From: XXXX,XXXXXXXXXX, IT Intern I was tasked with drafting a report on the Richman Investments “Internal Use Only” data classification standard. This report will address which IT Infrastructure domains are affected by the standard and in addition how they are affected. There are seven layers (domains) in the IT Infrastructure that are affected by this; however I will mainly focus on three. User Domain is the first layer in the IT Infrastructure and is the weakest link in an IT Infrastructure. This is where you will encounter your Risks, Threats and Vulnerabilities. But you can also mitigate most of the common User Security risks. Here, the employees can access systems, applications and data based on their access rights. This is where one will find an Acceptable Use Policy (AUP). The AUP defines what every system user is allowed to do with company owned systems. Workstation Domain is the second layer in the IT Infrastructure. This is where most users connect to the IT Infrastructure. Keep in mind, a workstation can be either a centralized desktop computer or a laptop computer or any device utilized to connect onto the network. The users will initially access systems, application and or data. However, in order to protect the systems, workstations require additional layers of security such as; logon IDs and passwords. LAN Domain is the third layer in the IT Infrastructure. Your LAN (Local Area Network) allows for......

Words: 374 - Pages: 2

Premium Essay

It255

...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms &......

Words: 4114 - Pages: 17

Premium Essay

It255

...2. Cryptography: Overview An overview of the main goals behind using cryptography will be discussed in this section along with the common terms used in this field. Cryptography is usually referred to as "the study of secret", while nowadays is most attached to the definition of encryption. Encryption is the process of converting plain text "unhidden" to a cryptic text "hidden" to secure it against data thieves. This process has another part where cryptic text needs to be decrypted on the other end to be understood. Fig.1 shows the simple flow of commonly used encryption algorithms. Fig.1 Encryption-Decryption Flow As defined in RFC 2828 [RFC2828], cryptographic system is "a set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context." This definition defines the whole mechanism that provides the necessary level of security comprised of network protocols and data encryption algorithms. 2.1 Cryptography Goals This section explains the five main goals behind using Cryptography. Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories[Earle2005]: Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be......

Words: 6825 - Pages: 28

Premium Essay

It302-Unit5

...IT302-Unit5- Kaplan University Part 1: Design choice and wireframe. The range of purposes that kiosks serve is broad and varied. From providing information or services to the purchase of an extensive array of goods a kiosk can be and frequently is used to meet the desires and needs of the general public and consumers. In recent years there has been a substantial and steady increase in the frequency that we see or use some form of stand alone kiosk. The wireframe that I considered is more general in nature. This was done to provide flexibility in the design that can be easily used across a broad range of services with minimal modification. It also accommodates easy adjustment for use by disabled individuals. [pic] Part 2: Report of design principles. The final goal in designing a kiosk is to generate a product that will meet the needs of the business or organization that is using it to provide goods or services to its potential clientele. The purpose is to produce a product that is highly intuitive, and also provides clear and concise instructions on the proper use of the kiosk in general and specific features for those patrons that need assistance. The final design is influenced by several factors; • The service it provides and its ultimate function. • Ease of use and convenience for all users including handicapped. • The surroundings it needs to blend with. • Ease...

Words: 807 - Pages: 4

Premium Essay

It255

...Exam 1 1. Which edition of Windows includes DirectAccess and BranchCache? A. Windows 7 Enterprise B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Home Premium Answer: A Windows 7 Enterprise is targeted for managed environments, mainly large enterprises. It includes all features that Windows 7 offers, including BitLocker, BitLocker To Go, AppLocker, DirectAccess, and BranchCache. 2. How much memory does a 32-bit version of Windows 7 support? A. 1 GB B. 2 GB C. 4 GB D. 8 GB Answer: C A 32-bit version of Windows is based on a 32-bit address bus, which can use up to 4 GB of memory. 3. Which of the following does NOT include Aero? A. Windows 7 Home Premium B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Enterprise Answer: C Aero is not included in Windows 7 Home Basic or Windows 7 Starter. 4. What is the minimum processor that you need to install Windows 7 Home Basic, 32 bit? A. 800 MHz B. 1 GHz C. 1.2 GHz D. 2.0 GHz Answer: B ...

Words: 3862 - Pages: 16

Premium Essay

It301-Unit5

...Leading thinkers make great philosophies, and great philosophies make great thinkers, and one of them is W. Edwards Deming. Deming changed our lives by developing better ways for people to work together. He was educated in engineering physics and became an early student of statistics. He derived the first philosophy and method that allows individuals and organizations, to plan and continually improve themselves, their relationships, processes products and services. His philosophy is one of cooperation and continual improvement; to steer clear of blame and redefines mistakes as opportunities for improvement. Deming’s philosophy came about while he was in Japan, doing census work after World War II. He also taught statistical process control to leaders of prominent Japanese businesses. Japanese businesses started applying Deming’s philosophy and saw great improvement; their quality was way more superior then of their competitors. Deming’s points and philosophies apply equally to any kind of business, everyone could use his logic. After using his philosophy, the Japanese saw such improvement in their products and their businesses in general; their business was soaring and their cost was lower than that of other businesses. Japanese businesses soared and ruled the global market. By improving quality, companies will decrease expenses as well as increase productivity and market share. Companies that were using Deming’s philosophy saw that they didn’t have to sacrifice quality to...

Words: 709 - Pages: 3

Premium Essay

Unit5

...TCP/IP network, TCP/IP identifies both the stuff and how the stuff works together. Networking standards record the details of exactly what a new networking technology does, and how it does what it does. TCP/IP model defines a large set of standards, which, when implemented together, create a safe and useful network. Open networking model like TCP/IP purposefully shares the details so that any vendor can make products using those standards. Open system interconnection (ISO) set out with a noble goal to create an open networking model. Encoding standard creates something like a spoken language that uses electricity. A header and/or trailer as a place to store a message that needs to flow through the network with the user data. Leased line creates the equivalent of a cable directly between two remote sites. T Internet Protocol (IP), list the rules so that the network can forward data from end to end through the entire TCP/IP network. IP address identifies that device in a TCP/IP network. Remember, computer networks, including TCP/IP networks, need to deliver bits from one device to another. IP routing defines exactly how routers makes their choices of how to forward data in a TCP/IP network. : frame and packet. The term frame specifically refers to encapsulated data that includes the data-link header and trailer, plus everything in between—including the IP header. The term packet refers to what sits between the data-link header and trailer, but not including the......

Words: 257 - Pages: 2

Premium Essay

Unit5 P2

...In this task I will explain the difference between capital and revenue items of expenditure and income Capital income Capital income is money coming into the business, but not necessarily from direct sales of products or services. Capital income is money that comes into the business but not as revenue from what the businesses main frame of making profit is. Zara’s capital income would be any loans that the business receives. Another form of capital income Zara receives is money that comes into the business from sales of shares. Sole trader’s capital investments is also another form of capital income. Revenue income Revenue income is money coming into the business from sales of goods or services. This is the form of revenue that the businesses main purpose for setting up is to make profit in this form of revenue income. Revenue income could also be from receiving payments loans given out with interest in return or money coming in from rent payments that come into the business. Zara’s main form of revenue income is from the sales of their clothing goods both online and in store. Difference between capital and revenue income The difference between capital and revenue income is that capital income is made from money that comes into the business but not from the direct method that the businesses main purpose of making profit is. For example a business’s main objective may be to make as many sales from a product as possible, the money that they receive from this is revenue......

Words: 706 - Pages: 3

Free Essay

It255

...Answer the following questions a) What is the basic concept of interest? b) How is interest usually expressed? (In terms of the principal) Interested is usually expressed as a percent on the principal. c) What does the interest rate multiply on for simple interest? A 30-year loan for $100,000 with a rate of 6%. The monthly payment would be $599.56 for both the standard and simple interest mortgages. The interest due is calculated differently, however. On the standard mortgage, the 6% is divided by 12, converting it to a monthly rate of .5%. The monthly rate is multiplied by the loan balance at the end of the preceding month to obtain the interest due for the month. In the first month, it is $500. d) What does the interest rate multiply on for compound interest? It multiplies interest* total amount What is the formula for simple interest? I=P *r* t e) Example below f) What is the formula for compound interest? P is the principal (the initial amount you borrow or deposit) r is the annual rate of interest (percentage) n is the number of years the amount is deposited or borrowed for. A is the amount of money accumulated after n years, including interest. When the interest is compounded once a year: A=P(1+r)n*t Also you can use compound interest like this Annually = P × (1 + r) = (annual compounding) Quarterly = P (1 + r/4)4 = (quarterly compounding) Monthly = P (1 + r/12)12 = (monthly compounding) Given the......

Words: 367 - Pages: 2

Premium Essay

Itt It255 Research Project Part 1

...Brian Gobrecht IT255 Project Part 1 The domains of an infrastructure are broken down into several parts. The User, Workstation, LAN, LAN-to-Wan, Remote Access, Wan, and System/Application domains. All of these are a very crucial part of a domain structure and if one fails to do its proper job most of it or all of it will come to a screeching halt. The User Domain is pretty self-explanatory yes a system can do without a user but by itself it’s more probable to breakdowns and other things to go wrong. So to help the user out in a way it’s not damaging to the infrastructure. One way is to have the computer scan for viruses in anything that plugs into the usb slot such as a portable hard drive or a memory card. As for unauthorized downloads such as music or photos I suggest enable content filtering. Workstation domains are another vital part of keeping the system healthy at most times. To protect this I suggest either at the door of the server room keycards to get in and at the workstation itself both a physical and pass worded approach to ensure the right person is getting in. And to add further measure of security the room would be camera surveyed and users will be logged. A LAN domain can be a very volatile domain with all the wiring and NIC cards and LAN switches common in most rooms. If we are to hopefully secure this part of the domain I would like to be able to restrict access to the computers and laptops that are only necessary to the work environment. So if someone...

Words: 474 - Pages: 2

Premium Essay

It255 Define an Acceptable Use Policy Essay

...IT255 Acceptable Use Policy (AUP) I have reviewed the list of forbidden traffic and came up with this acceptable use policy. Some ports (20&69) would be disabled denying file transfer if all traffic listed is forbidden. I propose the use of content filtering, file transfer monitoring, scanning and alarming for unknown file types from unknown or restricted sources. The restriction on downloading executables could be changed in the same fashion. Both of these guidelines could otherwise interfere with otherwise normal business practice and hinder the productivity of the company. The redistribution copyrighted material is restricted because the system administrator ensures all workstations have what they need. No exporting internal software or technical material in violation of export control laws. If a worker needs such software or material for a location that does not have it then they will be issued license for said use of such property. Workstations will run antivirus and malicious removal software. These programs will be update as new definitions and malicious code data are provided. The organizations data classification standard should address remote access. The company will deny outbound traffic using source IP addresses in access control lists. If remote access is allowed, encrypt where necessary. This will prevent any unauthorized access to internal resources or information from external sources. No unauthorized port scanning or probing on the company’s......

Words: 487 - Pages: 2

Free Essay

It255

...1. Data Encryption Standard (DES): A predominant algorithm for the encryption of electronic data. It was influential in the advancement of modern cryptography in the academic world. 2. Rivest, Shamir and Adleman (RSA) encryption algorithm: Internet encryption and authentication system that uses an algorithm. It is most commonly used encryption and authentication algorithm used. 3. Triple DES: A block cipher, which applies the data encryption standard cipher algorithm three times to each data block. 4. Diffie-Hellman key exchange: A specific method of exchanging cryptographic keys. It allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. 5. International Data Encryption Algorithm (IDEA): Uses a block cipher with a 128-bit key, and is generally considered to be very secure. It is known as the best public known algorithm. 6. El Gamal encryption algorithm: An asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie-Hellman exchange. It is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. 7. Carlisle Adams and Stafford Taveres (CAST) algorithm: This is a substitution-permutation algorithm similar to DES. It was designed with a public criteria. 8. Elliptic curve cryptography (ECC): A public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient......

Words: 519 - Pages: 3

Premium Essay

It255

...Internet DMZ Equipment Policy 1.0 Purpose The purpose of this policy is to define standards to be met by all equipment owned and/or operated by Richman Investments located outside Richman Investment's corporate Internet firewalls. These standards are designed to minimize the potential exposure to Richman Investment from the loss of sensitive or company confidential data, intellectual property, damage to public image etc., which may follow from unauthorized use of Richman Investment resources. Devices that are Internet facing and outside the Richman Investment firewall are considered part of the "de-militarized zone" (DMZ) and are subject to this policy. These devices (network and host) are particularly vulnerable to attack from the Internet since they reside outside the corporate firewalls. The policy defines the following standards: * Ownership responsibility * Secure configuration requirements * Operational requirements * Change control requirement 2.0 Scope All equipment or devices deployed in a DMZ owned and/or operated by Richman Investment (including hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by Richman Investment, must follow this policy. This policy also covers any host device outsourced or hosted at external/third-party service providers, if that equipment resides in the "RichmanInvestment.com" domain or appears to be owned by Richman Investment. All......

Words: 1219 - Pages: 5