Nt2580 Unit 1

In: Computers and Technology

Submitted By Manuldanog
Words 373
Pages 2
Unit 1 Match Risks/Threats to Solutions

1. Violation of a security policy by a user
C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
2. Disgruntled employee sabotage
I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
3. Download of non-business video using the Internet to an employer-owned computer
A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.
4. Malware infection of a user’s laptop
L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection.
5. Unauthorized physical access to the LAN
N. make sure wiring closets, data centers, and computer room are secure. Provide no access without proper credentials.
6. LAN server operating system vulnerabilities
F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments.
7. Download of unknown file types from unknown sources to local users
B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.
8. Errors and weaknesses of network router, firewall, and network appliance configuration file
H. Define a strict zero-day vulnerability window definition. Update devices with security fixes and software patches right away.
9. WAN eavesdropping
M. Use encryption and virtual private network (VPN) tunneling for secure IP communications.
10. WAN Denial of Service (DoS) or Distributed Denial of Service…...

Similar Documents

Nt2580 Unit 4

...Unit 4 assignment 1 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman investments's network from any host. These standards are designed to minimize the potential exposure to Richman investments from damages which may result from unauthorized use of Richman investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman investments internal systems, etc. 2.0 Scope This policy applies to all Richman investments employees, contractors, vendors and agents with a Richman investments-owned or personally-owned computer or workstation used to connect to the Richman investments network. This policy applies to remote access connections used to do work on behalf of Richman investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman investments employees, contractors, vendors and agents with remote access privileges to Richman investments's corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman investments. 2. General access to the Internet for recreational use by immediate household members through the...

Words: 723 - Pages: 3

Nt2580: Unit 1 Match Risks/Threats to Solutions

...Instructions: You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed. Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat. Risks or threats: 1. Violation of a security policy by a user ___C_____ 2. Disgruntled employee sabotage ____I____ 3. Download of non-business videos using the Internet to an employer-owned computer ____A____ 4. Malware infection of a user’s laptop ____L___ 5. Unauthorized physical access to the LAN ____N__ 6. LAN server operating system vulnerabilities ____F_ 7. Download of unknown file types from unknown sources by local users ____B___ 8. Errors and weaknesses of network router, firewall, and network appliance configuration file ____H___ 9. WAN eavesdropping ____M___ 10. WAN Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks ____D___ 11. Confidential data compromised remotely ____K____ 12. Mobile worker token stolen ____G___ 13. Corrupt or lost data ____E___ 14. Downtime of customer database ____J__ Solutions or preventative actions: A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types. B. Apply file...

Words: 447 - Pages: 2

Nt2580 Unit 1

...Unit 1 Match Risks/Threats to Solutions 1. Violation of a security policy by a user C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews. 2. Disgruntled employee sabotage I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business video using the Internet to an employer-owned computer A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types. 4. Malware infection of a user’s laptop L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN N. make sure wiring closets, data centers, and computer room are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments. 7. Download of unknown file types from unknown sources to local users B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources. 8...

Words: 373 - Pages: 2

Itt Nt2580 Unit 5

...Unit 5 Assignment 1: Testing and Monitoring Security Controls Learning Objectives and Outcomes * You will learn to recognize security events and baseline anomalies that might indicate suspicious activity. * You will learn to identify policy violations and security breaches and to appropriately monitor threats and control activity across the network. Assignment Requirements Refer to the handout Testing and Monitoring Security Controls. It contains information on security events or breaches and baseline anomalies. After studying the handout, answer the following questions: * Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. * Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities. Required Resources Worksheet: Testing and Monitoring Security Controls (attached) Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Length: 1–2 pages * Due By: Unit 6 Self-Assessment Checklist * I have identified at least two security events and baseline anomalies. * I have indicated the best options for controlling and monitoring three of the policy violations and security breaches from the list. * I have identified the methods to mitigate risk and...

Words: 1036 - Pages: 5

Nt2580 Unit 1 Homework

...Instructions: You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed. Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat. Risks or threats: 1. Violation of a security policy by a user ____C____ 2. Disgruntled employee sabotage ____I____ 3. Download of non-business videos using the Internet to an employer-owned computer ____A____ 4. Malware infection of a user’s laptop ____L____ 5. Unauthorized physical access to the LAN ____N____ 6. LAN server operating system vulnerabilities ____F____ 7. Download of unknown file types from unknown sources by local users ____B____ 8. Errors and weaknesses of network router, firewall, and network appliance configuration file ____h____ 9. WAN eavesdropping ____M____ 10. WAN Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks ____D____ 11. Confidential data compromised remotely ____K____ 12. Mobile worker token stolen ____G____ 13. Corrupt or lost data ____E____ 14. Downtime of customer database ____J____ Solutions or preventative actions: A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto...

Words: 447 - Pages: 2

Nt2580 Unit 6 Assign 1

...JO STARNES, NT2580, UNIT 2 CALCULATING THE WINDOW OF VULNERABILITY The window of vulnerability is the amount of time the systems defense measures are compromised, minimized, or eliminated. This is when the system is most likely to be at risk, and can be affected by malicious attacks. It is not stated as what day the server software detected the attack on the SMB server. It only states that it was detected the day before. So from day one, these are the steps we will need to take to get the SMB server back up and running properly and safely, as well as the amount of time it will take for us to solve the issue: Day 1 - The software company will release a patch for this attack in three days. Day 4 – We will receive the patch, and we need to install and test the patch, this will take at least five days. Day 9 – After installation and testing is completed; we will send the update to the entire company’s network devices. As soon as all the updates are sent out to all the devices, they will need to be rebooted in order for the patch to take effect. We can send out a message to all devices to insure this happens. This could take a day or two to complete. This could all be completed as early as 10 days if there are no issues during the process, however problems may arise and it could possibly take a day or two more. I hope that this is helpful and we will start immediately on the problem. It is of upmost importance that you have team members monitoring the server at all times......

Words: 310 - Pages: 2

Nt2580 Unit 10

...Unit 10: Assignment 1. A company like Microsoft would have to back up everything on the server. Having a full backup is necessary for Microsoft because of the software and tools they provide for computers and for the financial department for payment plans. They would be required to have a full rotation of data. Microsoft would need roughly 15 data sets. They would be required to backup any search history, email history and file history; which will be dependent on the client. The data should be taken offsite on a daily basis. Sometimes, depending on the amount of data being backed up, the data should be taken twice a day for a company so big. If the current set in the server room were to be destroyed, a lot of data would lost (Too much to try and calculate). The most amount of time the server could be down could be at least 24 hours, maybe even longer. The most amount of data that could be saved by paper backup, would be roughly 2%, everything is done electronically now so 2% seems like a fair estimate. To fully restore a server from Microsoft, it could take a few days or a few weeks. Depending on if the company does a Data restore on a daily basis and how much they restore. To test any restore, you would perform a Data Recovery Restore on a daily basis to ensure that the backup restore is functioning properly. The backup media will be tested for corruption. The procedures for testing and verifying the backup media is the same. Do a data restore on a......

Words: 373 - Pages: 2

Nt2580 Unit 1

...NT2580-M1 Introduction to Information Security Unit 1: Information Systems Security Fundamentals 2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm) Student Name ___________________________________ Lesson Plan Theory (in class, Lab #2)……………………………..…………………..……...2 Reading  Kim and Solomon, Chapter 1: Information Systems Security. Objectives……………..………………….……………………………….2 Student Assignments for this Unit Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) Lab #1: Performing Network Reconnaissance using Common Tools Overview and access vLab..............................................................................................3 Part 1: Exploring the Tools used in the Virtual Lab Environment……………16 Unit 1 Assignment Match Risks/Threats to Solutions Part 2: Connecting to a Linux Machine …………………. .........................44 Unit 1 Assignment Impact of a Data Classification Standard Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59 Appendix A. SYLLABUS………………………………………………..……..………….69 B. Forgot your password?………………………………………………..……..73 Instructor: Yingsang “Louis” HO Tel: 425-241-8080 (cell), (206) 244-3300 (school) Email: yho@itt-tech.edu NT2580_2015_Summer_M1_UNIT1.doc Page 1 of 76 Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and...

Words: 3379 - Pages: 14

Nt2580 Unit 1 Assignment 2

...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system.   * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation...

Words: 508 - Pages: 3

Nt2580 Unit 1 Assignment 1

...1. Violation of a security policy by a user C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance review. 2. Disgruntled employee sabotage. I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the Internet to an employer owned computer. A. Enable content filtering and antivirus scanning at the entry and exit points of the internet. Enable workstation auto-scans and auto-quarantine for unknown files. 4. Malware infections of a user’s computer. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN. N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities. F. Define vulnerability window policies, procedures, and guidelines. Conduct LAN domain vulnerability assessment. 7. Download of unknown file types from unknown sources by local users. B. Apply filter transfer monitoring, scanning, and alarming for unknown file types and sources. 8. Errors and weaknesses of network router, firewall...

Words: 363 - Pages: 2

Nt2580 Unit 1 Assignment 1

...1. Violation of a security policy by a user C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance review. 2. Disgruntled employee sabotage. I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the Internet to an employer owned computer. A. Enable content filtering and antivirus scanning at the entry and exit points of the internet. Enable workstation auto-scans and auto-quarantine for unknown files. 4. Malware infections of a user’s computer. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN. N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities. F. Define vulnerability window policies, procedures, and guidelines. Conduct LAN domain vulnerability assessment. 7. Download of unknown file types from unknown sources by local users. B. Apply filter transfer monitoring, scanning, and alarming for unknown file types and sources. 8. Errors and weaknesses of network router, firewall...

Words: 363 - Pages: 2

Nt2580 Unit 4 Assignment 1

...Nt2580 Unit 4 Unit 4 assignment 1 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman investments's network from any host. These standards are designed to minimize the potential exposure to Richman investments from damages which may result from unauthorized use of Richman investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman investments internal systems, etc. 2.0 Scope This policy applies to all Richman investments employees, contractors, vendors and agents with a Richman investments-owned or personally-owned computer or workstation used to connect to the Richman investments network. This policy applies to remote access connections used to do work on behalf of Richman investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman investments employees, contractors, vendors and agents with remote access privileges to Richman investments's corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman investments. 2. General access to the Internet for recreational use by immediate household......

Words: 300 - Pages: 2

Nt2580 Unit 1 Assignment 2

...Unit 1 Assignment 2 Impact of a Data Classification Standard Internal use only is information that may or may not be confidential. But is shared within a organization and kept away from the public. With that being said it is imperative that we seek the following to be incorporated within the standards in each domain. User Domain refers to the people who have access to the organizations equipment User domains is the worst domain for security and personal information can be obtained on this domain under internal use only. The reasoning for this is the multitudes of social networking and the fallacy’s of the employee’s not even meaning to release information that could be detrimental. Employees are responsible for their own equipment. The best way to avoid this is to set up an Acceptable use Policy (AUP) that informs employees what they can and cannot do with company information, equipment, and resources. We must hold employees accountable who are abusing company’s AUP. Workstation Domain (WSD) refers to the computers or electronic devices in which a user uses to access the system. The WSD is where users first access the systems, applications, and data. This layer requires a login and password authentication before access is allowed to view information. The threats to this domain which vary from unauthorized access to downloading personal files, the best way to fix this is to “Harden” the system by setting up firewalls, anti-virus, malware programs and restricted access...

Words: 537 - Pages: 3

Nt2580 Unit 1 Assignment 2

...Unit 1 Assignment 2 Impact of a Data Classification Standard Internal use only is information that may or may not be confidential. But is shared within a organization and kept away from the public. With that being said it is imperative that we seek the following to be incorporated within the standards in each domain. User Domain refers to the people who have access to the organizations equipment User domains is the worst domain for security and personal information can be obtained on this domain under internal use only. The reasoning for this is the multitudes of social networking and the fallacy’s of the employee’s not even meaning to release information that could be detrimental. Employees are responsible for their own equipment. The best way to avoid this is to set up an Acceptable use Policy (AUP) that informs employees what they can and cannot do with company information, equipment, and resources. We must hold employees accountable who are abusing company’s AUP. Workstation Domain (WSD) refers to the computers or electronic devices in which a user uses to access the system. The WSD is where users first access the systems, applications, and data. This layer requires a login and password authentication before access is allowed to view information. The threats to this domain which vary from unauthorized access to downloading personal files, the best way to fix this is to “Harden” the system by setting up firewalls, anti-virus, malware programs and restricted access...

Words: 537 - Pages: 3

Nt2580 Unit 1 Assignment 2

...William Burns-Garcia NT 2580 Unit 1 Assignment 2 Re: Impact of a Data Classification Standard Per your request, I have included information regarding the data classification standards designed for Richman investments. This report will include information that pertains to the IT infrastructure domains and how they are affected. Though there are several, I want to concentrate on three of the most vulnerable. 1. User Domain: Of all domains, this can be the most vulnerable as it usually affects any user on the network. Most companies should have an Acceptable Use Policy (AUP) with standards that can be monitored at any time. Not only does this policy affect internal users, it should also be enforced by any outside vendors such as, off-site IT support. There should be on-going information sessions to remind users of AUP. 2. Workstation Domain: Every person with access to the network of Richman Investments must have authorized personal credentials to use a workstation assigned to them. A few exceptions can be Major IT administration and authorized upper management. A change password should be implemented no less than 45-60 days on Richman’s network. Administrative passwords should also be changed no less than 30-45 days, Since Administrative access has the most immediate vulnerability. 3. LAN Domain: The Local Area Network (LAN), which includes most things in the computer closet that helps all devices connect to the network. This domain can be vulnerable because......

Words: 364 - Pages: 2