Premium Essay

Nt2580 Unit 1

In: Computers and Technology

Submitted By rocoso878
Words 3379
Pages 14
NT2580-M1 Introduction to Information Security
Unit 1: Information Systems Security Fundamentals
2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm)
Student Name ___________________________________
Lesson Plan
Theory (in class, Lab #2)……………………………..…………………..……...2

Kim and Solomon, Chapter 1: Information Systems Security.

Student Assignments for this Unit
Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap)

Lab #1: Performing Network Reconnaissance using Common Tools
Overview and access vLab..............................................................................................3

Part 1: Exploring the Tools used in the Virtual Lab Environment……………16
Unit 1 Assignment Match Risks/Threats to Solutions

Part 2: Connecting to a Linux Machine …………………. .........................44
Unit 1 Assignment Impact of a Data Classification Standard

Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59

A. SYLLABUS………………………………………………..……..………….69
B. Forgot your password?………………………………………………..……..73
Instructor: Yingsang “Louis” HO
Tel: 425-241-8080 (cell), (206) 244-3300 (school)


Page 1 of 76

Unit 1: Information Systems Security Fundamentals
Learning Objective

Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts

Confidentiality, integrity, and availability (CIA) concepts

Layered security solutions implemented for the seven domains of a typical IT infrastructure 

Common threats for each of the seven domains

IT security policy framework

Impact of data classification standard on the seven domains


Kim and Solomon, Chapter 1: Information Systems Security.


Similar Documents

Free Essay

Nt2580 Unit 6 Assign 1

...JO STARNES, NT2580, UNIT 2 CALCULATING THE WINDOW OF VULNERABILITY The window of vulnerability is the amount of time the systems defense measures are compromised, minimized, or eliminated. This is when the system is most likely to be at risk, and can be affected by malicious attacks. It is not stated as what day the server software detected the attack on the SMB server. It only states that it was detected the day before. So from day one, these are the steps we will need to take to get the SMB server back up and running properly and safely, as well as the amount of time it will take for us to solve the issue: Day 1 - The software company will release a patch for this attack in three days. Day 4 – We will receive the patch, and we need to install and test the patch, this will take at least five days. Day 9 – After installation and testing is completed; we will send the update to the entire company’s network devices. As soon as all the updates are sent out to all the devices, they will need to be rebooted in order for the patch to take effect. We can send out a message to all devices to insure this happens. This could take a day or two to complete. This could all be completed as early as 10 days if there are no issues during the process, however problems may arise and it could possibly take a day or two more. I hope that this is helpful and we will start immediately on the problem. It is of upmost importance that you have team members monitoring the server at all times......

Words: 310 - Pages: 2

Free Essay

Nt2580 Unit 1 Assignment 2

...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system.   * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation......

Words: 508 - Pages: 3

Free Essay

Nt2580 Unit 9 Assignment 1

...What are the phases of a computer attack? Phase I: Reconnaissance Probing During the first phase of a computer attack, the attacker will gather as much information as he can to identify the weakest points of entry on a network. It is important that he collects as much information as he can because this will determine how successful the attack will be. An attacker uses various tools found on the internet designed to exploit various targets. He will use those tools accordingly. Some of the tools are: -DNS and ICMP tools within the TCP/IP protocol suite -Standard and customized SNMP tools -Port scanners and port mappers -Security probes Attackers will use these tools to view detailed information about the network. By knowing a specific domain name, an attacker can easily find registered addresses, server names, and domain names via ICMP and WHOIS. Reverse DNS lookup and nslookup also provide searches for DNS information. Phase II: Access and Privilege Escalation Once the attacker has gathered the information they need to facilitate the attack he must make the connection or access the targeted system and gain administrative access. This can be done via secondary remote gateways and/or unattended modem boxes on the outside of an organizations building. An......

Words: 346 - Pages: 2

Premium Essay

Unit 1 Assignment 2 Nt2580

...Three IT infrastructure domains that would be mostly affected by the “Internal Use Only” data classification standard would be the User Domain, the Workstation Domain, and the LAN domain. The first domain that would be affected is the User Domain. The User Domain defines the people who access an organization’s information system. One of the roles and tasks is that the user can access systems, applications, and data depending upon their defined access rights. Inside the User domain is where the user would find the acceptable user policy or AUP. The AUP defines what users are allowed to do within the organization-owned IT assets. The User Domain is considered the weakest and most affected domain. One reason why is that it has a lack of user awareness. Another reason is that when users are downloading various content and different files, they generally do not conform to the established security guidelines. To protect from these issues, there should be enabled content filtering as well as automatic antivirus scans. A way to protect from an user doing Employee blackmail or extortion is to enable intrusion detection system/intrusion prevention system (IDS/IPS) monitoring. The monitoring will examine the IP data streams for inbound and outbound traffic. A second domain that is affected is the Workstation Domain. The Workstation Domain is where most users connect to the IT infrastructure. A workstation can be a desktop computer, laptop or any device that connects to the network....

Words: 581 - Pages: 3

Free Essay

Nt2580 Unit 5 Assignment 1

...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...

Words: 258 - Pages: 2

Free Essay

Nt2580 Unit 1 Assignment 2

...William Burns-Garcia NT 2580 Unit 1 Assignment 2 Re: Impact of a Data Classification Standard Per your request, I have included information regarding the data classification standards designed for Richman investments. This report will include information that pertains to the IT infrastructure domains and how they are affected. Though there are several, I want to concentrate on three of the most vulnerable. 1. User Domain: Of all domains, this can be the most vulnerable as it usually affects any user on the network. Most companies should have an Acceptable Use Policy (AUP) with standards that can be monitored at any time. Not only does this policy affect internal users, it should also be enforced by any outside vendors such as, off-site IT support. There should be on-going information sessions to remind users of AUP. 2. Workstation Domain: Every person with access to the network of Richman Investments must have authorized personal credentials to use a workstation assigned to them. A few exceptions can be Major IT administration and authorized upper management. A change password should be implemented no less than 45-60 days on Richman’s network. Administrative passwords should also be changed no less than 30-45 days, Since Administrative access has the most immediate vulnerability. 3. LAN Domain: The Local Area Network (LAN), which includes most things in the computer closet that helps all devices connect to the network. This domain can be vulnerable because...

Words: 364 - Pages: 2

Free Essay

Nt2580 Unit 1 Assignment Impact of Data Classicification

...Unit Assignment 2: Impact of a Data Classification The Internal Use Only data classification standard of Richman Investments has many different infrastructures domains that are affected via internal use only data classification. More than all others, the three infrastructures that are affected the most are the User Domain, Workstation Domain and the LAN Domain. The reason why the User Domain infrastructure is one of the most affected infrastructures is because the User Domain infrastructure is the infrastructure that allows users to access the network. This is a problem because many users do not fully understand everything, all the time and thus is bound to make a mistake sooner or later. With so many users on our network, this is probably the most vulnerable domain infrastructures in our network. The Workstation Domain is also another domain infrastructure that has great reason to be affect by internal use only data because this is where the user connects to the our network. The reason that this can cause security threats and other problems is because this domain can be connected via a personal laptop or even a cell phone or other mobile device. The final infrastructure domain that is greatly affected is the LAN domain. The reason that this domain infrastructure is affected by internal use only data is because this domain is the open domain available companywide, to anybody in the building or even near the building via a wireless device. If we watch these specific......

Words: 280 - Pages: 2

Free Essay

Nt2580 Unit 1 Assignment: Internal Use Only Policy

...Charles Elliot 6/20/15 To: Richman Investments Employees. Subject: Internal Use Only Policy This report is to inform all members of Richman investments of their Internal Use Only policy. We will be discussing what this policy means, its effect on running day to day tasks on the network, and what protocols we are to follow when under the enforcement of this policy. Internal use only simply means that the data stays on site, or that an organization shares the information internally. And while the information may or may not be of a sensitive nature, there will be no exchange of data or communication of any kind outside of the organization. Any person(s) who wish to gain access to any information within Richman Investments infrastructure must authenticate themselves by logging on to their User profile and entering their password. All Users must agree and adhere to the AUP-Acceptable Use Policy. The AUP is a policy that states what a user can or cannot do with information from Richman Investments. Failure to adhere to the AUP will result in disciplinary actions both in their profession as well as legal disciplinary actions. The workstation is where the User connects to the infrastructure. There are no personal or recording devices or removable media of any kind allowed at the workstation. Richman Investments will provide and devices and removable media themselves, also these devices are never to leave the premises. The infrastructure administrators will determine which......

Words: 317 - Pages: 2

Premium Essay


...Results Nt2580 - College Essays - Hendrome › Computers and Technology Nov 11, 2012 – Nt2580. Making tradeoffs due to economic scarcity and that every society faces ... For a given set of laboratory services, there is a defined cost. Nt2580 Lab 4 - Term Papers - Jrains › Computers and Technology Jan 18, 2013 – Nt2580 Lab 4. 1. Define why change control management is relevant to security operations in an organization. Change control is a systematic ... NT2580 Introduction to Network Security Welcome to NT2580 Introduction to Network Security ... Home Work , Labs, PowerPoint , Project and Exam Reviews. Fall Quarter 2012 ... Itt tech nt2580 lab 6 - 6 ebooks - free download Itt tech nt2580 lab 6 download on free books and manuals search - 094 ALB 01-09-13 01-09-13 Vol 37-a. Nt2580 unit 9 lab - 4 ebooks - free download Nt2580 unit 9 lab download on free books and manuals search - NT2580 Introduction to If ti S itInformation Security. Nt2580 unit 6 lab - 4 ebooks - free download Nt2580 unit 6 lab download on free books and manuals search - NT2580 Introduction to If ti S itInformation Security. Lab itt edition nt2580 answers - 1 ebooks - free......

Words: 435 - Pages: 2

Free Essay

Policy Definition & Data Classification

...8/1/2015 NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework   NT2580 Unit 7 Policy Definition and Data Classification Standard Home  ITT Tech  NT  NT 2580  NT2580 Unit 7 Policy Definition and Data Classification Standard  You have successfully unlocked this document. You have 24 more unlocks  available. Was this document helpful?  Yes   Download Document­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100 1/6 8/1/2015 NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework Share and earn access  CorporalStarViper9176 ITT Tech Follow 3  1787  302­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100 2/6 8/1/2015 NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework   VIEWS UNLOCKS 0 1   HELPFUL UNHELPFUL 0 0 About this Document SCHOOL ITT Tech COURSE NT 2580, Summer 2014 COURSE TITLE Introduction to Information Security PROFESSOR MR J TYPE Homework PAGES 1 WORD COUNT 206 Is this correct?  Flag Get Help in NT......

Words: 487 - Pages: 2

Premium Essay


...VPN access control model for a large scale company. * This policy will support remote access control for systems, applications, and data access. Remote access Defined Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings. The following diagram shows the VPN server that provides remote access VPN connections. Domain/Network Config: For each employee that is allowed VPN access: * The network access permission on the dial-in properties of the user account is set to Control access through NPS Network Policy. * The user account is added to the VPN_Users group in Active Directory. To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS): * Policy name: Remote Access VPN Clients * Conditions: * NAS Port Type is set to Virtual (VPN) * Windows Groups is set to VPN_Users * Calling Station ID is set to * Permission is set to Grant access. NPS policy settings: * On the Constraints tab, under Authentication Methods, for EAP Types select Microsoft: Smart Card or other certificate. Also enable Microsoft Encrypted Authentication version 2 (MS-CHAP v2). * Or SSTP, L2tp/IPsec, PPTP, IKEv2 Access control model/ policy: This model would support Role based access controls and allow mandatory access control to......

Words: 339 - Pages: 2

Premium Essay


...Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580......

Words: 2305 - Pages: 10

Premium Essay

Nt2580 Week 1

...ITT Technical Institute 3825 West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief......

Words: 530 - Pages: 3

Premium Essay

Information Security Project 1

...Project 1 Name: Ashiqul Abir Class: NT2580 Date: 02/28/2013 Information security best practice project: The information security best project was housed within the Oxford University computer emergency response team. The project sought build on the knowledge, commentary and information gathered during the 2009 self-assessment exercise. One of the main objectives of the project was to develop an information security toolkit, which includes the policies, guidelines, documentation and education and awareness programmers. Information security: In a devolved environment, such as a collegiate university, it is imperative that policy should not go into retail about how those objectives should be met. It also defines the scope of the policy and identifies roles and responsibilities for security. Information security toolkit: The example polies can be tailored to suit the individual needs of your department, college or hall. The toolkit focuses on some areas like, IT management Operations Network Management Physical Security Building on the 2009 self-Assessment: The 2009 Self-Assessment exercise asked unit within the collegiate university to assess their current approach to IT operations, management and security against recommended best practice guidelines. The information gathered helped the advisory group to understand where further attention, resource, and best practice is needed to guide......

Words: 280 - Pages: 2

Free Essay

Nt2680 Unit 1 Assignment 2

...Dallas Benning NT2580 Unit 1 Assignment 2: Impact of a Data Classification Standard The “Internal Use Only” data classification standards will affect the user domain, the work station domain and the LAN domain. These three domains are the most basic infrastructure domains and the will cover all users in the company. The classification will cover the company telephone directory, employee training materials and internal policy manuals. The User Domain explains the people who have access to the company’s information. This domains will contain all of the user’s information and will enforce the policies that control what information each user is allowed to access. This domain can also be the greatest weakness in a system and needs to be carefully monitored. The Workstation domain is where users are verified and accounts are set up. They will need to have a user name and password assigned to them by the IT department before they can access any systems or data. Also, no personal devices or any forms of removable media will be allow on the network. There will also be policies in place to ensure that each employee only has access to the information that they need to perform their jobs. The LAN domain includes all physical elements of the LAN network. There must be strong security for this domain because it is the entry point to any WAN networks and makes accessing workstations far easier. Users must have background checks and be screened before given access to the......

Words: 290 - Pages: 2