Free Essay

Nt2580 Unit 5 Assignment 1

In: Computers and Technology

Submitted By saintjay
Words 258
Pages 2
It255 Unit5 Assignment
TO:
FROM:
DATE:
SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls
REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1)
How Grade: One hundred points total. See each section for specific points.

Assignment Requirements

Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.)

# | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | |

Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.)

# | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. | | | 3. | Sensitive laptop data is unencrypted and susceptible to physical theft. | Monitor for port scanning and malware | Encrypt the data | 4. | Remote users do not have recent patches or current updates. | | | 5. | Legitimate traffic bearing a malicious payload exploits network services. | | | 6. | An invalid protocol header disrupts a critical network service. | | | 7. | Removable storage drives introduce malware filtered only...

Similar Documents

Premium Essay

Test

...This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program:    IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA    NT2580 NT2670  Introduction to  Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to  Security Auditing for Compliance Countermeasures Information Security Email and Web Services      NT1230 NT1330 Client-Server Client-Server  Networking I Networking II  IS3230 IS3350 NT1230 NT1330  Issues Client-Server Client-Server  SecurityContext in Legal Access Security Networking I Networking II   NT1110  NT1210 Structure and Introduction to  ComputerLogic Networking    IS3120 IS3110 NT1210 Network  Risk Management in Introduction to General Education / General Studies NT2580 NT2799 Communications Information Technology Introduction to Information Security NSANetworking Capstone Project IS4550 NT2640 Security Policies and Implementation IP NT2640 Networking IP Networking PT2520...

Words: 2305 - Pages: 10

Premium Essay

Nt1230 Syllabus

...1st QTR GS1140 NT1110 GS1145 Problem Solving Theory Computer Structure and Logic Strategies for the Technical Professional 2nd QTR NT1210 Introduction to Networking NT1230 Client-Server Networking I MA1210 College Mathematics I 3rd QTR NT1310 NT1330 MA1310 4th QTR PT1420 NT1430 EN1320 5th QTR PT2520 NT2580 EN1420 6th QTR NT2640 NT2670 CO2520 7th QTR NT2799 SP2750 Physical Networking Client-Server Networking II College Mathematics II Introduction to Programming Linux Networking Composition I Database Concepts Introduction to Information Security Composition II IP Networking Email and Web Services Communications Network Systems Administration Capstone Project Group Theory The follow diagram indicates how this course relates to other courses in the NSA program: 1 Date: 8/31/2012 Client-Server Networking I Syllabus NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420...

Words: 1834 - Pages: 8

Premium Essay

Nt2580 Unit 3 Assignment & Lab

...NT2580 Unit 3 Assignment & Lab Unit 3. Assignment 1 - Remote Access Control Policy Definition There are three key parts I will have to take into account while designing a Remote Access Control Policy for Richman Investments. These three parts (Identification, Authentication and Authorization) will not be all for the Remote Access Control Policy, I will need to include the appropriate access controls for systems, applications and data access. I will also need to include my justification for using the selected access controls for systems, applications and data access. The first part I need to implement for this Remote Access Control Policy is Identification, which is defined in this sense as: physical keys or cards, smart cards, and other physical devices that might be used to gain access to something. What needs to be done for the Remote Access Control Policy is a group member policy needs to be setup which uniquely identifies each user. Users should be identified by rank with higher ranking users requiring more authentication. Each individual user should be assigned to a group based on rank with special permissions. Using this system for Identification will make our company more secure in day to day operations. The second part I need to implement for this remote access control policy is Authentication, which is defined as: what you know or passwords, numeric keys, PIN numbers, secret questions and answers....

Words: 477 - Pages: 2

Premium Essay

Unit 5 Assignment 1 Testing and Monitoring Security Controls

...NT2580 Unit 5 Assignment 1 Testing and Monitoring Security Controls Jose J Delgado Testing and Monitoring Security Controls A few different types of security events and baseline anomalies that might indicate suspicious activity. Different traffic patterns or influx in bandwidth usage can be considered suspicious activity. Also, services changing port usage, in turn creating variations in normal patterns. All sudden increase in overall traffic. This may just mean that your web site has been mentioned on a popular news site, or it may mean that someone is up to no good. A sudden jump in the number of bad or malformed packets. Some routers collect packet-level statistics; you can also use a software network scanner to track them. Some routers collect packet-level statistics; you can also use a software network scanner to track them. Also large numbers of packets caught by your router or firewall's egress filters. Egress filters prevent spoofed packets from leaving your network, so if your filter is catching them you need to identify their source, because it is a clear sign that devices on your network have been compromised. Unscheduled reboots of server machines may sometimes signify that they are compromised as well. You should already be watching the event logs of your servers for failed logons and other security-related events....

Words: 524 - Pages: 3

Premium Essay

Nt2640

...The following diagrams indicate how this course relates to other courses in respective programs: Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1201 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming Technology Courses General Education/ General Studies 1 Date: 7/18/2011 IP Networking Syllabus Mobile Communications Technology MC2799 MCT Capstone Project NT2640 IP Networking MC2560 Mobile Wireless Communication I MC2660 Mobile Wireless Communication II MC2665 Mobile...

Words: 2573 - Pages: 11

Premium Essay

Nt 1210

...Associate Program in Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1210 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming...

Words: 4400 - Pages: 18

Premium Essay

Nt1210 Introduction to Networking Onsite Course

...Associate Program in Network Systems Administration NT2799 NSA Capstone Project NT2580 Introduction to Information Security NT2670 Email and Web Services NT2640 IP Networking PT2520 Database Concepts NT1330 Client-Server Networking II NT1230 Client-Server Networking I NT1430 Linux Networking PT1420 Introduction to Programming NT1110 Computer Structure and Logic NT1210 Introduction to Networking NT1310 Physical Networking CO2520 Communications SP2750 Group Theories EN1420 Composition II EN1320 Composition I GS1140 Problem Solving Theory GS1145 Strategies for the Technical Professional MA1210 College Mathematics I MA1310 College Mathematics II Networking Technology Courses Programming...

Words: 4400 - Pages: 18

Premium Essay

Nt2580 Unit 1

...NT2580-M1 Introduction to Information Security Unit 1: Information Systems Security Fundamentals 2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm) Student Name ___________________________________ Lesson Plan Theory (in class, Lab #2)……………………………..…………………..……...2 Reading  Kim and Solomon, Chapter 1: Information Systems Security. Objectives……………..………………….……………………………….2 Student Assignments for this Unit Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) Lab #1: Performing Network Reconnaissance using Common Tools Overview and access vLab..............................................................................................3 Part 1: Exploring the Tools used in the Virtual Lab Environment……………16 Unit 1 Assignment Match Risks/Threats to Solutions Part 2: Connecting to a Linux Machine …………………. .........................44 Unit 1 Assignment Impact of a Data Classification Standard Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59 Appendix A. SYLLABUS………………………………………………..……..………….69 B. Forgot your password?………………………………………………..……..73 Instructor: Yingsang “Louis” HO Tel: 425-241-8080 (cell), (206) 244-3300 (school) Email: yho@itt-tech.edu NT2580_2015_Summer_M1_UNIT1.doc Page 1 of 76 Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure....

Words: 3379 - Pages: 14

Premium Essay

Nothing

...| | | NT2799 | | | | | | | | NSA Capstone | | | | | | | Project | | | | | NT2580 | | | NT2670 | NT2640 | | PT2520 | | Introduction to | | | | | | | | | | | Email and Web | | | | | Information | | | | IP Networking | | Database Concepts | | | | | Services | | | | | Security | | | | | | | | | | | | | | | | NT1330 | | | NT1230 | NT1430 | | PT1420 | | Client-Server | | | Client-Server | | | Introduction to |...

Words: 10839 - Pages: 44