Premium Essay

Project Part 2 It Security

In: Computers and Technology

Submitted By cswain24
Words 953
Pages 4
Classification Description: Malicious Code and Activity

Task

Base on the premise that there is a mix of computers running Windows 2000, Windows XP, Windows Vista, Windows 7, and Mac OS X, you must research and devise a plan to thwart malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code.

Introduction

Malicious software is written with the intent to damage or infect the system of Richman Investment. Malicious code or software is a threat to any internet-connected device or computer. The main goal of the attack is to affect one of the three information security properties which are Confidentiality, Integrity, and Availability. Confidentiality is affected if the malicious software is successful at disclosing private information. Integrity is compromised if the malware can modify database records either immediately or over a period of time. Availability is affected if malware can erase or overwrite files or inflict considerable damage to storage media.

SSCP® Domain Affected
Malicious Code and Activity

This domain examines the types of Malicious Code and Activities that can threaten the confidentiality, integrity, and availability of a system or information. The SSCP is expected to be familiar with the various types of Malicious Code and know how to implement effective countermeasures to prevent malicious code from operating. The SSCP should also know how to detect, respond and recover from malicious activity on a system whether perpetrated by an internal or external entity and take steps to mitigate the risk of malicious activity.

Controls to Protect Against Malicious Code

Typical controls to protect against malicious code use technology, policies and procedures, and training, all applied…...

Similar Documents

Free Essay

Lab 7 Risk Management in It

...------------------------------------------------- Project Project Title Transforming to an E-Business Model Purpose This project provides you an opportunity to assume a specific role in a business situation. You then apply the competencies gained in this course to develop a solution for a business problem related to an organization’s transformation to an e-business model. Learning Objectives and Outcomes You will be able to: * Gain an overall understanding of an e-business transformation capitalizing on the advent of the Internet technologies and Web applications in a specific business situation. * Summarize your understanding of implementing social networking applications into an e-business model capitalizing on the advent of Internet technologies and Web applications in a specific business situation. * Summarize your understanding of identifying risks, threats, and vulnerabilities relating to Web and social networking applications in an e-business transformation. * Identify various weaknesses in Web site applications. * Understand the life cycle of software development and how security can fit into the model. * Identify the need for Payment Card Industry Data Security Standard (PCI DSS) compliance within an organization. * Identify various open source and proprietary tools used in Web application security assessment and vulnerability scanning. * Identify the available mobile communication devices and the security risks associated with each type of......

Words: 737 - Pages: 3

Premium Essay

Testy

...Purpose This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment. Required Source Information and Tools ------------------------------------------------- Web References: Links to Web references are subject to change without prior notice. These links were last verified on June 12, 2014. To complete the project, you will need the following: 1. Access to the Internet to perform research for the project * Microsoft Windows How-To, including: * Optimize Windows for Better Performance: http://windows.microsoft.com/en-us/windows/optimize-windows-better-performance - optimize-windows-better-performance=windows-7 * Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing: http://windows.microsoft.com/en-us/windows7/monitor-attempts-to-access-and-change-settings-on-your-computer * What Information Appears in Event Logs? http://windows.microsoft.com/en-us/windows/what-information-event-logs-event-viewer - 1TC=windows-7 2. Course textbook Learning Objectives and Outcomes You will: * Explain how to assess risks, threats, and vulnerabilities * Evaluate potential outcomes of a malware attack and exposure of confidential information * Evaluate information systems security countermeasures * Explain how system hardening relates to a company’s IT security policy framework * Analyze the......

Words: 1575 - Pages: 7

Premium Essay

Automated Cash Registers, Scanners, or Other Digital Devices.

...National ICT Strategy and Plan NICI - 2015 © No part of this document can be reproduced, stored in a retrieval system, or transmitted in any form or by any means - electronic, mechanical, photocopying, recording, or otherwise - without the permission of the Rwanda Ministry in charge of ICT in the Office of the President.   List of Acronyms AGAGE AISI AMIS ARTEL BNR BPO CD CERT COMESA CNS-ATM CS CSIRT CTC FWG DCRS EAPP EASSy EDPRS e-GOV EMIS EMR EQMS ERMS FMS FY GDP GIS GNI GNP GoR G2B G2C G2G HIV HLSC HRMS ICT ICT4D IDS IPAR IPS ISP ISPA ITU IXP JICA Advanced Global Atmospheric Gases Experiment African Information Society Initiative Agriculture management Information System Africa Rural Telecommunication Banque National du Rwanda Business Processing Outsourcing Community Development Computer Emergency Response Team Common Market for Eastern and Southern Africa Communication Navigation Surveillance /Air Management Cyber Security Computer Security Incident Response Team Coordination Technical Committee Focus area Working Group Develop a Digital Court Recording System East African Power Pool Eastern Africa Submarine Cable System Economic Development & Poverty Reduction Strategy (2008-2012) e-Government Education Management Information System Electronic Medical Records Electronic Queue Management System Electronic Records Management System Financial Management Systems Fiscal Year Gross......

Words: 28160 - Pages: 113

Premium Essay

Meow Investments Meow Documents

...Unit Plans Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and availability (CIA) concepts  Layered security solutions implemented for the seven domains of a typical IT infrastructure  Common threats for each of the seven domains  IT security policy framework  Impact of data classification standard on the seven domains Reading  Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work:  Data Classification Standard  Information System  Information Systems Security  Layered Security Solution  Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes  You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative......

Words: 1409 - Pages: 6

Premium Essay

Drew

...Syllabus NT2799 Network Systems Administration Capstone Project SYLLABUS Credit hours: 4.5 Contact hours: 56 (34 Theory, 22 Lab) Prerequisite(s): Completion of a minimum of 72 credits earned in the program of study including NT2640 IP Networking or equivalent. © ITT Educational Services, Inc. All Rights Reserved. -1- 13/01/2013 Network Systems Administration Capstone Project SYLLABUS COURSE SUMMARY COURSE DESCRIPTION This course provides an opportunity for students to work on a comprehensive project that includes the design, planning and implementation of a network solution for solving specific business problems. Common project management processes are applied to identify deliverables and outcomes of the project. MAJOR INSTRUCTIONAL AREAS 1. Project Management Techniques 2. A Fundamental Review of the Basics of Electronics in the AASNSA Program 3. Capstone Project 4. Research of Current and Emerging Technology COURSE OBJECTIVES 1. Apply important concepts of project management to the actual capstone project proposed for this course. 2. Use Microsoft Office Project to help plan and manage the actual capstone project. 3. Analyze the requirements for the capstone project. 4. Integrate and apply the knowledge acquired in the program to provide effective technological solutions for given problems. 5. Work in teams on a large-scope project. 6. Document solutions to a problem in......

Words: 7871 - Pages: 32

Premium Essay

Cyber Law

...Assignment 2 Chapter 3

 1. Name and Describe two (2) U.S. based compliance laws that exist. 
 Federal Information Security Management Act- This act was passed in 2002 as part of the title 3 of the E-Government Act. Its purpose is to ensure that federal agencies protect their data. It gives specific responsibilities for federal agencies. They are responsible for protecting the system and data, complying with all elements of FISMA and integrating security in all processes. Gramm-Leach Bliley Act also known as the Financial Services Modernization Act of 1999. This act protects your private financial information from being sold to other business. GLBA also offer protection against the practice of obtaining personal information through false pretenses. There are two parts that pertain to IT security which is Financial Privacy Rule which requires companies to notify there customers about there privacy practice and Safeguard rule which means a company must have a security plan in place to protect the consumer information. Sarbanes-Oxley Act- This act came into law in 2002 to regulate financial practice and corporate governance. This law is intended to hold board members and executives accountable for any financial data that is not accurate. These acts can be punishable by jail time or fines. 2. Discuss the levels of the CMMI process improvement approach. There are six levels in the CMMI process improvement approach beginning with level 0. Level 0...

Words: 641 - Pages: 3

Premium Essay

Capstone

...GROUP 2 PROJECT PART 1: DESIGNING A NETWORK PART 2: TYPES OF EQUIPMENT PART 3: PROTOCOL CHOICES PART 4: COMPANY PHONE SYSTEM PART 5: SECURITY PROPOSAL Project scenario: ABC Company with worldwide offices in the U.S. (San Francisco, Detroit, Washington, Indianapolis, and Tampa), Europe (Paris, Liverpool), Japan (Tokyo), and South America (Sao Paulo), is engaged in the development of audio and video special effects for the entertainment and advertising industry. The main design centers are in San Francisco, Detroit, Paris, Tokyo, and Sao Paulo. Corporate Headquarters are in San Francisco. The remaining offices are sales offices. Consider the company to operate on a 24x7 basis, because it is global. To meet the goals of this scenario, Group 2, made up of the members below, have been assigned the following tasks in designing a network structure for this project: 1. Sean Dillon: Project Manager, Contributor; Editor Parts 1, 2, 3, 4 and 5; Submitter. 2. Denzel Chatman: Project Contributor; Section 3. Parts 1, 2, 3, 4 and 5. 3. Christopher Foster: Project Contributor; Section 1-A. Part 1; Part 2; Part 3; Part 4; Part 5. 4. William Collado Cancel: Project Contributor; Section 1-E. Part 1; Part 2; Part 3; Part 4; Part 5; Microsoft Project Editor. 5. Alex Graves: Project Contributor; Section 1-B. Part 1; Part 2; Part 3; Part 4; Part 5. 6. Mark Fortune: Project Contributor; Section 1-C. Part......

Words: 10833 - Pages: 44

Premium Essay

Risk, Threats, and Vulnerabilties

...Purpose This project provides you an opportunity to analyze risks, threats, and vulnerabilities and apply countermeasures in the information systems environment. Required Source Information and Tools To complete the project, you will need the following: 1. Access to the Internet to perform research for the project * Microsoft Windows How-To, including: * Optimize Windows for Better Performance: http://windows.microsoft.com/en-us/windows/optimize-windows-better-performance - optimize-windows-better-performance=windows-7 * http://windows.microsoft.com/en-us/windows-8/improve-performance-optimizing-hard-drive 8.1 * http://www.makeuseof.com/tag/7-quick-tips-hacks-optimize-windows-10-experience/ win 10 * Monitor Attempts to Access and Change Settings On Your Computer / To Turn On Auditing: http://windows.microsoft.com/en-us/windows7/monitor-attempts-to-access-and-change-settings-on-your-computer * What Information Appears in Event Logs? http://windows.microsoft.com/en-us/windows/what-information-event-logs-event-viewer - 1TC=windows-7 2. Course textbook Learning Objectives and Outcomes You will: * Explain how to assess risks, threats, and vulnerabilities * Evaluate potential outcomes of a malware attack and exposure of confidential information * Evaluate information systems security countermeasures * Explain how system hardening relates to a company’s IT security policy framework ...

Words: 665 - Pages: 3

Free Essay

Proj-595

...Course Project Part 2 Course Project Part 2 Jezreel Wilson, Sadaf Mohiuddin, Anel Catic Community Tech Center 04/232015 Jezreel Wilson, Sadaf Mohiuddin, Anel Catic Community Tech Center 04/232015 Contents Introduction 2 Risk Management Planning 2 Scope 2 Statement of Work—Project Description and 3 WBS 5 Risk Identification 6 Negative Risks 6 Qualitative Risk Analysis 7 Positive Risks 7 Negative Risks 7 Risk Response Planning 7 Positive Risks 7 Negative Risks 9 Decision Tree Analysis 11 Discussion of Decision Tree 12 Event / Fault Tree Analysis 14 Discussin of Event / Fault Tree 15 Conclusion: 15 Works Cited 16 Introduction The available of technology, such as, computers, tablets, ebooks, and even Internet are absent in many households in America still. As of 2013, the Census Bureau suggested that “84% of U.S. households own a computer, and 73% of U.S. households have a computer with a broadband connection to the internet (Pew Research Center).” It also mentioned “63.6% having a handheld computer. (Census Bureau)” A survey by Pew Research Center confirmed those stats, as 70% reported they have broadband access. These numbers show that there is still a large number of Americans who don’t own a computer, nor have access to the Internet. “Nearly 25 million households (21%) have no regular internet access at all, either at home or elsewhere (Pew Research Center)...

Words: 5550 - Pages: 23

Premium Essay

Nt2580 Week 1

...West Cheyenne Avenue, Suite 600 North Las Vegas, Nevada 89032 NT2580 Introduction to Information Security Week 1, Unit 1 – Information Systems Security Fundamentals Class Plan Time Duration: This Class Period will be approximately 4 ¾ Hours in length. It will be divided 2 ¾ hours for Theory and 2 ½ hours for Lab. Content Covered: • Textbook o Chapter 1 - Information Systems Security Objectives: After completing this unit, the student should be able to: • Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts: ▪ Confidentiality, integrity, and availability (CIA) concepts ▪ Layered security solutions implemented for the seven domains of a typical IT infrastructure ▪ Common threats for each of the seven domains ▪ IT security policy framework ▪ Impact of data classification standard on the seven domains Materials: Week 1 PowerPoint Presentation Assignment Overview: Refer to Assignment 1: Match Risks/Threats to Solutions in the Graded Assignment Requirements section of this instructor guide. In this assignment, the students need to match common risks or threats within the seven domains of a typical IT infrastructure with the possible solutions or preventative actions. Use the hand out worksheet NT2580.U1.WS1.doc. Refer to Assignment 2: Impact of a Data Classification Standard, you must write a brief report on how the "Internal Use......

Words: 530 - Pages: 3

Premium Essay

Linux Security

...Applications Project Project Part 1 Task 1: Outline Security Policy This security policy is essential to the First World Bank Savings and Loan. It is used to break up the security plan not measurable, specific, and testable goals and objectives. This security policy would be used to provide all current and prospective customers online banking services while keeping the First World Saing bank competitive in the financial marketplace. This solution is also an imperative due to an estimated revenue of $100,0000,000 flowing in by virtue of online credit card transactions specific to banking and loan application based services. This security policy will go on to outline the specific regulations and legislation that are in agreement with the statutory compliance criteria. Below is a recommended view of the characteristics and components of the recommended security based policy. Taking up the stake of the performance, cost, and security of maintaining the Linux, and open source infrastructure will be within the premise of the defined roles and responsibilities. Annual cost savings are estimated to amount to $4,000,000 (approx) by virtue of implementation of this solution. The ‘C’-‘I’-‘A’ triad will be a crucial requirement fo the First World Savings Bank and translates to Confidentiality, Integrity and Availability respectively. Confidentiality aspect with reference to First World Savings Bank – Confidentiality refers to the principle that states that no part of the......

Words: 3404 - Pages: 14

Premium Essay

Is427: Unit 3 Assignment 2: It Security Compliance and Governance Gap Analysis Plan Outline

...IS427: Unit 3 Assignment 2: IT Security Compliance and Governance Gap Analysis Plan Outline Learning Objectives and Outcomes  You will learn about the process of performing an information technology (IT) security compliance and governance gap analysis. Assignment Requirements In this assignment, you will be given a Request for Proposal (RFP) that includes a current IT policy framework description and a complete technical description of what is needed. You are required to prepare a project plan that defines the tasks necessary to perform a security compliance and governance gap analysis. You should include tasks, resources, cost estimates, and time estimates in the project plan. You will be graded on your ability to break the IT security compliance and governance gap analysis process into manageable parts and then organize them into a project plan. Students who produce a project plan with task details for all necessary tasks in an IT security compliance and governance gap analysis should receive a full grade. Required Resources   RFP Worksheet: Project Plan IT Security Compliance and Governance Gap Analysis Submission Requirements     Format: Microsoft Word Font: Arial, Size 12, Double-Space Citation Style: Chicago Manual of Style Length: 1–2 pages Self-Assessment Checklist   I have prepared a project plan that defines the tasks necessary to perform a security compliance and governance gap analysis. I have included tasks, resources, cost estimates, and...

Words: 322 - Pages: 2

Premium Essay

Finance

...Business) Managerial Finance (ACCT 706) Semester Two, 2016 Assignment # 2 Due Date: Week 8, 03/05/16, 12.00 noon Weighting: 25% of the final grade Type: Individual Assignment Length: Approximately 2,000 – 3,000 words excluding appendices Submission: Students are expected to submit a hard copy of the assignment along with Arion generated barcoded assignment cover sheet in the drop box located in WF building (ground floor). All assignments should be submitted via turnitin and a turnitin report should accompany the assignment (Please note: Turnitin submission should precede physical submission and only the hardcopy will be marked). Penalty for late submissions: 10% of the mark obtained for each 24-hour delay including weekends. Page 1 of 6 QUESTION 1: VALUATION OF SHARES (35 MARKS) A. In the world of trendsetting fashion, instinct and marketing savvy are prerequisites to success. Jordan Ellis had both. During 2015, his international casual-wear company, Encore, rocketed to $300 million in sales after 10 years in business. His fashion line covered the young woman from head to toe with hats, sweaters, dresses, blouses, skirts, pants, sweatshirts, socks, and shoes. The Encore shops are now a standard feature in every town in New Zealand. Encore had made it. The company’s historical growth was so spectacular that no one could have predicted it. However, securities analysts speculated that Encore could not keep up the pace.......

Words: 1743 - Pages: 7

Premium Essay

Is3220 Project Part 1

...IS 3220 IT Infrastructure Security Project Part 1: Network Survey Project Part 2: Network Design Project Part 3: Network Security Plan ITT Technical Institute 8/4/15 Project Part 1: Network Survey Network Design and Plan Executive Summary: We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these problems could be mitigated by appropriate education in “hacker thinking” for technical staff. We will take a look at our security on routers and switches to make sure there are no leakages of data traffic. OBJECTIVE We have identified that we have loss some major accounts to competitors whose bids have been accurately just under our bid offers by exact amounts. We also believe due to shared reporting and public Web site functions that our Web servers have been compromised and our RFP documents have been leaked to competitors which enabled them to under bid us. We want to mitigate Web threats in the future; we realize the web is a mission critical business tool. We want to purchase new products and services, that will give us an edge and......

Words: 3355 - Pages: 14

Premium Essay

Master

...report is about the RFID project written for evaluation and implementation of project applicability for Officeworks Company. This RFID project for Officeworks is examined and finally decided for Officeworks. In this report, the background of both development of RFID and situation of the business case of Officeworks are given; team work and team roles are assigned as well as the project schedule is planned and executive; the following sections of analysis and solution are involved: team requirements, project scope and assumptions, project drivers and strategies as well as enabler, complementary and competing initiatives, strategic and economic benefit, investment requirements, outsourcing plan, and implementation roadmap. It is concluded that the RFID project is generally valuable and able to be implemented for Officeworks Company ranged stores. Some useful suggestion to successfully construct the RFID into Officeworks is also recommended. Based on the successful experience of Wal-Mart, the RFID is detailed analysed with suitable solutions given. To completely evaluate the project, the ROI model and vertical comparison are also used for the cost/benefit examinations. As the suggested implementation, implementing work flow with detailed sub-steps is developed as well. Table of Content 1. Introduction 1 1.1. Background of RFID 1 1.1.1. Definition and description of RFID 1 1.1.2. RFID technique and history 1 1.2. Background of Officeworks 1 1.3. Project Initiation 1 1.3.1.......

Words: 5982 - Pages: 24