Nt2580 Unit 5.1

In: Computers and Technology

Submitted By caniacjay
Words 265
Pages 2
NT2580 Unit 5.1 James Ward
Security Events
Authentication failures and unauthorized access attempts can be found in the log files. They contain complete records of all security events (logon events, resource access, attempted violations of policy, and changes in system configuration or policies) and critical system events (service/daemon start/stop, errors generated, system warnings) that can allow an admin to quickly discover the root cause of any issues.
A sudden increase in traffic can indicate that either your web site has been mentioned on a popular news site and people are checking it out, or it may mean that someone is up to no good.

Security breaches
Removable storage devices that might contain malware, filtered only when passing through the network could be a problem. Solution: Limiting the privileges of users adapted to the duties assigned to the individual. Making it clear that no removable storage devices are to be brought into the network under no circumstance unless necessary and properly screened first.
Passwords that meet security requirements but remain easily guessable are a hazard and could affect a network. Solution: Implementing a change of password every so often. Implement the strategy that requires a combination of letters and numbers, and a minimum of a 30 day password renewal policy.
Information on a laptop that is not encrypted would be a huge security issue. It would be likely that there would be some sort of damage in the event of “falling into the wrong hands.” Solution: To prevent this from happening it is important to encrypt the drives and other sensitive…...

Similar Documents

Nt2580 Unit 4

...Unit 4 assignment 1 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman investments's network from any host. These standards are designed to minimize the potential exposure to Richman investments from damages which may result from unauthorized use of Richman investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman investments internal systems, etc. 2.0 Scope This policy applies to all Richman investments employees, contractors, vendors and agents with a Richman investments-owned or personally-owned computer or workstation used to connect to the Richman investments network. This policy applies to remote access connections used to do work on behalf of Richman investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman investments employees, contractors, vendors and agents with remote access privileges to Richman investments's corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman investments. 2. General access to the Internet for recreational use by immediate household members through the......

Words: 723 - Pages: 3

Nt2580 Unit 1

...Unit 1 Match Risks/Threats to Solutions 1. Violation of a security policy by a user C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews. 2. Disgruntled employee sabotage I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business video using the Internet to an employer-owned computer A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types. 4. Malware infection of a user’s laptop L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN N. make sure wiring closets, data centers, and computer room are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments. 7. Download of unknown file types from unknown sources to local users B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources. 8. Errors...

Words: 373 - Pages: 2

Nt2580 Unit 1

...NT2580 Unit 1 Assignment 1 Multiple Choice 1. Violation of a security policy by a user. C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews. 2. Disgruntled employee sabotage. I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the internet to an employer-owned computer. A. Enable content filtering and antivirus scanning at the entry and exit points of the internet. Enable workstation auto-scans and auto-quarantine for unknown file types. 4. Malware infection of a user’s laptop. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN. N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities. F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments. 7. Download of unknown file types from unknown sources by local users. B. Apply file transfer monitoring, scanning, and alarming for unknown......

Words: 366 - Pages: 2

Itt Nt2580 Unit 5

...Unit 5 Assignment 1: Testing and Monitoring Security Controls Learning Objectives and Outcomes * You will learn to recognize security events and baseline anomalies that might indicate suspicious activity. * You will learn to identify policy violations and security breaches and to appropriately monitor threats and control activity across the network. Assignment Requirements Refer to the handout Testing and Monitoring Security Controls. It contains information on security events or breaches and baseline anomalies. After studying the handout, answer the following questions: * Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. * Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities. Required Resources Worksheet: Testing and Monitoring Security Controls (attached) Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Length: 1–2 pages * Due By: Unit 6 Self-Assessment Checklist * I have identified at least two security events and baseline anomalies. * I have indicated the best options for controlling and monitoring three of the policy violations and security breaches from the list. * I have identified the methods to mitigate risk and to...

Words: 1036 - Pages: 5

Unit 5 Nt2580

...Unit 5 Assignment: Acceptable Use Policy (AUP) Definition The Richman”s Investment Group updated (AUP) Acceptable Use Policy for January 2014 for both acceptable and unacceptable use of the Internet use operated or owned by Richman’s Investment. Any violations in this agreement policy may result in disciplinary and/or legal action. Penalties can range from immediate termination of employment to imprisonment with fines. Internet Usage • Any and all employees of Richman’s Investment are encouraged to use the internet where such use is needed and is in stride to goals and objectives of the business of Richman’s Investments. • The equipment and services belong to Richman’s Investments and there reserve the right to monitor any or all internet traffic including emails and any data sent or received. • Using Richman’s Investment hardware, software and or internet to hack into unauthorized websites is strictly prohibited. • The use of any and all bit torrent software or sites is not allowed on any network, owned or operated by Richman’s Investment do to its high risk of abuse and or misuse. • No viewing or distributing of inappropriate material on the internet owned or operated by Richman’s Investments and will result in termination of employment. • Any and all downloads done off of the internet must be scanned before opening or accessing (NO ACCECPTIONS). • Using Richman’s Investments hardware, software and or internet to form and sort of fraud, and/or software, film or......

Words: 323 - Pages: 2

Unit 5 Lab 5.1

...Nicholas Culp PT1420: Introduction to Programming Unit 2 Research Assignment 1 1. What are the variable naming rules of Visual Basic, Python, and Java? Visual Basic: You must use a letter as the first character. You can't use a space, period (.), exclamation mark (!), or the characters @, &, $, # in the name. Name can't exceed 255 characters in length. Generally, you shouldn't use any names that are the same as the functions, statements and methods in Visual Basic. You end up shadowing the same keywords in the language. To use an intrinsic language function, statement, or method that conflicts with an assigned name, you must explicitly identify it. Python: Must begin with a letter (a - z, A - B) or underscore (_) Other characters can be letters, numbers or _ Case Sensitive Can be any (reasonable) length There are some reserved words, which you cannot use as a variable name because Python uses them for other things. Java: All variable names must begin with a letter of the alphabet, an underscore, or ( _ ), or a dollar sign ($). The convention is to always use a letter of the alphabet. The dollar sign and the underscore are discouraged. After the first initial letter, variable names may also contain letters and the digits 0 to 9. No spaces or special characters are allowed. The name can be of any length. Uppercase characters are distinct from lowercase characters. Using ALL uppercase letters are primarily used to identify constant......

Words: 318 - Pages: 2

Nt2580 Unit 6 Assign 1

...JO STARNES, NT2580, UNIT 2 CALCULATING THE WINDOW OF VULNERABILITY The window of vulnerability is the amount of time the systems defense measures are compromised, minimized, or eliminated. This is when the system is most likely to be at risk, and can be affected by malicious attacks. It is not stated as what day the server software detected the attack on the SMB server. It only states that it was detected the day before. So from day one, these are the steps we will need to take to get the SMB server back up and running properly and safely, as well as the amount of time it will take for us to solve the issue: Day 1 - The software company will release a patch for this attack in three days. Day 4 – We will receive the patch, and we need to install and test the patch, this will take at least five days. Day 9 – After installation and testing is completed; we will send the update to the entire company’s network devices. As soon as all the updates are sent out to all the devices, they will need to be rebooted in order for the patch to take effect. We can send out a message to all devices to insure this happens. This could take a day or two to complete. This could all be completed as early as 10 days if there are no issues during the process, however problems may arise and it could possibly take a day or two more. I hope that this is helpful and we will start immediately on the problem. It is of upmost importance that you have team members monitoring the server at all times......

Words: 310 - Pages: 2

Nt2580 Unit 10

...Unit 10: Assignment 1. A company like Microsoft would have to back up everything on the server. Having a full backup is necessary for Microsoft because of the software and tools they provide for computers and for the financial department for payment plans. They would be required to have a full rotation of data. Microsoft would need roughly 15 data sets. They would be required to backup any search history, email history and file history; which will be dependent on the client. The data should be taken offsite on a daily basis. Sometimes, depending on the amount of data being backed up, the data should be taken twice a day for a company so big. If the current set in the server room were to be destroyed, a lot of data would lost (Too much to try and calculate). The most amount of time the server could be down could be at least 24 hours, maybe even longer. The most amount of data that could be saved by paper backup, would be roughly 2%, everything is done electronically now so 2% seems like a fair estimate. To fully restore a server from Microsoft, it could take a few days or a few weeks. Depending on if the company does a Data restore on a daily basis and how much they restore. To test any restore, you would perform a Data Recovery Restore on a daily basis to ensure that the backup restore is functioning properly. The backup media will be tested for corruption. The procedures for testing and verifying the backup media is the same. Do a data restore on a......

Words: 373 - Pages: 2

Nt2580 Unit 4 Assignment 2

...Dallas Page July 17, 2015 Unit 4 Assignment 2 NT2580 Acceptable Use Policy Definition 1. Overview To protect the integrity, confidentiality and accessibility along with the safety of our clientele and employees it is necessary that a precise set of standards must be defined for anyone who utilizes the electronic devices to access information via the internet. Richman Investments is committed to protecting employees, partners and the company from illegal or destructive actions whether knowingly or unknowingly. Internet or Intranet related systems, including but not limited to the World Wide Web, storage media, operating systems, network accounts and electronic mail are intended to be used for business pertaining to Richman Investments. It is the responsibility of each electronic device user to know the guidelines of the Acceptable Use Policy and to adhere to the Acceptable Use Policy of Richman Investments. 2. Purpose To outline and give a clear precise definition of what is and what isn’t acceptable when using the property of Richman Investments. Property including but not limited to computers, internet service, email service, storage media, operating systems or network accounts. Inappropriate use of either of the aforementioned exposes Richman Investments to legal liability and/or risks of damage to company hardware and/or software. 3. Scope The Acceptable Use Policy applies to all employees, contractors, clients, visitors and partners to...

Words: 689 - Pages: 3

Nt2580 Unit 1

...NT2580-M1 Introduction to Information Security Unit 1: Information Systems Security Fundamentals 2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm) Student Name ___________________________________ Lesson Plan Theory (in class, Lab #2)……………………………..…………………..……...2 Reading  Kim and Solomon, Chapter 1: Information Systems Security. Objectives……………..………………….……………………………….2 Student Assignments for this Unit Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) Lab #1: Performing Network Reconnaissance using Common Tools Overview and access vLab..............................................................................................3 Part 1: Exploring the Tools used in the Virtual Lab Environment……………16 Unit 1 Assignment Match Risks/Threats to Solutions Part 2: Connecting to a Linux Machine …………………. .........................44 Unit 1 Assignment Impact of a Data Classification Standard Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59 Appendix A. SYLLABUS………………………………………………..……..………….69 B. Forgot your password?………………………………………………..……..73 Instructor: Yingsang “Louis” HO Tel: 425-241-8080 (cell), (206) 244-3300 (school) Email: yho@itt-tech.edu NT2580_2015_Summer_M1_UNIT1.doc Page 1 of 76 Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and......

Words: 3379 - Pages: 14

Nt2580 Unit 1 Assignment 2

...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system.   * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation......

Words: 508 - Pages: 3

Nt2580 Unit 1 Assignment 1

...NT2580 Information Security Sonja Moskal Unit 1 Assignment 1 Worksheet: Match Risk/Threats to Solutions F. Mohamed 1. Violation of a security policy by a user C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance review. 2. Disgruntled employee sabotage. I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance. 3. Download of non-business videos using the Internet to an employer owned computer. A. Enable content filtering and antivirus scanning at the entry and exit points of the internet. Enable workstation auto-scans and auto-quarantine for unknown files. 4. Malware infections of a user’s computer. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 5. Unauthorized physical access to the LAN. N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials. 6. LAN server operating system vulnerabilities. F. Define vulnerability window policies, procedures, and guidelines. Conduct LAN domain vulnerability assessment. 7. Download of unknown file types from unknown sources by local users. B.......

Words: 380 - Pages: 2

Unit 5 Nt2580

...Tyler Hopkins 10/14/15 Unit 5 testing and monitoring security controls The Two popular types of security events that might indicate suspicious activity are Authentication Failures, and Unauthorized Access Attempts. Most times you will get this when you have failure due to device denying connection or incorrect password being entered in. Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that they may investigate the reason. These alerts can help stop hackers from gaining access to a secure or confidential system. Many secure systems may also lock an account that has had too many failed login attempts. When it comes to baseline anomalies that might indicate suspicious activity Network Abuse and Employees are downloading unauthorized material. That is why there are many policies out there to monitor the network abuse and employee abuse of unauthorized material. -Predictable passwords meet minimum length requirements but remain easily guessable. The solution to this problem is simple. You set a guideline for passwords for your employees to make it contain a set number of characters and numbers. And the passwords have to be changed every 30 days. -Sensitive laptop data is unencrypted and susceptible to physical theft. The solution to this problem is to encrypt all files and drives and sensitive info to make sure if it falls into the wrong hands they will not be able to destroy it. -A user made unauthorized use of......

Words: 264 - Pages: 2

Nt2580 Unit 4 Assignment 1

...Nt2580 Unit 4 Unit 4 assignment 1 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman investments's network from any host. These standards are designed to minimize the potential exposure to Richman investments from damages which may result from unauthorized use of Richman investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman investments internal systems, etc. 2.0 Scope This policy applies to all Richman investments employees, contractors, vendors and agents with a Richman investments-owned or personally-owned computer or workstation used to connect to the Richman investments network. This policy applies to remote access connections used to do work on behalf of Richman investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman investments employees, contractors, vendors and agents with remote access privileges to Richman investments's corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman investments. 2. General access to the Internet for recreational use by immediate household......

Words: 300 - Pages: 2

Nt2580 Unit 3 Assignment & Lab

...NT2580 Unit 3 Assignment & Lab Unit 3. Assignment 1 - Remote Access Control Policy Definition There are three key parts I will have to take into account while designing a Remote Access Control Policy for Richman Investments. These three parts (Identification, Authentication and Authorization) will not be all for the Remote Access Control Policy, I will need to include the appropriate access controls for systems, applications and data access. I will also need to include my justification for using the selected access controls for systems, applications and data access. The first part I need to implement for this Remote Access Control Policy is Identification, which is defined in this sense as: physical keys or cards, smart cards, and other physical devices that might be used to gain access to something. What needs to be done for the Remote Access Control Policy is a group member policy needs to be setup which uniquely identifies each user. Users should be identified by rank with higher ranking users requiring more authentication. Each individual user should be assigned to a group based on rank with special permissions. Using this system for Identification will make our company more secure in day to day operations. The second part I need to implement for this remote access control policy is Authentication, which is defined as: what you know or passwords, numeric keys, PIN numbers, secret questions and answers. For remote access, there must......

Words: 477 - Pages: 2

Nanaka 6/17 | Black Earth Rising | GabrieleMor