Graded Assignments Essay

You go away learn how to match super acid risks or threats within the seven domains of a typical IT root with events and prophylactic actions.Assignment RequirementsThis is a matching activity. You go away receive the Match Risks/Threats to Solutions worksheet, which contains a numbered list of common risks and threats found in a typical IT infrastructure. You must enter the letter for the correct solution or observeative action in the blank to the upright of distributively risk or threat.InstructionsYou are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to draw off those risks and threats are listed.Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat.Risks or threats1. Violation of a protection policy by a userc________2. Disgruntled employee sabotagei________3. Download of non-business videos use thea________Internet to an employer-owned computer4. Malware infection of a users laptopl________5. Unauthorized physical access to the local area networkn________6. LAN server operating system vulnerabilitiesf________7. Download of alien read types from unknown sources by local usersb________8. Errors and weaknesses of vane router, firew either, and network h________appliance configuration filem________9. gruesome eavesdropping10. WAN Denial of Service (DoS) or Distributed Denial ofd________Service (DDoS) attacks11. secret selective information compromised remotelyk________12. Mobile worker token stoleng________13. Corrupt or lost selective informatione________14. Downtime of customer databasej________ ITT Educational Services, Inc.All Rights Reserved.-2-02/12/2012NT2580 Introduction to Information Securitybookman COPY Graded Assignment RequirementsSolutions or preventative actionsA. Enable gist filtering and antivirus s faecal matterning at the entry and exit points of t he Internet. Enable workstation auto-s masss and auto-quarantinefor unknown file types.B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.C. mark employee on probation, review unexceptionable use policy (AUP) and employee manual, and discuss spot during performance reviews.D. Apply filters on exterior Internet Protocol (IP) stateful firew exclusivelys and IP router WAN interfaces.E. Implement daily data backups and off-site data retentivity for monthly data archiving. Define data recovery procedures based on defined Recovery Time Objectives (RTOs).F. Define vulnerability window policies, standards, procedures, and guidelines. bear on LAN domain vulnerability assessments.G. Apply real-time lockout procedures.H. Define a strict zero-day vulnerability window definition. Update devices with warrantor fixes and software patches right away.I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.J. perplex a disaster recovery plan (DRP) specific to the recovery of mission-critical applications and data to book operations.K. Encrypt all confidential data in the database or hard drive. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus aegis solution that scans and updates individual workstations with right protection.M. Use encryption and virtual close network (VPN) tunneling for secure IP communications.N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials.Assignment RequirementsYou are a networking intern at Richman Investments, a mid-level pecuniary investment and consulting firm. Your supervisor has asked you to draft a brief name that describes the internecine Use Only data classification standard of Richman Investments. Writ e this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the Internal Use Only data classification standard. Your report exit become part of an executive summary to senior management.User playing area is where only one user forget have access to it. This can be configured to internal use only. By default, the IT department tries to prolong a certain level of Security for this, so that nobody can accessfrom the outside, only the IT Department can grant access perquisite for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to.Also, any user on the company is responsible for the security of the environment. Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in o rder to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network.The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as surface as logical elements as designated by authorized personnel. It requires strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain.The biggest threat to the LAN domain is Un-authorized access to anything (the LAN, the syst ems, & the data) on the network. One thing we can do is requiring strict security protocols for this domain, such as disabling all extraneous access ports for the workstation. This would prevent any user within the company from bringing an external jump drive, and connecting it to the workstations. This way, we can control company intellectual property, and prevent viruses on the LAN network.