You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions.
This is a matching activity. You will receive the Match Risks/Threats to Solutions worksheet, which contains a numbered list of common risks and threats found in a typical IT infrastructure. You must enter the letter for the correct solution or preventative action in the blank to the right of each risk or threat.
You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed.
Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat.
Risks or threats:
1. Violation of a security policy by a user
2. Disgruntled employee sabotage
3. Download of non-business videos using the
Internet to an employer-owned computer
4. Malware infection of a user’s laptop
5. Unauthorized physical access to the LAN
6. LAN server operating system vulnerabilities
7. Download of unknown file types from unknown sources by local users
8. Errors and weaknesses of network router, firewall, and network h
appliance configuration file
9. WAN eavesdropping
10. WAN Denial of Service (DoS) or Distributed Denial of
Service (DDoS) attacks
11. Confidential data compromised remotely
12. Mobile worker token stolen
13. Corrupt or lost data
14. Downtime of customer database
© ITT Educational Services, Inc.
All Rights Reserved.
NT2580 Introduction to Information Security
STUDENT COPY: Graded Assignment Requirements
Solutions or preventative actions:
A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.
B. Apply file transfer monitoring, scanning, and alarming for unknown file types and sources.
C. Place employee on probation, review acceptable use policy (AUP) and employee manual, and discuss status during performance reviews.
D. Apply filters on exterior Internet Protocol (IP) stateful firewalls and IP router WAN interfaces.
E. Implement daily data backups and off-site data storage for monthly data archiving. Define data recovery procedures based on defined Recovery Time Objectives (RTOs).
F. Define vulnerability window policies, standards, procedures, and guidelines. Conduct LAN domain vulnerability assessments.
G. Apply real-time lockout procedures.
H. Define a strict zero-day vulnerability window definition. Update devices with security fixes and software patches right away.
I. Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
J. Develop a disaster recovery plan (DRP) specific to the recovery of mission-critical applications and data to maintain operations.
K. Encrypt all confidential data in the database or hard drive. L. Use workstation antivirus and malicious code policies, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection.
M. Use encryption and virtual private network (VPN) tunneling for secure IP communications.
N. Make sure wiring closets, data centers, and computer rooms are secure. Provide no access without proper credentials.
You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management.
User Domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to.
Also, every user on the company is responsible for the security of the environment. Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network.
The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel. It requires strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain.
The biggest threat to the LAN domain is Un-authorized access to anything (the LAN, the systems, & the data) on the network. One thing we can do is requiring strict security protocols for this domain, such as disabling all external access ports for the workstation. This would prevent any user within the company from bringing an external jump drive, and connecting it to the workstations. This way, we can control company intellectual property, and prevent viruses on the LAN network.