Information Systems Security Essay

4584 words - 19 pages

Fundamentals of Information Systems Security

1E REVISED

38351_FMxx_ttlcp.indd 1

8/1/12 1:00 PM

38351_FMxx_ttlcp.indd 2

8/1/12 1:00 PM

Contents
Ethics and Code of Conduct Preface LAB #1 ix vii

Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)
Introduction Deliverables Hands-On Steps 1 1 3 14 15 2 Learning Objectives

1

Evaluation Criteria and Rubrics

LAB #1 ASSESSMENT WORKSHEET LAB #2

Perform a Vulnerability Assessment Scan Using Nessus
Introduction Deliverables Hands-On Steps 19 19 21 31 32 20 Learning Objectives

19

Evaluation Criteria and Rubrics

LAB #2 ASSESSMENT WORKSHEET LAB #3

Enable Windows Active Directory and User Access ...view middle of the document...

indd iv

8/1/12 12:48 PM

Contents
LAB #10

v Craft an Information Systems Security Policy
Introduction Deliverables Hands-On Steps 145 145 146 147 148 149 Learning Objectives and Outcomes

145

Evaluation Criteria and Rubrics

LAB #10 ASSESSMENT WORKSHEET

38351_FMxx.indd v

8/1/12 12:48 PM

38351_FMxx.indd vi

8/1/12 12:48 PM

Ethics and Code of Conduct
The material presented in this course is designed to give you a real-life look at the use of various tools and systems that are at the heart of every network security analyst’s daily responsibilities. Through use of this material, you will have access to software and techniques used every day by professionals. With this access come certain ethical responsibilities. The hardware, software, tools, and applications presented and used in this lab manual and/or the VSCL are intended to be used for instructional and educational purposes only. As a student in this course, you are not to use these tools, applications, or techniques on live production IT infrastructures inside or outside of your campus or organization. Under no circumstances are you permitted to use these tools, applications, or techniques on the production IT infrastructures and networks of other organizations. You are required to conform to your school or organization’s Code of Conduct and ethics policies during the use of this lab manual and any of the tools, applications, or techniques described within.

vii

38351_FMxx.indd vii

8/1/12 12:48 PM

38351_FMxx.indd viii

8/1/12 12:48 PM

Preface
Welcome! This lab manual is your step-by-step guide to completing the laboratory exercises for the Fundamentals of Information Systems Security course.

Virtual Security Cloud Lab (VSCL)
For most of the exercises in this lab manual, you will use the Virtual Security Cloud Lab (VSCL) resource.
Note:
The Virtual Security Cloud Lab requires use of either Windows Internet Explorer or Mozilla Firefox. The Virtual Security Cloud Lab does not support Google Chrome, Safari, or Opera at this time.

The VSCL is a collection of virtual resources including Windows and Linux servers, Cisco routers, and applications like Wireshark, FileZilla, and Nessus that will allow you to perform all of the tasks in this lab manual as if you were performing them in a live production environment. The heart of the VSCL is a Windows Workstation desktop configured to give you access to the tools and resources you need for each lab, without any special setup on your part. As noted in the following table, some of the exercises in this lab manual will be performed without using the VSCL. For detailed instructions on how to perform these exercises, please consult your syllabus or instructor.

How to Use This Lab Manual
This lab manual features step-by-step instructions for completing the following hands-on lab exercises:

VSCL
Yes Yes Yes Yes Yes No Yes Yes Yes No

LAB TITLE
Lab #1: Perform Reconnaissance and Probing...

Other Papers Like Information Systems Security

Cap Study Guide Essay

5295 words - 22 pages assessed at this stage. Federal agencies should apply the provisions of Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems, and FIPS 200, Minimum Security Requirements for Federal Information and Information Systems. These standards require agencies to categorize their information systems as low-impact, moderate-impact, or high-impact for the security objectives

Top 10 Laws of Security Essay

1706 words - 7 pages understand the environment deeply before reflecting such laws, in order to meet security goals aimed by the owners. 1 Introduction It is proven that analysis of a system the key factor for successful management. These systems are collection of functional and non-functional components that work inherently to meet the strategic objectives of the enterprise. For that, it is important to control relations and processes among such components

Chapter 1-Introduction to Information Security: Principles of Information Security

979 words - 4 pages available to those authorized to use it. 6. If the CIA triangle is incomplete, why is it so commonly used in security? The CIA triangle is still used because it addresses the major concerns with the vulnerability of information systems. 7. Describe the critical characteristics of information. How are they used in the study of computer security? Availability: Authorized users can access the information Accuracy: free from errors

Computer Security In Education

330 words - 2 pages Maintaining internet security is of the utmost importance to higher education systems. The majority of universities’ administrative, financial, and clinical systems are available through a campus-wide network (Rasmussen, 2011). This means that highly confidential documents, such as student’s personal information, medical records, and much more are housed on campus servers. This information is vulnerable to security threats and puts the

Chapter 1 Review Questions

870 words - 4 pages for? A. Confidentiality: Information should only be accessible to its intended recipients. B. Integrity: Information should arrive the same as it was sent. C. Availability: Information should be available to those authorized to use it. 6. If the C.I.A. triangle is incomplete, why is it so commonly used in security? A. The triangle would still be used because it addresses the major concerns with the vulnerability of information systems

Logical and Physical Security

1645 words - 7 pages CONVERGENCE OF LOGICAL AND PHYSICAL SECURITY SYSTEMS INTRODUCTION Up to now, majority of organizations have their physical and logical access systems operating as independent structures, with each being run by a totally separate department. The information technology security system, which controls access to information technology infrastructure including mail servers, the internet, database applications and web servers was managed by the

Herman Miller

884 words - 4 pages because they share the common vulnerabilities with the traditional information technology (IT) systems. Also, most SCADA systems are not protected with appropriate security safeguards. The operating personal is lacking the security training and awareness. But we are not aware that threats against SCADA systems are ranked high in the list of government concerns. All the time, threats are often poorly understood and ignored, and the vast majority of

It Audit Guide

4838 words - 20 pages . Information Security Documentation 17 6.4. Information Security Monitoring 20 6.5. Cyber Security Incidents 22 6.6. Physical & Environmental Security 24 6.7. Personnel Security for Information Systems 26 6.8. Product & Media Security 27 6.9. Software, Network & Cryptographic Security 30 6.10. Access Control & Working Off-site Security 33 Appendix A – Accreditation Governance 36 The ISM & Certification 36 Compliance

Cmgt400 Week 4 Individual

1359 words - 6 pages maintain confidentiality. The importance of policies and standards for maintaining information systems security The security goals and policies of an organization are best implemented by the organization’s management through their ability to create an effective work environment for the employees. Information security policies are often the most difficult to implement yet they are the least expensive means of control. Whitman (2011

Information Security

988 words - 4 pages factors that are comprehensively adequate in solving the above human acts in regard to information security. These factors include usability and short cuts. Information technology involves certain complex processes that require strict adherence by users of information technology systems. The complexity of these systems makes them to be difficult for human beings to easily operate. Owing to these complexities, most users tend to develop shortcuts in

Linux Security

448 words - 2 pages and improving security. • security policy; • organization of information security; • asset management; • human resources security; • physical and environmental security; • communications and operations management; • access control; • information systems acquisition, development and maintenance; • information security incident management; • business continuity management; • Compliance. ISO/IEC 27001 is an internationally

Related Essays

Principles Of Information Systems Security Essay

923 words - 4 pages As an Information Security Engineer for a large multi-international corporation, that has just suffered multiple security breaches that have threatened customers' trust in the fact that their confidential data and financial assets such as Credit-card information; one must implement security measures that will protect the network through a vulnerable wireless connection within the organization, while also providing a security plan that will

: Ab #1 Fundamentals Of Information Systems Security

661 words - 3 pages Assessment Worksheet 15 1 Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Using Zenmap GUI (Nmap) LAb #1 – ASSESSMENT WORKSHEET Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Course Name and Number: Fundamentals of Information Security Lab due date: Overview Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the

Introduction To Information Security Student Essay

1249 words - 5 pages straightforward process composed predominantly of physical security and simple document classification schemes. The primary threats to security were physical theft of equipment, espionage against the products of the systems, and sabotage. The History of Information Security One of the first documented security problems that fell outside these categories occurred in the early 1960s, when a systems administrator was working on an MOTD (message

Military Information Systems Essay

652 words - 3 pages Military Information Systems Assignment 4 SEC 305 ~ Computer Security July 27, 2014 Attack on a military information system This section provides the details about attack on a military information system. Here, hackers had attacked on military information system which can reinforce the conventional military operations and many forms of information welfare. The critical military information systems are supposed to design with