This website uses cookies to ensure you have the best experience. Learn more

Multi Layered Security Plan Essay

828 words - 4 pages

Earlier today, I was instructed to create a general purpose outline for our company’s multi-layered security plan. There are seven (7) domains in a typical IT infrastructure: User Domain, Workstation Domain, LAN Domain, LAN-to-WAN Domain, WAN Domain, Remote Access Domain, and System/Application Domain. Each domain has their own unique risks, threats, and vulnerabilities that need to be mitigated in order to ensure our company’s security.
In the User Domain the first thing that should be done is create an acceptable use policy (AUP). An AUP defines what users are allowed to do with organization-owned IT assets. Violation of the terms defined in the AUP can be grounds for dismissal. We will ...view middle of the document...

The next domain is the LAN Domain, which consists of two (2) parts, physical and logical. Make sure wiring closets, data centers, and computer rooms are secure. We do not want unauthorized access to the LAN so me must defines strict access control policies and procedures. Use WLAN network keys that require a password for wireless access. We must also implement encryption between workstation and WAP to maintain confidentiality.
Connecting to the internet is opens up a lot of back doors for cybercriminals and most internet traffic is clear text which means it’s visible to anyone. In the LAN-to-WAN Domain, local users can download unknown file type attachments from unknown sources so we must apply file transfer monitoring, scanning, and alarming for unknown file types from unknown sources. We must enforce Richman Investment’s Internal Use Only data classification standard through a multitude of efforts including applying strict security monitoring controls for intrusion detection and prevention.
The WAN Domain represents the 5th component in the IT infrastructure which is the second most complex area to secure. Use encryption and VPN tunnels for end-to-end secure IP communications. When traveling over the internet data may be corrupted for multiple reasons, therefore we must backup and store data in an off-site data center with tested recovery features. Also, scan all email attachments for type, antivirus, and malicious software. The system must also isolate and quarantine unknown file types for further security review.
The Remote Access Domain connects...

Other Papers Like Multi-Layered Security Plan

Unit 6 Assignment 6.3

602 words - 3 pages Managing Microsoft Account and File Systems Access Controls In order to truly protect a company’s’ data, a multi-layered security approach using access controls must be developed and utilized keeping in mind that data has two states that has to be protected equally; data at rest (DAR) and data in motion (DIM). When securing DAR on a file system whole disk encryption is an essential first step followed by physical security (backups

None Essay

5555 words - 23 pages need the following: 1. Access to the Internet to perform research for the project 2. Course textbook 3. (ISC)2 SSCP® Common Body of Knowledge available in the SSCP® Candidate Information Bulletin Project Logistics The project is divided into one smaller and one major assignment as per the details below: Activity Name | Assigned | Due By | % Grade | Project Part 1. Multi-Layered Security Plan | Unit 1 | Unit 2 | 6 | Project

Is404 Week 1 Lab

1109 words - 5 pages Policy Objects will also be created and linked to Objects within the domain to enforce security settings. Lab Assessment Questions & Answers 1. What does DACL stand for and what does it mean? Discretionary access control List (DACL) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong

Itt 255 Lab 6

3922 words - 16 pages ) Match Risks/Threats to Solutions Impact of a Data Classification Standard Conduct a Vulnerability Assessment Scan Using Nessus® Project Part 1: Multi-Layered Security Plan† Calculate the Window of Vulnerability Microsoft Environment Analysis Enable Windows Active Directory and User Access Controls Access Control Models Remote Access Control Policy Definition 2 1 Information Systems Security Fundamentals 1.2 1 1.3 1 Lab 2.1

Ch1 Comp Security

2308 words - 10 pages REF: 20 18. A(n) ____ is a written statement of the organization’s purpose. a.|vision|c.|framework| b.|strategic plan|d.|mission| ANS: D PTS: 1 REF: 21 19. An enterprise information security policy (EISP) is also known as a(n) ____. a.|issue-specific security policy|c.|systems-specific security policy| b.|general security policy|d.|strategic planning policy| ANS: B PTS: 1 REF: 21 20. There are two general methods for

Week 7 Project Paper

3453 words - 14 pages a solid network security plan. A reactive strategy plan is something that should be set in place for after an attack happens. This is to help assess the damage that has been done by the attacker, how to recover and continue on from the attack, and how to prevent it in the future. In case an attack does happen it is a good rule of thumb to do a complete security scan of potentially infected or destroyed files, and to recover the originals from a

Is4550 Week 5 Lab

1642 words - 7 pages definition * Align IT security policies throughout the 7 domains of a typical IT infrastructure as part of a layered security strategy * Identify gaps in the IT security policy framework definition * Recommend other IT security policies that can help mitigate all known risks, threats, and vulnerabilities throughout the 7 domains of a typical IT infrastructure Week 5 Lab Part 1: Assessment Worksheet (PART A) Sample IT Security

Looking Toward the Future

1196 words - 5 pages life. Reaching my educational goals will not only help me with my current career in the military, but it will also set up a job when I complete my military career. In the article achieving student-learning outcomes and agency goals through a multi-layered campus-community partnership, it states "In these times of increased accountability, dwindling resources, budget cuts, and widespread unemployment, stakeholders expect colleges and universities


2068 words - 9 pages enhanced management tools such as Sherpa Tools, the #1 ranked admin tool in the Google Apps Marketplace. Security: Office is a hybrid cloud. Information is stored in data centers and on local Google Apps offers a true cloud model, and with this model comes the inherent security of the cloud. Google’s multi-layered security strategy keeps information safe at each stage of data storage, access and transfer. Data will never be lost because a user’s

Social Engineering

2257 words - 10 pages (Dunn, 2013), how organizations should go about solving potential security breaches requires a multi-faceted approach. Information security professionals and management should start with risk assessment exercises where ownership and classification of data is discussed and agreed upon. Sensitivity levels for each type of data should also be determined. Organizations can then decide how much to spend to secure their data depending upon the level

Ddos Attack

682 words - 3 pages to prevent the use of password sniffers. Have a Disaster Recovery Plan This plan should be created and reviewed annually by the Network Security Team. Make the plan available on-demand to all team members. All staff should have be well educated on the plan and their individual role. Incorporate a response and a restoration plan for the incident. A review session after every incident is important to establish lessons learned. Scheduled drills

Related Essays

Dns Server Essay

1474 words - 6 pages details below: Activity Name | Assigned | Due By | % Grade | Project Part 1. Multi-Layered Security Plan | Unit 1 | Unit 2 | 6 | Project Part 2. Student SSCP® Domain Research Paper | Unit 2 | Unit 11 | 15 | Deliverables Project Part 1 Multi-Layered Security Plan Introduction The components that make up cyberspace are not automatically secure. This includes cabling, physical networks, operating systems, and software

Intro To Info Security Project Part 1

750 words - 3 pages plan outline. (n.d.). StudyMode. Retrieved March 27, 2014, from Step-by-Step Guide to Using the Security Configuration Tool Set. (n.d.). Step-by-Step Guide to Using the Security Configuration Tool Set. Retrieved March 27, 2014, from StillSecureT. (n.d.). Retrieved March 20, 2014, from http


874 words - 4 pages (Oppenheimer, 2010). To safeguard the network, you should define multi-layered strategies and advance techniques that deliver security protection in depth. References Darb, D. (2010, February 1). New Books. Retrieved May 12, 2015, from Loveland, G. (2009, February 1). How to Design a Security Strategy (and Why You Must). Retrieved May 12, 2015, from

Case Study 2

565 words - 3 pages ” or biometrics (Baltzan, 2012). Some multi-factor authentication technologies include security tokens (hard or soft), mobile authentication (including digital certificates), and biometric means (finger print, facial recognition) (Rouse, n.d.). 2. What can organizations do to protect themselves from hackers looking to steal account data? In order to protect themselves and account data from hackers, organizations should, first, ensure that