Nt2580 Project Part 2

In: Computers and Technology

Submitted By torch01
Words 1949
Pages 8
Purpose - This policy defines the security configurations users and Information Technology (IT) administrators are required to implement in order to ensure the integrity, availability, and confidentially of the network environment of Richmond Investments(R.I). It serves as the central policy document with which all employees and contractors must be familiar, and defines regulations that all users must follow. The policy provides IT managers within R.I. with policies and guidelines concerning the acceptable use of R.I. technology equipment, e-mail, Internet connections, network resources, and information processing.
The policies and restrictions defined in this document shall apply to all network infrastructures and any other hardware, software, and data transmission mechanisms. This policy must be adhered to by all R.I. employees, temporary workers and by vendors and contractors working with R.I.
Scope- This policy document defines the common security requirements for all R.I. personnel and systems that create, maintain, store, access, process or transmit information. This policy also applies to information resources owned by others, such as vendors or contractors of R.I., in cases where R.I. has a legal obligation to protect resources while in R.I. possession. This policy covers all of R.I. network systems which are comprised of various hardware, software, communication equipment and other devices designed to assist the R.I. in the creation, storage, processing, and transmission of information. This definition includes equipment connected to any R.I. domain or VLAN, either hardwired or wirelessly, and includes all stand-alone equipment that is deployed by the R.I.at its office locations or at remote locations.

Acceptable Use Policy
The use of the company network, internet, and email services by Richmond Investments employees is permitted and encouraged…...

Similar Documents

Microeconomics Project Part 2

...Sales & Marketing Management CA 2 – Group Project (20%) ________________________________________________________________ Group Project • • • • • • Form groups of no more than 5 students to work on this project. A list of products and customer groups, is given on the next page. Discuss among your group members which product your group will choose. No two groups can do the same product. Choice is on a first-come-first-serve basis. Register your product with your lecturer by Lesson 2 Report Component 1. Research and briefly explain about this customer group you have selected. 2. Research and showcase your knowledge of your chosen product. 3. Explain how you intend to sell your product to this customer group. 4. Presentation materials Your report should be type-written and 1.5-spaced in 11-point (Arial or Times) font. You must produce a picture/visual of your chosen product to accompany the report. It must not exceed 1500 words (not inclusive of the presentation materials) This report is due on 11/6/2012, 1159AM. Presentation Component 1. Each group is given 20 minutes to make the sales presentation to the chosen customer group. A 10-mark penalty will be imposed for exceeding the time limit. 2. Every member in the team must present his/her part. Absentees without a valid reason will be given a zero grade. Presentations are scheduled for Lessons 11 and 12. Each group will be allotted a slot to present. Products 1 Photocopy machines 2 2-liter cars 3 Laptops 4......

Words: 548 - Pages: 3

Project Part 2

...Project Part 2 Entrepreneur Edward Date: 7/14/12 To: My Boss I have researched ice cream and the effects of supply and demand associated with it. I have found several reasons for the increase or decrease in supply and demand and thought you may be interested in my findings. The first issue I have found would be the seasonal changes in the area that the ice cream would be sold. Customers seem to demand ice cream when the weather is hot and they are looking for a way to cool off. So, in the spring/summer months the demand would be high. When the season changes to fall/winter the demand seems to shift to the lesser. Climate of the area has a huge effect on ice cream sales. Secondly, a change in taste could shift the demand to less, People’s taste changes from time to time and there are other substitutes to ice cream. Also if people were to start dieting that could also affect the demand for ice cream. An increase in the price of sugar, and dairy would shift the supply curve to the lesser. With an increase in the cost of making ice cream it would in turn cause companies to order less and raise prices. Therefore people would be paying more for their beloved ice cream. An increase in electricity costs, cow feed, natural gas could also effect the supply curve in a negative way. Increasing the cost of production will shorten supply and increase costs over time....

Words: 255 - Pages: 2

Project Part 2

...------------------------------------------------- Project Security Domains and Strategies Purpose This project provides you an opportunity to apply the competencies gained in various units of this course to identify security challenges and apply strategies of countermeasures in the information systems environment. Learning Objectives and Outcomes * You will learn the purpose of a multi-layered security strategy. * You will understand the information systems security (ISS) fundamentals including the definition of terms, concepts, elements, and goals. * You will incorporate the industry standards and practices with a focus on the confidentiality, integrity, availability, and vulnerabilities of information systems. * You will fulfill the role of a security professional implementing proper security controls in a specific business situation based on Systems Security Certified Practitioner (SSCP®) Common Body of Knowledge domains. Required Source Information and Tools To complete the project, you will need the following: 1. Access to the Internet to perform research for the project 2. Course textbook 3. (ISC)2 SSCP® Common Body of Knowledge available in the SSCP® Candidate Information Bulletin Project Logistics The project is divided into one smaller and one major assignment as per the details below: Activity Name | Assigned | Due By | % Grade | Project Part 1. Multi-Layered Security Plan | Unit 1 | Unit 2 | 6 | Project Part......

Words: 1461 - Pages: 6

Project Part 2 It Security

...copy itself and infect a computer. The term ‘computer virus’ is sometimes used as a catch-all phrase to include all types of malware, including true viruses. Malicious Code A piece of unwanted computer software or code introduced into another program, attached to a document or exists on its own, for malicious purposes. Malware Short for malicious software, software designed to infiltrate a computer system without the owner's informed consent. Usually refers to a variety of forms of hostile, intrusive, or annoying software or program code. Malware encompasses computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software. Casey L. Swain NT2580 August 25, 2013 Project Part 2: Student SSCP® Domain Research Paper REFERENCES Kim D. & Solomon G. M., (2012). Fundamentals of Information Systems Security: The Seven Domains of a Typical IT Infrastructure (1st ed.), 15-33. Burlington, MA. The State of Queensland Government. Department of Education, Training and Employment. Malware and Malicious Code Prevention. July 27, 2012. Web. Aug. 2013 <http://ppr.det.qld.gov.au/corp/ict/management/Pages/Malware-and-Malicious-Code-Prevention.aspx>...

Words: 953 - Pages: 4

Project Part 2. Sscp

...Introduction The (ISC)2 SSCP® is frequently viewed as the first step in an information security career path, leading to the Certified Information Systems Security Professional (CISSP®) and other advanced certifications. Scenario Continuing the Richman Investments scenario explained in Part 1 of the project, the offices have a total of 5,000 employees, and the office technology inventory includes desktops, mobile computers, and wireless devices. There is a mix of computers running Windows XP, Windows Vista, Windows 7, and Mac OS X. Most of the managers have BlackBerry devices for instant communication, and all employees are provided cell phones. A Windows Active Directory forest with domains is set up for each office, and seven file and print servers are located in the Phoenix office. The Phoenix office also contains two proxy servers, configured as an array, that provide Web cache services and Internet access control for the organization. The majority of applications are Web-based and hosted from the Phoenix office. The Phoenix office has an Internet connection to all the remote offices, and the redundancy is extremely important to the company. There are several sensitive applications that all offices use. The management from each office shares application information that is hosted at the corporate office for accounting and reporting purposes. All employees have Internet access. There is no policy on the use of removable media. Several of the branch......

Words: 884 - Pages: 4

Course Project Part 2

...Course Project Part II Introduction You will assume that you still work as a financial analyst for AirJet Best Parts, Inc. The company is considering a capital investment in a new machine and you are in charge of making a recommendation on the purchase based on (1) a given rate of return of 15% (Task 4) and (2) the firm’s cost of capital (Task 5). Task 4. Capital Budgeting for a New Machine A few months have now passed and AirJet Best Parts, Inc. is considering the purchase on a new machine that will increase the production of a special component significantly. The anticipated cash flows for the project are as follows: Year 1 $1,100,000 Year 2 $1,450,000 Year 3 $1,300,000 Year 4 $950,000 You have now been tasked with providing a recommendation for the project based on the results of a Net Present Value Analysis. Assuming that the required rate of return is 15% and the initial cost of the machine is $3,000,000. 1. What is the project’s IRR? (10 pts) 2. What is the project’s NPV? (15 pts) 3. Should the company accept this project and why (or why not)? (5 pts) 4. Explain how depreciation will affect the present value of the project. (10 pts) 5. Provide examples of at least one of the following as it relates to the project: (5 pts each) a. Sunk Cost b. Opportunity cost c. Erosion 6. Explain how you would conduct a scenario and sensitivity analysis of the project. What would be some project-specific risks and market risks related to...

Words: 707 - Pages: 3

Nt2580 Project 2

...Project part 2: Student SSCP Domain Research paper Richman Investments 1) Software - PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful guest management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks. 2) Cryptography – the protection of information using techniques that ensure its integrity, confidentiality, authenticity and non-repudiation, and the recovery of encrypted information in its original form. Software - 7-Zip is open source software under the GNU LGPL license. 7-Zip has ZIP container-based AES-256 encryption. You can easily create a compressed archive of files and add a password to it. 3) Malicious Code and Activity – countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses and other related forms of intentionally created damaging code. Software - ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. Gateway Anti-Virus, a Vermont Department of Taxes project, allows applications across the enterprise to check files for viruses by providing a SOAP-based virus scanning web service. Client applications submit files to the web......

Words: 858 - Pages: 4

Nt2580 Project Part 1

...PART 1 The following document outlines Richman Investments security measures for IT infrastructure. There are many components that make up the Richman Investments network, and so there should be a multi-layered security solution to protect it. The server room has been located in the central part of the building, and will be physically protected by electronic door locks with keypad combination access. There are a limited number of personnel who will have access to this room in order to decrease the potential for tampering. Each of these personnel will have their own access code, and a digital log will be kept of all access. All of the servers will be virtual, and a backup of each server will be refreshed weekly and saved to cloud storage. All company data will be backed up and saved to cloud storage daily. All users requiring remote access will have a VPN set up with strict login requirements. These users will also have their laptops checked by the IT department on a monthly basis to ensure that they are in compliance with company security policy. Access to the company network will be secured by multiple firewalls set up with our routers. Firewall filters will be set up with a specific list of allowed users and programs. All other traffic will be blocked by default until it has been approved by IT. There will be a limited number of wireless access points around the building, with password access. These passwords will be changed on a regular basis. Access......

Words: 353 - Pages: 2

Eg481 Project Part 2

...Project Part 2 This research and overview provides awareness of global warming and how our planet’s atmosphere is overloaded with heat trapping carbon dioxide (CO2), which threatens wide-ranging disorder in climate with devastating consequences. Global warming is an environmental issue that affects human health, ecosystem, etc. and this study is summed up into basic responses and opposing viewpoints. I. What are the causes of global warming? • CO2 emissions and increased concentration of greenhouse gases • Human activity is causing the Earth to get hotter • Global warming is a natural occurrence of nature a. Deforestation and natural resources are part of the earth’s cycle b. Negative conception due to media c. Lack of scientific evidence II. Global warming causes serious concern. • Record-breaking extreme weather a. Severe droughts b. Damaging wildfires c. Rising sea levels, warmer temperatures d. Heat waves; diseases • Clean Air Act (CAA), Endangered Species Act, and the Clean Water Act (CWA) that addresses pollution from sewage systems and storm water run-off • NRDC examines long-range consequences if issue is not addressed III. Solving global warming will improve our lives. • Set practical and feasible limits on global warming pollution; in accordance with EPA standards • Think “green” a. Smart cars b. Public transportation c. Communities and buildings d. Stricter efficiency requirements for appliances IV. Curbing climate......

Words: 484 - Pages: 2

Nt2580 Project Part 1

...work stations b. restrict access to critical user files only – principle of least privilege 2. Workstation a. Access control – password protected workstations and auto screen locking b. Antivirus-Strong, automatic programs that scan for threats 3. LAN a. Physical security – All wiring closets and server rooms should be locked b. Set up encryption between workstations and wireless access points. 4. LAN to WAN a. Disable unused ports, ping, and port scanning on exterior devices b. Strict zero-day policy for patching c. Strict security monitoring for intrusion detection Tyler Straub 3 5. WAN a. Use encryption and VPN tunnels to secure sensitive data on the internet b. Use anti-virus to scan all e-mails for malicious attachments 6. Remote access a. Encrypt all portable data devices that connect remotely to secure sensitive data b. Apply stringent password policies so remote devices only connect with authorized and authenticated users. 7. System/Application a. Data backup shall be used with daily, incremental backups and will be kept off site b. A business continuity plan shall be implemented and tested to keep critical services running in the event of a disaster. Tyler Straub 4 Citation Page (1) http://www.sans.org/reading-room/whitepapers/basics/outline-successful- security-program-1208 (2)......

Words: 345 - Pages: 2

Nt2580 Research Project Part 2

...Project Part 2: Security Domain and Strategies Now that Richman Investments has expanded with more offices, locations and clients, the need for protection of assets are greater. We have decided to implement the following policy for removable media: Richman Investments staff may only use Richman Investments’ removable media in their work computers. Richman Investments removable media may not be connected to or used in computers that are not owned or leased by the Richman Investments without explicit permission of the Richman Investments IT manager. Sensitive information should be stored on removable media only when required in the performance of your assigned duties or when providing information required by other state or federal agencies. When sensitive information is stored on removable media, it must be encrypted in accordance with the Richman Investments’ Acceptable Encryption Policy. Security assurance and user-friendly sites are required if Richman Investments is to be successful at attracting customers to their Internet sites. It is therefore important to be able to understand the business requirements and be able to translate these into a public network presence with security in mind. The Digital revolution of the 21st Century has not been achieved without its consequences. Real time business requirements and economic drivers have forced rapid changes to the methods used to conduct business-to-business and business to client communication. The Internet has now......

Words: 1544 - Pages: 7

Nt2580- Project Part 1

...Project Part 1 Multi-Layered Security Plan Outline The following outline is to document the general security solutions for Richman investments, for all locations including head-quarters, for the safety of data and information that belongs to Richman Investments. This plan will be updated and submitted, every month by the networking division, to senior management along with a security plan for the month. 1. User Domain a. This Domain includes Individuals within an organization who access its information. b. An acceptable use policy to define what users can and cannot do with company IT information will be created. c. Managers should review security awareness training and review acceptable use policies with employees periodically. d. Internal CD drives and USB ports will be disabled. e. Content filtering and antivirus scanning on any downloaded media, and emails will be setup. f. Restrict access for users to only applications, data and systems needed to perform their job. g. Monitor and track employee behavior and their use of IT infrastructure during off hours. 2. Workstation Domain a. Systems where most users connect to the IT infrastructure. i. Workstations can be any desktop, laptop, or other device that connects to an organizations network. b. Password protection on all workstations. c. Auto screen lockout for inactive times. d. Strict access control procedures, standards, policies, and guidelines. e. All CD, DVD, and USB ports will be disabled. ...

Words: 779 - Pages: 4

Nt2580 Project Part 1

...1. Network firewall The first line of defense against unwelcomed users would surely be the firewall. At one point, the use of dual firewalls from different vendors was all the rage, but DMZ is more popular today. There are actually a few different types of firewall implementations. For example, consumer-grade routers typically make use of Network Address Translation (NAT), because the identity of hosts is complicated, NAT is often said to offer firewall capabilities. 2. Virtual Private Network Employees who need to access company resources from unsecured locations such as public Wi-Fi hotspots are a mainly exposed group. A VPN channels all network traffic through an encrypted channel back to the trusted corporate network. VPN’s can be complex and is costly to support due to the overheads of authentication, processing and bandwidth. 3. IDS and IPS An intrusion detection system (IDS) is a network-centric strategy that involves monitoring traffic for suspicious activities that may indicate that the corporate network has been compromised. This may require the detection of port scans being created from within the network or excessive attempts to log into a server. The intrusion prevention system (IPS) is usually deployed in-line in order to actively prevent or block intrusions as they are detected. A specific IP address could be automatically blocked. 4. Malware Detection Malware scanning performed on client devices relies on the processing capabilities of individual......

Words: 517 - Pages: 3

Project Part 1 Nt2580

...Michael Williams Nt2580 Project Security Domains and Strategies Keeping information assets secure is challenging for any business, regardless of its size. It seems there's no limit to the ingenuity and maliciousness of today's cybercriminals, hackers and identity thieves. In fact, hackers have become so sophisticated and organized that their operational methods are similar to those of traditional software development and business practices. When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan. In the user domain, one of the easiest ways for the system to be compromised is through the users. Simplicity of user’s passwords can be a major problem so we need to implement complex passwords including eight or more characters, both upper and lower case, and use of at least one special character. Passwords will need to be changed every three months and the same password cannot be used again for one calendar year. This plan will give an overview of the security strategies that will be implemented at each level of the IT infrastructure for Richman Investments. 1) User Domain   a. Use security awareness training to instruct employees of Richman Investments security policies.   b. Audit user activity. 2) Workstation Domain  ......

Words: 470 - Pages: 2

Nt2650 Project Part 2

...Joshua Rivas NT2580 Project Part 2 Purpose - This policy defines the security configurations users and Information Technology (IT) administrators are required to implement in order to ensure the integrity, availability, and confidentially of the network environment of Richmond Investments(R.I). It serves as the central policy document with which all employees and contractors must be familiar, and defines regulations that all users must follow. The policy provides IT managers within R.I. with policies and guidelines concerning the acceptable use of R.I. technology equipment, e-mail, Internet connections, network resources, and information processing. The policies and restrictions defined in this document shall apply to all network infrastructures and any other hardware, software, and data transmission mechanisms. This policy must be adhered to by all R.I. employees, temporary workers and by vendors and contractors working with R.I. Scope- This policy document defines the common security requirements for all R.I. personnel and systems that create, maintain, store, access, process or transmit information. This policy also applies to information resources owned by others, such as vendors or contractors of R.I., in cases where R.I. has a legal obligation to protect resources while in R.I. possession. This policy covers all of R.I. network systems which are comprised of various hardware, software, communication equipment and other devices designed to assist the R.I. in the......

Words: 1956 - Pages: 8