Preview

Multi Layered Security Plan

Good Essays
Open Document
Open Document
299 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Multi Layered Security Plan
Project Part 1

Multi Layered Security Plan

Richman Investments

1) General

This MLS plan will give a brief overview of the security strategies that will be implemented at each level of the IT infrastructure.

2) User Domain

a. The usage of security awareness training to instruct employees of Richman Investments security policies

b. Auditing of user activity

3) Workstation Domain

a. The usage of antivirus and antimalware programs on each user computer

b. Strict access privileges to corporate data

c. Deactivation of media ports

4) LAN Domain

a. Utilizing network switches

b. WPA 2 encryption to wireless access points

c. Securing server rooms from unauthorized access

5) LAN to WAN Domain

a. Closing off unused ports via a firewall to reduce the chance of unwanted network access

b. Monitor inbound IP traffic, more specifically looking for inbound transmissions that show signs of malicious intent

c. Run all networking hardware with up to date security patches, and operating systems

6) WAN Domain

a. Enforce encryption, and VPN tunneling for remote connections

b. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks

c. Enforce antivirus scanning of email attachments

i. Isolate found malicious software (virus, Trojans, etc.) when found

d. Deployment of redundant internet connections to maximize availability

(Kim & Solomon)

7) Remote Access Domain

a. Establish strict user password policies, as well as lockout policies to defend against brute force attacks

b. Require the use of authorization tokens, have a real-time lockout procedure if token is lost, or stolen

c. Encrypt the hard drives of company computers, laptops and mobile device to prevent the loss of sensitive data

Works Cited

Kim, D., & Solomon, M. G. Part 1: The Need for Information Security. In Fundamentals of Information Systems Security. Jones & Bartlett



Cited: Kim, D., & Solomon, M. G. Part 1: The Need for Information Security. In Fundamentals of Information Systems Security. Jones & Bartlett Learning.

You May Also Find These Documents Helpful

  • Good Essays

    It244 R Appendix E

    • 650 Words
    • 3 Pages

    Describe the policies for securing the facilities and the policies of securing the information systems. Outline the controls needed for each category as relates to your selected scenario.…

    • 650 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Cmgt400 Week 3

    • 1752 Words
    • 8 Pages

    Whitman, M., & Mattord, H. (2010). Management of Information Security (third ed.). Pittsburgh, PA: Cengage Learning.…

    • 1752 Words
    • 8 Pages
    Better Essays
  • Powerful Essays

    It 244 Appendix B

    • 3468 Words
    • 14 Pages

    Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.…

    • 3468 Words
    • 14 Pages
    Powerful Essays
  • Better Essays

    Whitman, M. E., & Mattord, H. J. (2010). Management of information security (3rd ed.). Boston, MA: Course Technology.…

    • 1432 Words
    • 5 Pages
    Better Essays
  • Good Essays

    | Describe ways to protect hardware, software and data and minimise security riskThere are steps to prevent threats to system and information: access to information sources should be allowed with Username and password/PIN selection. The system set up on password strength; how and when to change passwords (monthly); online identity/profile; Real name, pseudonym; what personal information to include, who can see the information; Respect confidentiality, avoid inappropriate disclosure of…

    • 793 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Fcs 006

    • 856 Words
    • 4 Pages

    9. ____ software, such as that shown in the accompanying figure, can control which devices can be connected to an employee computer. a. Data-leakage prevention c. Professional firewall b. Device authentication d. Network quarantine…

    • 856 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    6. Which of the following policy modifications would make it harder for intruders to penetrate user passwords by brute force attack?…

    • 306 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Stallings, W., & Brown, L. (2012) Computer security: Principles and practice (2nd ed.). Boston, MA: Pearson.…

    • 1167 Words
    • 4 Pages
    Better Essays
  • Good Essays

    6. Which of the following should be considered while implementing a layered access security approach?…

    • 939 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    a. The usage of security awareness training to instruct employees of Richman Investments security policies…

    • 506 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    ISA 650 Final Exam Paper

    • 4435 Words
    • 18 Pages

    73. Requires the creation of computer security plans, and the appropriate training of system users or…

    • 4435 Words
    • 18 Pages
    Satisfactory Essays
  • Good Essays

    Acct 505

    • 743 Words
    • 3 Pages

    d. Implementation of better security measures for data protection, identity protection and ensuring that company resources are not misused…

    • 743 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    lesson10

    • 285 Words
    • 2 Pages

    Which of the following policy modifications would make it harder for intruders to penetrate user passwords by a brute force attack?…

    • 285 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    There are several possible threats that can affect the integrity of any organizational network. Many of these threats can come internally from the users of the system. Internal attacks can be intentional, accidental, or simple human error. Some examples of accidental infection can come from a user opening an email containing a virus, installing new software, altering desktop configuration, visiting precarious web sites, leaving the area of their desktop without logging out of their account, or simply losing or leaving their personal wireless device unattended. Organizations should have specific policies covering each of these topics defined within their security plan document. Also, standard operating procedures should be available for technicians to follow whether performing day to day tasks, or responding to an incident.…

    • 959 Words
    • 4 Pages
    Better Essays
  • Powerful Essays

    Discovering Computers 2008 Chapter 9 Computer Security, Ethics and Privacy 1 2 Chapter 10 Objectives Describe the types of computer security risks Discuss the types of devices available that protect computers from system failure Identify ways to safeguard against computer viruses, worms, Trojan horses, botnets, denial of service attacks, back doors, and spoofing Explain the options available for backing up computer resources Discuss techniques to prevent unauthorized computer access and use Identify safeguards against hardware theft and vandalism Explain the ways software manufacturers protect against software piracy Define encryption and explain why it is necessary Identify risks and safeguards associated with wireless communications Recognize issues related to information accuracy, rights, and conduct Discuss issues surrounding information privacy Discuss ways to prevent health-related disorders and injuries due to computer use 3 Computer Security Risks…

    • 2181 Words
    • 25 Pages
    Powerful Essays

Related Topics