NT2580 Project Part 1

Topics: Computer security, Computer network, Internet Pages: 6 (1284 words) Published: November 12, 2014


Multilayered Security Strategy: Richman Investments
Sharon Cadwell
ITT Technical Institute
NT2580 Introduction to Information Security
De’Von Carter
11/16/14

Multilayered Security Strategy: Richman Investments
This multi-layered security plan for Richman Investments will provide a short overview of the security tactics that will be applied at each level of the IT infrastructure. This MLS Plan will describe how the IT department will improve the security of each domain and how to protect the company’s information. The IT department will update all firewalls on the infrastructure and make sure to secure all ports that are open. This will help stop incoming traffic that is malicious. Another protection utilized will be anti-virus software, which will be systematically updated throughout the company. All IT employees will be knowledgeable of the MLS Plan that will be put into effect once senior management approves it for implementation. User Domain defines the people who access an organization’s information system. This domain is the fastest way for the system to be compromised. I would implement an AUP (acceptable use policy) that will be understood and signed by all employees with access to the network. The employees will also have to go through initial information security training before gaining access to the network. This training will also be required annually in order to maintain their access to the network. The AUP will dictate the requirements for passwords. The requirements will include an eight character alphanumeric password, two uppercase letters, two lowercase letters, two special characters, and two numbers. This will make it more difficult for the password to be breached. The AUP will also state that the company systems will only be used for work related purposes. All social networking sites and many other miscellaneous sites will be blocked. The user will also have to consent to monitoring when signing the AUP. Passwords will also need to be changed every 90 days and the same password cannot be used again for three calendar years. Workstation Domain is where most users connect to the IT infrastructure. It can be a desktop computer, or any device that connects to a network. In the workstation domain I will install antivirus and anti-malware programs on each workstation computer with strict access privileges in reference to corporate data. I will also deactivate all media ports (i.e. USB and CD/DVD Drives) Local Area Network (LAN) Domain is a collection of computers connected to one another or to a common connection medium. Network connection mediums can include wires, fiber optic cables, or radio waves. For the LAN domain I will utilize network switches, WPA2 (Wi-Fi Protected Access II) to provide security and encryption for data transmissions and general computer connectivity for the encryption of wireless access points. Limiting, as much as is possible, who can attach to the network. I would also secure all server rooms from unauthorized access. Then I will add spam filters to help get rid of most of the junk email. LAN-to-WAN Domain is where the IT infrastructure links to a wide area network and the Internet. In the LAN-to-WAN domain I will isolate all unused ports by using a firewall to reduce the risk of unwelcome network accesses. All inbound IP traffic will be monitored, particularly looking for inbound transmissions that show signs of malicious targets. All networking hardware will have up-to-date security patches, and operating systems. The routers will be configured, and network firewalls will be installed to hinder Ping requests to reduce unplanned Denial of Service attacks. Wide Area Network (WAN) Domain connects remote locations. WAN services can include dedicated Internet access and managed services for customer’s routers and firewalls. Networks, routers, and equipment require continuous monitoring and management to keep WAN service available. In the WAN domain I will put...


References: David, K., & Solom, M. (2012). Fundamentals of Information Systems Security. Sudbury, MA: Jones & Bartlett Learning.
Fundamentals of Information Systems Security/Information Security and Risk Management. (2014). Retrieved from http://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Information_Security_and_Risk_Management
Granger, S. (2002). The Simplest Security: A Guide to Better Password Practices. Retrieved from http://www.symantec.com/connect/articles/simplest-security-guide-better-password-practices
Pradhan, P. L., Meher, P. K. Risk Assessment on IT Infrastructure. Retrieved from http://www.infosecwriters.com/text_resources/pdf/Risk_asst-Infra.pdf
Routing and Switching Case Study: How Cisco Uses VPN Solutions to Extend the WAN. (n.d). Retrieved from http://www.cisco.com/web/about/ciscoitatwork/network_systems/wan_vpn_solutions_web.html
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • NT2580 Project part 1 Essay
  • NT2580 Project Part 1 Essay
  • Essay on Unit 9 Project Part 1
  • Project Part 1 Research Paper
  • It255 Project Part 1 Essay
  • Project Part 1 Essay
  • Richman Investment Project Part 1 Essay
  • Project Part 1 Task 1 Essay

Become a StudyMode Member

Sign Up - It's Free