1. What is the Data Classification Standard used in the U.S. Department of Defense (DoD)/Military?Google “Data Classification Standard + DoD”. Summarize the different data classifications.
Top Secret- The highest security level. Information is classified Top Secret if unauthorized disclosure would cause "exceptionally grave damage" to national security
Secret- This is the second-highest classification. Information is classified Secret when its unauthorized disclosure would cause "serious damage" to national security. Most information that is classified is held at the secret sensitivity.
Confidential- This is the lowest classification level of information obtained by the government. It is defined as information that would "damage" national security if publicly disclosed, again, without the proper authorization.
Public Trust- Certain positions which require access to sensitive information, but not information which is classified, must obtain this designation through a background check. Public Trust Positions can either be moderate-risk or high-risk.
Unclassified- Is not actually a classification level, it is the lack of classification level. It is used for information that the government has not classified under the security classification system
2. Describe one way to help prevent unauthorized users from logging onto another person’s user account and accessing his/her data.
Create a new domain wide GPO and enable "Deny logon locally" user right to the source domain user accounts and disable multiple logon. Teach strong password use and force change through Password GPO.
3. What permissions are necessary to allow an Active Directory Group called AD_Group to read and write files in a sensitive directory such as C:\ERPdocuments\HRfiles?
List Folder/Read Data, Read Attributes, Read Extended Attributes, Create Files/Write Data, Create Folders/Append Data, Write Attributes, Write Extended Attributes, Read Permissions,