Top-Rated Free Essay
Preview

Internet and User Domain

Good Essays
964 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Internet and User Domain
NT2580 Introduction to Information Security

Homework 5

Unit 5 Assignment 1: Define an Acceptable Use Policy (AUP)

Assignment Requirements
Richman Investments requires the enforcement of strict ingress-egress filtering policies for network traffic. Certain traffic is expressly forbidden:
1  No peer-to-peer file sharing or externally reachable file transfer protocol (FTP) servers
2  No downloading executables from known software sites
3  No unauthorized redistribution of licensed or copyrighted material
4  No exporting internal software or technical material in violation of export control laws
5  No introduction of malicious programs into networks or onto systems
6  No accessing unauthorized internal resources or information from external sources
7  No port scanning or data interception on the network
8  No denying service or circumventing authentication to legitimate users
9  No using programs, scripts, or commands to interfere with other network users
10  No sending unsolicited e-mail messages or junk mail to company recipients
11  No accessing adult content from company resources
12  No remote connections from systems failing to meet minimum security requirements

Define a LAN-to-WAN, Internet, and Web surfing AUP that restricts usage of the company’s Internet connection and permits the company to monitor usage of the corporate Internet connection. Carefully evaluate the implications of each policy and how implementations might impact the IT infrastructure, both positively and negatively. Weigh the benefits and the disadvantages of each method. Consider whether or not a proposed solution causes an interruption to the legitimate users and how it might bring security at the expense of preventing a perfectly legitimate activity.

Acceptable Use Policy
To fully explain the acceptable use policy would mean to begin from the beginning, the user domain. The user domain is the employee or people within an organization who is granted access to the information system for the organization. There are roles and tasks, responsibility, and accountability that go into an acceptable use policy for the user domain. Within the user domain is the access of LAN to Wan, web surfing, and internet. LAN to Wan is the activities between LAN to Wan and firewalls, routers, intrusion, detection, and workstations. Web surfing determines what a user can do on company time with company resources. Internet is when the user has access to the internet what types of controls should the organization have on the certain internet sites being accessed. Although they all sort of are the same they are very much different (Cordero, 2013).
For the Lan to Wan AUP will go hand in hand with the roles and tasks parts of the user domain. Users would be given access to certain systems, applications, and data depending on their access rights. The AUP is like a rulebook that employees need to follow when using an organization’s IT assets and if they are violated it could be grounds for termination. The AUP will set grounds on employees to understand that they are responsible for any and all actions on an organization’s IT assets. In particular to organizations that have databases with sensitive information may also require a criminal background check before granting access. This all prevents risks, threats, and vulnerability that could compromise an organization’s system, applications, and/or data.
Lan and Wan AUP helps in preventing users from destroying the firewalls and protection programs from leaking sensitive information and/or hackers from entering and obtaining important sensitive information to different area networks and the internet. For a solid AUP would be to have security monitoring controls to avoid intrusions. It would be best to apply antivirus programs especially on emails and email quadrating to identify unknown file types and catch any unsafe programs trying to come into the organization. The ability to block outbound traffic that may be accessed during normal work procedures. Also to have some type of file transfer or monitoring on unknown files types received by employees. These programs will all assist in maintaining security and integrity for the organization’s sensitive information (Kim & Solomon, 2012).
Web surfing on company time would be controlled by acknowledging and restricting which sites an employee will be able to access during company time. There will be type of filter that will determine if the website is allowed to be access and scanned to determine if there are any dangerous or unknown files that can hurt the organization’s system. With the internet part of the AUP would be to have a setting where if the employee decides to access internet sites not work related then they could be timed on the amount of time they can continue to view the sites. For instance, if an employee wanted to do some shopping on their break there would normally be a restriction to the shopping internet sites. However, there could be a monitoring program installed where the user would enter their username and password and it would give them an hour, forty-five minutes or thirty minutes of viewing time. Advantage of this protocol will prevent employees from being less productive while they should be doing work on their paid work time. Another advantage would be to prevent employees from accessing unauthorized websites and bringing in viruses into the organizations and making limitations on what type of emails are to be sent and accepted within the organization. Some disadvantages would be that at times the internet is useful in assisting customers when a question arises and the representative is unsure of the answer. For instance, if a customer comes in and needed information to another place of business we can easily assist our trusting and faithful customer and guide them in the right direction. At times a representative must also access the internet to answer questions they are unsure of the organization and need to internet to find the answers. This advantage will assure a customer needs were satisfied and leaves no gaps of uncertainty.

Reference: Cordero, M. (February 28, 2013).
Kim, D. & Solomon, M.G. (2012).

You May Also Find These Documents Helpful

  • Satisfactory Essays

    NT2580 Project Part 1

    • 348 Words
    • 1 Page

    The following document outlines Richman Investments security measures for IT infrastructure. There are many components that make up the Richman Investments network, and so there should be a multi-layered security solution to protect it. The server room has been located in the central part of the building, and will be physically protected by electronic door locks with keypad combination access. There are a limited number of personnel who will have access to this room in order to decrease the potential for tampering. Each of these personnel will have their own access code, and a digital log will be kept of all access.…

    • 348 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    Is3110 Week2 Assignment

    • 348 Words
    • 2 Pages

    For this assignment, imagine that you work for U.S. Industries, Inc. as a network administrator. Your…

    • 348 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IT255 Project 1

    • 663 Words
    • 2 Pages

    The plan to secure the workstation domain enforces a strong password policy on each workstation and also enables screen lockout protection for inactive times. Keeping all workstations with an up to date antivirus is essential. Furthermore, content filtering features will arrange access of specific domain names according to AUP definitions. In addition, workstations will have up-to-date application software and security patches conferring to company guide lines. As part of the workstation security strategy IT will disable the auto-play feature and will enable automatic scan for any external devices that may be connected to the machine. This measure will ensure the content is secure.…

    • 663 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    In the WAN domain, we need to have firewalls set up to filter all incoming traffic. A firewall will stop all traffic not wanted on the Richman Investments network.…

    • 337 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    User accounts and passwords are implemented to maintain individual accountability for network resource usage. Any user who obtains an account and password for accessing a Corporation Tech provided resource, is required to keep these credentials confidential. Users of these systems may only use the accounts and passwords for which they have been assigned and authorized to use, and are prohibited from using the network to access these systems through any other means. This plan also prohibits the sharing of personal user accounts or passwords for accessing Corporation Tech or…

    • 4134 Words
    • 12 Pages
    Better Essays
  • Satisfactory Essays

    In this Multi-Layered Security Plan, I will provide information on how to better improve the security of each domain and protect the data of Richman Investments. We shall secure all ports for incoming and outgoing traffic, only allowing the information that is needed through certain ports and to conduct business fast and efficiently. We will also be using the latest and most updated firewall protection and anti-virus software to add a better degree of security. This will be implemented throughout the entire company and we will inform all employees of this MLS plan.…

    • 492 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Assignment 4 Nt2580

    • 485 Words
    • 2 Pages

    3. Richman Investments employees and affiliates with remote access privileges must ensure that their Richman Investments-owned or personal…

    • 485 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Unit 4 Assignment 2

    • 717 Words
    • 3 Pages

    This policy applies to all Richman investments employees, contractors, vendors and agents with a Richman investments-owned or personally-owned computer or workstation used to connect to the Richman investments network. This policy applies to remote access connections used to do work on behalf of Richman investments, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc.…

    • 717 Words
    • 3 Pages
    Powerful Essays
  • Good Essays

    Apply email server and attachment antivirus/malware and email quadrating for unknown file types. Disable for ping, probing, and port scanning on all exterior IP devices. Denying of outbound traffic using source IP addresses. Apply file transfer monitoring, scanning and alarming for unknown file types. Web Surfing should be monitored by filtering out any unknown IP address with trusted cites. Apply domain-name content filtering at the internet entry/access point as well.…

    • 313 Words
    • 2 Pages
    Good Essays
  • Good Essays

    NT2580 Project part 1

    • 606 Words
    • 3 Pages

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Unit 4 Assignment 1

    • 333 Words
    • 1 Page

    In the given network diagram, several domains need to be considered. This diagram includes the User, Workstation, LAN, and LAN-to-WAN domains. Security controls and their implementation are discussed below.…

    • 333 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Currently the security for the internet server and the location of it in the network is not as protected as it should be and it is not the best design either. The internet server must be located out of the company firewall to protect the systems and network internally. By doing this it separates the remote server system the system has proper validation and connection through the system allows access to the rest of the network. Staffs that are located in the firewall can authenticate through a proxy system and then access the internet, which in turn allows them to communicate…

    • 560 Words
    • 3 Pages
    Good Essays
  • Good Essays

    lab 5

    • 718 Words
    • 3 Pages

    Provide at least 3 examples of Network Architecture Controls that help enforce data access policies at LAN-to-WAN Domain level.…

    • 718 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    homework 1

    • 454 Words
    • 2 Pages

    Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file types.…

    • 454 Words
    • 2 Pages
    Satisfactory Essays