Preview

IS3220 Lab 8 Chris Wiginton

Satisfactory Essays
Open Document
Open Document
424 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
IS3220 Lab 8 Chris Wiginton
IS3220 Lab 8
Chris Wiginton
ITT Technical Institute, Tampa FL
Instructor: Sherman Moody
11 November, 2014

1. Explain why a layered security strategy helps mitigate risk and threats both external and internal. Multiple layers can be used to secure internal threats like keeping employees from accessing inappropriate material, update and patch workstations and run current anti-virus/malware on workstations daily. The layers also help mitigate external threats like hackers by using firewalls and shutting traffic out of the internal network.
2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access? With a DMZ, there are two firewalls to protect the internal network from external threats. The necessary servers can be placed between the two in order to allow access from either side through strict firewalls while still allowing very little external traffic into the internal zone. The outermost firewall can allow a certain set of traffic to come in and access the servers. The inner most firewall blocks access into the intranet while allowing internal users to access the information on the servers.
3. What recommendations do you have for the future e-commerce server and deployment in regards to physical location and back-end security for privacy data and credit card data? The e-commerce server could be placed in the DMZ with the private and credit card data stored inside the internal network. The commerce server will have access to the private data and will pass it in an encrypted form to and from wherever it needs to go.
4. What recommendations do you have to secure the server farm from unauthorized access? Lock the servers into their own room with keycard or fingerprint access only. Only authorized IT staff shall have access. Management, vendors and all other authorized guest shall be escorted by an authorized IT staff member. Video surveillance should be maintained and monitored at all access

You May Also Find These Documents Helpful

  • Powerful Essays

    1. Briefly explain how the Gufw internal Ubuntu host IP ststeful firewall can be used in a layered security strategy at the Workstation Domain level.…

    • 1518 Words
    • 5 Pages
    Powerful Essays
  • Powerful Essays

    1. Briefly explain how the Gufw internal Ubuntu host IP ststeful firewall can be used in a layered security strategy at the Workstation Domain level.…

    • 1518 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    Case Fastfit Q7-11

    • 879 Words
    • 4 Pages

    7. a) Assuming that Fastfit goes ahead with its plans to have an e-commerce site, identify two physical locations, from where customers can enter their orders to the ecommerce site and b) For each of the locations that you mentioned, identify the technologies (cover the areas of software, hardware and networks) that a customer would need (at the location) to accomplish this activity? (use a table);…

    • 879 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    lab8 is3440

    • 129 Words
    • 1 Page

    1 Bascially RPM command is used for installing, uninstalling, upgrading, querying, listing, and checking RPM packages on your Linux system.…

    • 129 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    IS3230 Lab 7 Multi-Factor Authentication Process Chris Wiginton ITT Technical Institute, Tampa FL Instructor: David Marquez 1 May 2014 Multi-Factor Authentication Process Area Authentication Process(es) Authentication Factors Authentication and Authorization LDAP /Kerberos Authentication, Token , Session Timeline Username , Password Token, Pin, Biometric Device Support Device should not be end of life and under support contract Vendor Supported Firewalls using Approved Product List (APL) Interoperability ISO and IEEE Standards for Encryption Multi-Vendor Interoperability based on AES, 3DES Standards, and SSL Encryption methods. Multiprotocol Support TCP, UDP, ESP, SSL ACL only allows trusted endpoints based on Port and Protocol Packet Encryption IKE - Internet Key Exchange VPN 2 Phase Negotiation based on Pre-Share Key, VPN Certificate Authentication.…

    • 155 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Nt1310 Unit 8 Lab 1

    • 421 Words
    • 2 Pages

    3. Who will have access to the systems and how will this access be monitored?…

    • 421 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS3350 week 1

    • 287 Words
    • 3 Pages

    8. Minimizing leakage of customer privacy data through the public network would be possible through data encryption, server firewalls.…

    • 287 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Looking at the network diagram provided I determined that the user, workstation, LAN, LAN-to-WAN, and system/application domains involved in the company should be redesigned to implement better access controls to provide multi-layered security. The most important access control implementation would be the user domain where the company should put emphasis on training; how to recognize social engineering attacks, how to create strong passwords, and how often they should be changed. The workstation domain should focus security via virus and malware scanning, operating system patching, and other types of application-level firewalls. To achieve a multi-layered security approach in the LAN domain I would recommend using an intrusion detection system (IDS) and an intrusion prevention system (IPS) to prevent unauthorized access. Security for the LAN-to-WAN domain should be implemented through the use of a firewall or DMZ to also prevent unauthorized access into the company’s network.…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    IS3230 Lab 4

    • 528 Words
    • 2 Pages

    1. By opening ports in your firewall it is allowing people access to your network and if anybody tries to get in figures out the port, they can potentially gain access to your system.…

    • 528 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Lab Answers

    • 617 Words
    • 3 Pages

    4. If you are using corporate e-mail for external communications that contain confidential information, what other security countermeasure can you deploy to maximize confidentiality of e-mail transmissions through the Internet?…

    • 617 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    Lab 7

    • 928 Words
    • 3 Pages

    A layered security strategy will encompass Rouge protocols such as Bit mining and P2P, Unauthorized network scanning and probing, and unauthorized access to the network.…

    • 928 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Lab 9

    • 1001 Words
    • 3 Pages

    7. In order to perform a PCI DSS compliance audit on your e-commerce website, what should you incorporate into Requirement #6 regarding “Develop and Maintain Secure…

    • 1001 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS3445 Lab 7

    • 371 Words
    • 2 Pages

    Yes, although such tools like these would automatically find security flaws with high degree of confidence that what it found was a flaw.…

    • 371 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    So if someone who will attack and break into a machine on an external perimeter net will face a harder and tough time while attacking internal machines because more security layers are there between internal network and outer perimeter. This situation will arise and will be true and significant only if there is existence of different layers by meaning otherwise additional layers will not provide additional security because of the same filtering systems between all…

    • 877 Words
    • 4 Pages
    Good Essays
  • Good Essays

    The Technology is also one of the key factor in information security program as companies carry most of their function electronically which exposes them to many security threats. In this information security program, for an effective architecture we should provide layered security program in order to provide multiple levels of defense. This is firmly known as Defense-in-depth.…

    • 805 Words
    • 4 Pages
    Good Essays