NT2580
NT2580: Unit 5 Security Audits and Assessments
Nishaka Wickrama Arachchi
ITT Technical Institute
Torrance
NT2580 Fundamentals of Network Security
04/19/2015
Security Audits and Assessments
Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.
* Authentication failures are one type of security event. A baseline anomalies that may indicate suspicious activity are unauthorized access attempts that can be found within log files. The log files contain records of all types of security events such as logon events, changes in system configuration and attempted violations of policy as well as system events like service startups and closures, errors and system warnings.
* A second security event could be a sudden increase in overall traffic. It could simply mean that your website has been mentioned by a popular source, or it could mean that someone is trying to cause harm to your site.
Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.
* Problem: Removable storage drives introduce malware filtered only when crossing the network.
Solution: Limit user privileges that only include those that are required by the duties that are assigned to that individual. This will hopefully make it clear that no removable storage devices are to be connected to the network, no matter the circumstances unless they are screened first.
* Problem: Predictable passwords meet minimum requirements but remain easily guessable.
Solution: Create a recurring change of passwords, say once every few months, for your company. Have the passwords require a combination of numbers and letters, as well as a special character.
* Problem: Sensitive laptop data is unencrypted and susceptible to physical theft.
Solution: An obvious
Nishaka Wickrama Arachchi
ITT Technical Institute
Torrance
NT2580 Fundamentals of Network Security
04/19/2015
Security Audits and Assessments
Identify at least two types of security events and baseline anomalies that might indicate suspicious activity.
* Authentication failures are one type of security event. A baseline anomalies that may indicate suspicious activity are unauthorized access attempts that can be found within log files. The log files contain records of all types of security events such as logon events, changes in system configuration and attempted violations of policy as well as system events like service startups and closures, errors and system warnings.
* A second security event could be a sudden increase in overall traffic. It could simply mean that your website has been mentioned by a popular source, or it could mean that someone is trying to cause harm to your site.
Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.
* Problem: Removable storage drives introduce malware filtered only when crossing the network.
Solution: Limit user privileges that only include those that are required by the duties that are assigned to that individual. This will hopefully make it clear that no removable storage devices are to be connected to the network, no matter the circumstances unless they are screened first.
* Problem: Predictable passwords meet minimum requirements but remain easily guessable.
Solution: Create a recurring change of passwords, say once every few months, for your company. Have the passwords require a combination of numbers and letters, as well as a special character.
* Problem: Sensitive laptop data is unencrypted and susceptible to physical theft.
Solution: An obvious