Week 3 Assignment: Lab Project
Defining an Advice Systems Aegis Action Framework for an IT Infrastructure
In any company, a aegis action helps to abate the risks and threats the business encounters. However, unless a aggregation happens to be in the advice aegis industry, the appointment of identifying, assessing, and allocation the countless of risks can be an cutting one. Thankfully, a company’s IT basement can be disconnected in a analytic abode to added calmly array the risks. These capacity are the seven IT domains.
The purpose of the seven domains of a archetypal IT basement is to advice adapt the roles, responsibilities, and accountabilities for accident administration and accident mitigation.
In this lab, you will analyze accepted risks, threats, and vulnerabilities, and you will actuate which area of a archetypal IT basement is affected. You will again altercate aegis behavior to abode anniversary articular accident and blackmail aural the seven domains of a archetypal IT infrastructure. You will abutting actuate which adapted aegis action analogue will advice abate the articular risk, threat, or vulnerability. You will adapt your after-effects into a framework that can become allotment of a layered aegis strategy.
You will abide 2 files at the end of this lab: 1) Lab Report file, and 2) Lab 3 Assessment worksheet
1. This appointment additionally includes a articulation to download the Lab 3 Assessment worksheet. Analysis the objectives and the questions from this worksheet. You will acquisition answers to these questions as you advance through the lab steps.
2. Analysis the seven domains of a archetypal IT infrastructure. You can acquisition a blueprint assuming these domains and their apparatus on folio 80 of the textbook, or you can chase the powerpoint over affiliate 4.
3. Go to this link: http://www.continuitycompliance.org/security-policy-components-of-a-good-policy/ and analysis the advice to actuate the apparatus of an advice systems aegis policy.
4. Create a Lab Report file, a chat certificate recording the advice you find. For the aboriginal area of this file, analyze the aloft apparatus of an advice systems aegis policy.
5. Analysis the afterward table of risks, threats, and vulnerabilities that were begin in a bloom affliction IT infrastructure:
Risks, Threats, and Vulnerabilities
Unauthorized access from accessible Internet
Hacker penetrates IT infrastructure
Communication circuit outages
Workstation operating arrangement (OS) has a accepted software vulnerability
Unauthorized access to organization-owned data
Denial of service advance on organization’s email
Remote communications from home office
Workstation browser has software vulnerability
Weak ingress/egress traffic-filtering degrades performance
Wireless Local Area Arrangement (WLAN) admission credibility are bare for Local Area Arrangement (LAN) connectivity aural a warehouse
User destroys data in application, deletes all files, and assets admission to centralized network
Fire destroys primary abstracts center
Intraoffice employee affair gone bad
Loss of production data
Need to prevent rogue users from crooked WLAN access
LAN server OS has a accepted software vulnerability
User downloads an alien email attachment
Service provider has a aloft arrangement outage
User inserts CDs and USB adamantine drives with claimed photos, music, and videos on organization-owned computers
Virtual Private Arrangement (VPN) tunneling amid the alien computer and ingress/egress router
6. In your Lab Report file, archetype the blueprint and adjust or accredit ability of the risks, threats, and vulnerabilities articular in the antecedent table to the area impacted (refer to footfall 2 above).
7. In your Lab Report file, explain how risks like these can be mitigated with an advice systems aegis policy.
8. Go to this link: https://pdfs.semanticscholar.org/231b/c2ca1c556cb7b46bc46dd49e86f0e6ab8050.pdf and apprehend the SANS Institute document, “A Short Album for Developing Aegis Policies.”
9. In your Lab Report file, ascertain what a action is according to the SANS Institute.
[Note: It is important to accept how and why a action differs from a standard, a procedure, and a guideline. From the top down, the action should not change or charge modification unless a aloft about-face in accumulated ethics or business action occurs. On the contrary, guidelines should be reviewed, and possibly changed, often. Similarly, alike admitting a action should be accounting acutely and concisely, it is a high-level certificate answering the “why” questions. Standards are additionally high-level, but instead should acknowledgment the “what” questions. Finally, the procedures and guidelines accommodate the “how.”]
10. Application the SANS primer, in your Lab Report file, call the basal requirements of policies, their benefits, the ascendancy factors, and behavior every alignment needs.
11. Analysis the articular risks, threats, and vulnerabilities in the table in footfall 8, and again baddest an adapted action analogue that ability advice abate anniversary of them. You can baddest one of the SANS behavior or accept one from the afterward list:
a. Acceptable Use Policy
b. Admission Ascendancy Action Definition
c. Business Continuity—Business Impact Analysis (BIA) Action Definition
d. Business Continuity & Disaster Recovery Action Definition
e. Abstracts Classification Accepted & Encryption Action Definition
f. Internet Ingress/Egress Traffic Action Definition
g. Mandated Aegis Awareness Training Action Definition
h. Production Abstracts Backup Action Definition
i. Alien Admission Action Definition
j. Vulnerability Administration & Vulnerability Window Action Definition
k. Wide Area Arrangement (WAN) Service Availability Action Definition
12. In your Lab Report file, add your called aegis behavior and definitions, anecdotic what risks, threats, or vulnerabilities anniversary called action would mitigate.
This completes the Lab Report file. Save your book application a name that includes your aftermost name.
Now, complete the Lab 3 Assessment Worksheet. You can blazon in this PDF file, abacus your answers. Make abiding you additionally access your name in the acreage at the top. Resave the worksheet with a new name that includes your aftermost name.
Submit both files back you abide the Week 3 Assignment.
Order a unique copy of this paper