Unit 2 Assignment 1: Calculate the Window of Vulnerability
A vulnerability is a flaw in an information technology product that could allow violations of
security policy. (L., 2000) A vulnerability or weakness in a system or network can come about
Unit 3 Discussion 1: Access Control Models
Access controls are methods used to restrict and allow access to certain items, such as
automobiles, homes, computers, even your mobile device. The four parts that make up access
controls are: Authorization, Iden
Unit 3 Assignment 1: Remote Access Control Policy Definition
Authorization- Richman Investments must define rules as to who has access to which computer
and network resources. My suggestion is that RI implements either a group membership policy
or an auth
Unit 2 Assignment 2: Microsoft Environment Analysis
1. Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution
Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
Vulnerabilities in Kernel-Mode
Unit 1 Assignment 2
Data classification standard provides the means of how the business should handle and secure
different types of data. Through security controls different data types can be protected. All these
security controls should apply to each of
m "nun 7-.
E Ethernet adapter Local rea Connection:
r Connectionspecific DNS Suffix vlahs.1oca1
TM'm:la4 Description . . . . . . . . . UHware ccelerated HD PCNet dapter
Physical ddress. . . . . ' 333029991413
Unit 1 Assignment 1
1. Violation of a security policy by a user.
2. Disgruntled employee sabotage.
3. Download of non-business videos using the Internet to an employer-owned computer.
4. Malware infection of a users laptop.
5. Unauthorized physica
Study Part 3
1. To make sure your systems and security controls work as expected
2. A. Baseline
C. Closed-circuit TV
D. Systems that spot irregular behavior
3. Black-box testing, White-box testing and Gray-box testing
4. Is based on knowledge of
Study Material Part 2
1. The Brewer and Nast Integrity Model is based on a mathematical theory published in
1989 to ensure fair competition. It is used to apply dynamically changing access
permission. It can separate competitors data within the same integ
1. Risk the likelihood that something bad will happen to an asset
Threat any action that could damage an asset
Vulnerability a weakness that allows a threat to be realized or to have an effect on an
2. SOX requires publicly traded compan
Project Part 1 Multi-Layered Security Plan
1. Disruption prevention - This is an approach to protect the entire device. A majority of wellknown Internet security software falls into this category. They are designed to prevent a broad
array of malicious at
1. Change control is a systematic approach to managing all changes made to a product or
system. The purpose is to ensure that no unnecessary changes are made, that all changes
are documented, that services are not unnecessarily disrupted and that re
1. What are the three fundamental elements of an effective access control solution for
Identification, Authentication and Authorization
2. What two access controls can be set up for Windows Server 2003 folder and authentication?
Windows Application Loaded
Starts as Service Y/N
Nessus Server Manager
Filezilla Server Interface
2. What was the DHCP allocated source IP host address for the Student VM, DHCP Server, and
1. What is the application ZenMap GUI typically used for? Describe a scenario in which you
would use this type of application.
Its used for port scanning. It can be used to see what hosts are on the network and to see what
services they are running.