Premium Essay

Is316

In: Computers and Technology

Submitted By itttechhelpme
Words 582
Pages 3
Week 3 Lab - Assessment Worksheet Design Your DMZ and LAN-to-WAN Security Solution

Overview This lab will demonstrate how to properly design a LAN-to-WAN DMZ given functional and technical business requirements. Students will transform the design requirements into a block diagram design of a DMZ with LAN-to-WAN security appliances.

Lab Assessment Questions & Answers 1. Describe how creating zones is helpful in the design of a DMZ and security solution for the LAN-to-WAN Domain. The purpose of a DMZ is to add an additional layer of security to an organization's local area network. an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network 2. How many zones does your design incorporate? Do you think an additional zone may be needed if the e-commerce server was implemented? Explain why or why not. 2 zones, I would implement a zone due to the costly nature of the e-commerce server I would want the added sevurity. 3. While supporting IP-SEC VPNs provides a secure, remote-access solution for mobile employees, it does not scale and requires stringent security operations and management procedures. What alternatives would you recommend for a scalable remote-access VPN solution for your design?
SSL because almost all web browsers support ssl it provides extra security without any additional software needed 4. As per the functional and technical requirements, where must you terminate the VPN tunnels for remote-access users? Terminate the VPN in a DMS and locate the Web front end in the DMZ 5. Where would you put an e-mail filter and quarantine system in place to scan and monitor e-mails and e-mail attachments? Explain why. Antivirus software in place to scan in realtime , also enable scanning on the email provider options

6. Where would…...

Similar Documents

Premium Essay

It255

...Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies for Web Applications & Social Networking IS316 Fundamentals of Network Security Firewalls & VPNs IS317 Hacker Techniques Tools & Incident Handling EC311 Introduction to Project Management IT250 Linux operating System CNS Program Prerequisites: ment 300 Level IT320 WAN Technology & Application IT302 Linux System Administration 200 Level Networking Application Services & Security   IT260 IT255 Introduction to Information Systems Security IT220 Network Standards & Protocols IT221 Microsoft Network Operating System I IT250 Linux Operating System 100 Level TB143 Introduction to Personal Computers ISS Foundational Courses ISS Technical Courses ISS Capstone Project Technical Basic Courses CNS......

Words: 4114 - Pages: 17

Free Essay

Transportation Command Firewall Modification Request System

... Transportation Command Firewall Modification Request System Student Name Individual Project IS316 - Systems Analysis and Design Professor: Erlan Burk Park University Fall II 2005 12 December 2005 Table of Contents System Description 2-3 Functional Description 4-5 Data Dictionary 6-7 Context Level Diagram and Child Diagram 8-9 System Input, Output Forms, and Interfaces 10-14 Testing, Maintenance and Auditing 15-16 System Description System Name US Transportation Command Firewall Modification Request System (FMRS) Type of System FMRS is a Management Information System using a Microsoft Access Database and front end application. The system provides an avenue for customers to request firewall modifications and for the firewall maintenance team (Operation Information Security – OIS) to validate, track, and process requests in systematic fashion. Key System Benefits * User friendly interface available to users at any time * Request tracking and history * Report generation of prior activity * Improved firewall manageability * Improved customer response time * Reduction in man hours spent duplicating and researching firewall maintenance efforts Existing System Currently there is no automated request or tracking system for firewall modifications and accountability. Requests are made via email to the OIS group email account and are processed from there. With the......

Words: 2252 - Pages: 10

Free Essay

Scope of Service

...Computer Crimes Act as cited by State Governing laws, mandates, and other applicable laws. I have read and agree to comply with the policy set forth herein. ____________________________ _______________________________ Type or Print Name Last 4 digits of Social Security Number ____________________________ _______________________________ Signature Date ATTACHMENT 6.9 State Government IT Infrastructure & Architecture Overview of 7-Domains of a Typical IT Infrastructure & Architecture The State Government IT Infrastructure for the purpose of our IS427 Capstone Course is to utilize the ISS Mock IT Infrastructure as the representative IT infrastructure. This is the same IT infrastructure used in the IS316 Network Security and IS317 Hacking Techniques course. This IT infrastructure includes the following elements as depicted in the 7-domains of a typical IT infrastructure: [pic] Figure 1 – IT Architecture for State Government Security Assessment ➢ User Domain – what risk does an organization have with its users and employees? What can help mitigate risk within this domain? ➢ Workstation Domain – what risk does an organization have regarding its physical workstation and hard drive, workstation OS, applications, software patching, and user’s direct access to the Internet? ➢ LAN Domain – what risk does an organization have regarding file server OS, applications, software patching and user’s direct access to data? ......

Words: 40549 - Pages: 163

Premium Essay

Seeking Help

...Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security Strategies for Web Applications & Social Networking IS316 Fundamentals of Network Security Firewalls & VPNs IS317 Hacker Techniques Tools & Incident Handling EC311 Introduction to Project Management IT250 Linux operating System ment CNS Program Prerequisites: ©ITT Educational Services, Inc. Date: 10/25/2010 Introduction to Information Systems Security Syllabus 300 Level IT320 WAN Technology & Application IT302 Linux System Administration 200 Level   IT260 Networking Application IT255 Introduction to Information Systems Security IT220 Network Standards & Protocols IT221 Microsoft Network Operating System I IT250 Linux Operating System Services & Security 100 Level TB143 Introduction to Personal Computers ISS......

Words: 4296 - Pages: 18