Chapter 7. Identifying Assets and Activities to Be Protected

Slides:



Advertisements
Similar presentations
The Enterprise Guide to Video Conferencing Created using iThoughts [...] [...]
Advertisements

Computer networks Fundamentals of Information Technology Session 6.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Network Security Philadelphia UniversityAhmad Al-Ghoul Module 11 Exploring Secure Topologies  MModified by :Ahmad Al Ghoul  PPhiladelphia.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Wi-Fi Structures.
Computer Networks IGCSE ICT Section 4.
Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.
M. Guymon - Pleasant Grove High - Spring 2003 Networks Computer Technology Day 17.
SOE and Application Delivery Gwenael Moreau, Abbotsleigh.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Configuring Routing and Remote Access(RRAS) and Wireless Networking
Chapter 20: Getting from the Office to the Road: VPNs BAI617.
Chapter 7: Using Windows Servers to Share Information.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
Chapter 9: Novell NetWare
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Chapter 3.  The characteristics and purpose of: ◦ Intranets ◦ Internet ◦ Extranets.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
S. Butler Emery High School Spring 2006 Networks Computer Technology Day 17.
Networks Computer Technology Day 17. Network  Two or more computers and other devices (printers or scanners) that are connected, for the purpose of sharing.
NETWORK INFRASTRUCTURE SECURITY Domain 5. Computer Security “in short, the average computer is about as secure as a wet paper bag, and it is one of the.
Security fundamentals Topic 10 Securing the network perimeter.
Network Components David Blakeley LTEC HUB A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.
I NTRODUCTION TO N ETWORK A DMINISTRATION. W HAT IS A N ETWORK ? A network is a group of computers connected to each other to share information. Networks.
Introduction TO Network Administration
Computer Security By Duncan Hall.
.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.
I NTRODUCTION TO N ETWORK A DMINISTRATION. W HAT IS A N ETWORK ? A network is a group of computers connected to each other to share information. Networks.
ITE PC v4.0 Chapter 8 1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public  Networks are systems that are formed by links.  People use different.
VPN Alex Carr. Overview  Introduction  3 Main Purposes of a VPN  Equipment  Remote-Access VPN  Site-to-Site VPN  Extranet Based  Intranet Based.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
An Introduction to Local Area Networks An Overview of Peer-to-Peer and Server-Based Models.
Novell iFolder Novell Academy QuickTrain. What is iFolder? Novell iFolder lets users’ files follow them anywhere A simple and secure way to access, organize.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
1.4 wired and wireless networks lesson 1
Security fundamentals
Chapter 7: Using Windows Servers
Chapter Objectives In this chapter, you will learn:
Chapter 1 Introduction to Networking
Virtual Private Networks
A Network Operating System
Understand Wide Area Networks (WANs)
Self-service enrollment for Windows desktops
CONNECTING TO THE INTERNET
Set up your own Cloud The search for a secure and acceptable means of gaining access to your files stored at the office from a remote location.
Introduction to Networking
Computer Technology Notes #4
IS4550 Security Policies and Implementation
Unit 27: Network Operating Systems
IT Vocab IT = information technology Server Client or host
IS4680 Security Auditing for Compliance
Virtual Private Network
Firewalls Routers, Switches, Hubs VPNs
Professional Network Services
Networking and Security
ICT Computing Lesson 4: Computing Network.
By Elizabeth Goldstein ‘19
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Chapter 7. Identifying Assets and Activities to Be Protected

Asset and Inventory Management Within the Seven Domains of a Typical IT Infrastructure Seven domains of a typical IT infrastructure are: User Domain Workstation Domain LAN Domain LAN-to-WAN Domain WAN Domain Remote Access Domain System/Application Domain

Group work With your partner discuss Seven Domains of a Typical IT Infrastructure

Seven domains of a typical IT infrastructure

For each of the seven domains, consider the assets you have and ask yourself some basic questions: Are the assets valuable to the organization? Are they included in any type of inventory or asset management system?

Inventory and asset management There is a difference between inventory management and asset management. Inventory management This is used to manage hardware inventories. It includes only the basic data, such as model and serial numbers. It shows : what assets are on hand, where they're located, and who owns them. Inventory management is valuable to ensure that the inventory isn't easily lost or stolen.

Inventory and asset management This is used to manage all types of assets. It includes much more detailed data than an inventory management system includes. For example, asset management would cover installed components, hardware peripherals, installed software, update versions, and more.

User domain The User Domain includes people or employees. An HR department maintains records on employees. These can be manual records, such as folders held in filing cabinets, or files held on servers. Data on users includes: Personal and contact data Employee reviews Salary and bonus data Health care choices A significant concern with asset management in the User Domain is confidentiality. Data must be protected against unauthorized disclosure

Workstation Domain The Workstation Domain includes the PCs used by employees. It could include typical desktop PCs. It could also include mobile computers or laptops. Assets in the Workstation Domain have two risks to address: Theft An organization has a significant investment in these systems. It can't afford to allow them to disappear. Inventory management systems include processes where each item is manually located on a periodic basis. This verifies the system is still in the organization's control. Updates As updates, fixes, and patches are released, they need to be applied to the systems. If the systems are not updated, they become vulnerable to new exploits. Use automated asset management systems to keep systems up to date. An automated system will often perform three steps: 1) inspect systems for current updates, 2) apply updates, and 3) verify the updates.

LAN domain The LAN Domain includes all the elements used to connect systems and servers together. The local area network (LAN) is internal to the organization. The primary hardware components are hubs, switches, and routers.

LAN domain It's important to have a basic inventory of these devices. This includes the basics such as model, serial number, and location. Although any network device includes firmware, the more functional network devices such as routers and switches have a built-in operating system (OS). The version of the OS determines its capabilities, so it's often useful to include the version in the inventory.

LAN-to-WAN Domain The LAN-to-WAN Domain is the area where your internal LAN connects to the wide area network (WAN). In this context, the WAN is often the Internet. The primary devices you're concerned with here are the firewalls. You can have a single firewall separating the LAN from the WAN. You can also have multiple firewalls to create a demilitarized zone (DMZ) or a buffer area.

LAN-to-WAN Domain You'll want to include the following information in an asset management system: Hardware information This includes basics, such as the model and serial number. If the model supports different add-ins, such as additional memory, or additional network interface cards, you'll want to include these. Configuration data A significant amount of time goes into creating a firewall policy. You then create firewall rules and exceptions to implement the policy. At the very least, all these rules and exceptions need to be documented. Whenever possible, you should create scripts to automate the process. You should then back up these scripts.

WAN Domain The WAN Domain includes any servers that have direct access to the Internet. This includes any server that has a public Internet Protocol (IP) address

WAN Domain Inventory and asset management information for WAN- based servers include: Hardware information This information includes basics, such as the model and serial number. Documentation is similar to how you'd document servers in the LAN-to-WAN Domain. Update information Servers in the WAN need to be kept up to date. This is an important step to ensure the server stays secure.

Remote Access Domain Remote access technologies give users access to an internal network via an external location. This can be done via direct dial-up or virtual private network (VPN). When dial-up is used, clients and servers have modems and access to phone lines. When a VPN is used, the VPN server has a public IP address available on the Internet. Clients access the Internet, and then use tunnelling protocols to access the VPN server.

Remote Access Domain Inventory and asset management information needed for servers in the Remote Access Domain are similar to those in the WAN Domain

System/Application Domain The System/Application Domain includes servers used to host server applications. Some examples of different types of application servers include: E-mail servers—This can be a single e-mail server. It can also be a larger e-mail solution, including both front- end and back-end server configurations. Database servers—This can be an Oracle or Microsoft SQL server. It can be a single server or a group of servers. Web servers Web servers host Web sites and serve them to Web clients. A single Web server can host a single Web site or hundreds of Web sites.

System/Application Domain Inventory and asset management systems should include the following information on any servers in the System/Application Domain: Hardware information—This includes basics such as the model and serial number, just as you'd inventory a workstation. It should also include an inventory of the hardware components. Update information—Servers need to be kept up to date. This is especially true if any of these servers are public-facing servers, such as Web servers and some e- mail servers.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.