Unit 7
IT security
configuratio
n and
testing
,Unit 7
Content page:
Contents
IT security configuration and testing...........................................................................................................1
IT system protection techniques..............................................................................................................5
In this post, I'll examine and describe defense strategies that a business might use against security
issues. Physical security, rules and processes, and software-based security are the three categories
into which these techniques can be divided............................................................................................5
Physical Security......................................................................................................................................5
Physical security is just as vital as online security when it comes to protecting an IT system since it
ensures that the company's equipment is safe from unintentional loss and damage, theft, vandalism,
terrorist attacks, and natural disasters like floods and fires. The security measures taken are designed
to protect the company's tangible assets, such as technology and paper records, while preventing
unauthorized personnel from entering the workplace............................................................................5
Building and network room security........................................................................................................5
Biometrics................................................................................................................................................6
Data backup.............................................................................................................................................8
Recovery plans.......................................................................................................................................11
Summation of Physical Threats..............................................................................................................12
Policies and procedures.........................................................................................................................13
Internet and email use policies..............................................................................................................13
Security and password procedures........................................................................................................14
Staff responsibilities...............................................................................................................................15
Staff training..........................................................................................................................................16
Disciplinary procedures.........................................................................................................................17
Security audits.......................................................................................................................................18
Overall effectiveness of Policies and Procedures...................................................................................20
Software based protection....................................................................................................................21
Hardware and software configuration...................................................................................................21
,Unit 7
Security updates....................................................................................................................................22
Normal business operation....................................................................................................................24
Anti-virus software and detection techniques.......................................................................................27
User authentication...............................................................................................................................40
Access controls......................................................................................................................................47
Organizational and legislative requirements.........................................................................................53
Justifying and evaluating protection techniques...................................................................................53
Physical security-(Evaluation/Justification)............................................................................................53
Policies and procedures-(Evaluation/Justification)................................................................................56
Software-based protection-(Evaluation/Justification)...........................................................................58
Wireless security-(Evaluation/Justification)...........................................................................................60
IT system protection plan......................................................................................................................61
Gantt Chart - Summary..........................................................................................................................62
Implementing IT system security strategies...........................................................................................62
Group Policies........................................................................................................................................63
Audit Policy............................................................................................................................................65
Using audit object access.......................................................................................................................66
Installing Malwarebytes Anti-Malware..................................................................................................68
Firewall configuration............................................................................................................................70
Configuring Windows operating system Firewall...................................................................................71
Windows Firewall Log............................................................................................................................75
Wireless security....................................................................................................................................76
Configuring NETGEAR wireless routers..................................................................................................77
Access control........................................................................................................................................78
Creating users, groups, permissions and special privileges...................................................................79
Password policies, white listing and data hiding....................................................................................81
Reviewing the organization’s IT system.................................................................................................83
Firewall..................................................................................................................................................85
Entry points...........................................................................................................................................86
System scans..........................................................................................................................................86
Testing tools..........................................................................................................................................87
Activity logs............................................................................................................................................89
Recommendations.................................................................................................................................89
, Unit 7
Overall effectiveness..............................................................................................................................90
Evaluation of the plan and the effectiveness of the protected IT system against requirements...........91
Individual responsibility and effective self-management......................................................................91
I'll share examples of the numerous ways I've shown self-management and individual accountability.
Both planning and protecting the IT system must be done effectively if the goal is to give the highest
level of defense against both external and internal threats..................................................................91
Planning and recording..........................................................................................................................91
Reviewing..............................................................................................................................................92
Recommendations.................................................................................................................................93
Documentation processes.....................................................................................................................93
Conclusion.............................................................................................................................................94
IT security
configuratio
n and
testing
,Unit 7
Content page:
Contents
IT security configuration and testing...........................................................................................................1
IT system protection techniques..............................................................................................................5
In this post, I'll examine and describe defense strategies that a business might use against security
issues. Physical security, rules and processes, and software-based security are the three categories
into which these techniques can be divided............................................................................................5
Physical Security......................................................................................................................................5
Physical security is just as vital as online security when it comes to protecting an IT system since it
ensures that the company's equipment is safe from unintentional loss and damage, theft, vandalism,
terrorist attacks, and natural disasters like floods and fires. The security measures taken are designed
to protect the company's tangible assets, such as technology and paper records, while preventing
unauthorized personnel from entering the workplace............................................................................5
Building and network room security........................................................................................................5
Biometrics................................................................................................................................................6
Data backup.............................................................................................................................................8
Recovery plans.......................................................................................................................................11
Summation of Physical Threats..............................................................................................................12
Policies and procedures.........................................................................................................................13
Internet and email use policies..............................................................................................................13
Security and password procedures........................................................................................................14
Staff responsibilities...............................................................................................................................15
Staff training..........................................................................................................................................16
Disciplinary procedures.........................................................................................................................17
Security audits.......................................................................................................................................18
Overall effectiveness of Policies and Procedures...................................................................................20
Software based protection....................................................................................................................21
Hardware and software configuration...................................................................................................21
,Unit 7
Security updates....................................................................................................................................22
Normal business operation....................................................................................................................24
Anti-virus software and detection techniques.......................................................................................27
User authentication...............................................................................................................................40
Access controls......................................................................................................................................47
Organizational and legislative requirements.........................................................................................53
Justifying and evaluating protection techniques...................................................................................53
Physical security-(Evaluation/Justification)............................................................................................53
Policies and procedures-(Evaluation/Justification)................................................................................56
Software-based protection-(Evaluation/Justification)...........................................................................58
Wireless security-(Evaluation/Justification)...........................................................................................60
IT system protection plan......................................................................................................................61
Gantt Chart - Summary..........................................................................................................................62
Implementing IT system security strategies...........................................................................................62
Group Policies........................................................................................................................................63
Audit Policy............................................................................................................................................65
Using audit object access.......................................................................................................................66
Installing Malwarebytes Anti-Malware..................................................................................................68
Firewall configuration............................................................................................................................70
Configuring Windows operating system Firewall...................................................................................71
Windows Firewall Log............................................................................................................................75
Wireless security....................................................................................................................................76
Configuring NETGEAR wireless routers..................................................................................................77
Access control........................................................................................................................................78
Creating users, groups, permissions and special privileges...................................................................79
Password policies, white listing and data hiding....................................................................................81
Reviewing the organization’s IT system.................................................................................................83
Firewall..................................................................................................................................................85
Entry points...........................................................................................................................................86
System scans..........................................................................................................................................86
Testing tools..........................................................................................................................................87
Activity logs............................................................................................................................................89
Recommendations.................................................................................................................................89
, Unit 7
Overall effectiveness..............................................................................................................................90
Evaluation of the plan and the effectiveness of the protected IT system against requirements...........91
Individual responsibility and effective self-management......................................................................91
I'll share examples of the numerous ways I've shown self-management and individual accountability.
Both planning and protecting the IT system must be done effectively if the goal is to give the highest
level of defense against both external and internal threats..................................................................91
Planning and recording..........................................................................................................................91
Reviewing..............................................................................................................................................92
Recommendations.................................................................................................................................93
Documentation processes.....................................................................................................................93
Conclusion.............................................................................................................................................94
