Davonte Brown unit 4 assignment 1

NT2580: Unit 4 Enhance an Existing IT Security Policy Framework

You are a networking intern at Richman Investments. You recently developed a design for a remote access control policy that indicated access controls for systems, applications, and data access.

The senior network administrator would like you to get experience with the company's IT security policy framework. Following is an illustration of a portion of the policy framework:

This Essay Ill be presenting 10 practices that are essential to making education meaningful and rich for all students, examining brain research and how it can be applied to the classroom. It incorporates information about learning styles and standards into a classroom instructional model for teachers. The 11 chapters are as follows: (1) "Creating an Enriched and Emotionally Supportive Environment"; (2) "Using a Variety of Teaching Strategies That Address Different Learning Styles"; (3) "Strategies That Help Students Make Connections From Prior Learning and Experiences to New Learning and Across Disciplines"; (4) "Teaching for Long-Term Memory is a Primary Goal; (5) "Integrating Higher-Level Thinking Skills Into Learning; (6) "Collaborative Learning is an Integral Part of the Classroom"; (7) "Bridging the Gap Between All Learners, Regardless of Race, Socioeconomic Status, Sex, or Creed"; (8) "Evaluating Learning Through a Variety of Authentic Assessments"; (9) Promoting Real-World Application of the Learning"; (10) "Seamless Integration of Technology for High- Quality Instruction"; and (11) Putting It All Together." (Contains 51 references.) (SM). A remote access policy is a server protocol that defines how users on a remote area network may use the server. It specifies who may access the network and how the network may be accessed, determines the speed of the access, and defines any restrictions on what data and hardware may be accessed by users. In common server software such as Microsoft Windows Server 2003 the server administrator is given the ability to set these permissions through the use of the Remote Access Policy Wizard. In order to protect information, businesses need to implement rules and controls around the protection of information and the systems that store and process this information. This is commonly achieved through the implementation of information security policies, standards, guidelines and procedures. However, what exactly are these? This article will explain what information security policies, standards, guidelines and procedures are, the differences between each and how they fit together to form an information security policy framework. Remote Access refers to the ability to access UMW network resources while off campus. Security measures for remote access should be implemented based on sensitivity and risk to University systems and data. A virtual private network .VPN) connection must be established during the offsite remote access of sensitive IT systems (e.g. all systems storing highly sensitive data as defined in UMWs Data Classification Standard), to insure all exchanges of sensitive information are encrypted. (An exception to this is individual access to BannerSelf Service, which is granted by default to all faculties, staff and students for web based self-service processing.)

Authentication to Internet Native Banner is restricted per the Administrative Data Access Policy and requires the use of VPN for remote access.

All remote file transfers of either highly sensitive or protected data, as defined in UMWs Data Classification Standard, must utilize encryption (e.g. sftp, https).

VPN access is limited to Faculty and Staff. By default and is authenticated against the ALL_UMW_Faculty_Staff Security Group in ActiveDirectory. Students do not have VPN capabilities.

A Contractor, Tempory, or Volunteer worker requiring VPN access must fill out a compulsory form in Human Resources prior to be granted access. They will require a UMW sponsor who must submit the request to the ISO for final approval. Once approved, they will be entered into Banner whereby an account will then be created in Banner and AD.Users using non-university owned equipment must follow IT Malicious Code Protection Standard.

Records logging remote connections must be maintained and reviewed according to the University Monitoring and Logging Procedure.

VPN authentication is required in addition to network authentication to remotely access backend servers and is limited to local accounts provisioned by the Server Administrator. Infrastructure equipment authentication is maintained on the TACACS. Local Accounts are provisioned for Network Services staff only. That was my essay hope you enjoyed.

Read more:http://www.ehow.com/how_5022434_create-remote-access-policy.htmlhttp://eric.ed.gov/?id=ED447085http://www.ehow.com/how_5022434_create-remote-access-policy.htmlhttp://mindfulsecurity.com/2009/02/03/policies-standards-and-guidelines/http://technology.umw.edu/it-policies/remote-access-standard/ ITT Educational ServicesPage 3