nt2580, week 7 assignment 2 intro
TRANSCRIPT
NT2580: Unit 7 Design an Encryption Strategy
Richman Investments is an investment and consulting firm. Richman wants to expand its business
operations both in the U.S. and in foreign countries. Richman intends to eventually have 10,000
employees in 20 countries.
The Richman corporate headquarters is located in Phoenix, Arizona. Currently there are eight branch
offices in:
Atlanta, Georgia
Chicago, Illinois
Cincinnati, Ohio
Denver, Colorado
Los Angeles, California
Montreal, Canada
New York City, New York
Washington, D.C.
The North American offices have a total of 5,000 employees who use desktops, laptops, and wireless
devices. All offices deal with several sensitive applications. Management from each office shares
application information hosted at the corporate office.
Instructions:
Based on the security objectives in the following table, design an enterprise encryption strategy—a public
key infrastructure (PKI) that supports internal employees, external business partners, and clients. Include
the design and reasoning for using the selected encryption strategy.
Security Objective Description
Privacy or confidentiality
Keeping information secret from all but those who are authorized to see it
IntegrityEnsuring information has not been altered by unauthorized or unknown means
Entity authentication or identification
Corroborating the identity of an entity, for example a person, a computer terminal, or a credit card
Message authentication
Corroborating the source of information, also known as data origin authentication
Signature Binding information to an entity
AuthorizationProviding conveyance, to another entity, of official sanction to do or be something
© ITT Educational Services Page 1
NT2580: Unit 7 Design an Encryption Strategy
Security Objective Description
ValidationProviding timeliness of authorization to use or manipulate information or resources
Access control Restricting access to resources to privileged entities
Certification Endorsing information by a trusted entity
Timestamping Recording the time of creation or existence of information
WitnessingVerifying the creation or existence of information by an entity other than the creator
Receipt Acknowledging that information has been received
Confirmation Acknowledging that services have been provided
OwnershipProviding an entity with the legal right to use or transfer a resource to others
Anonymity Concealing the identity of an entity involved in some process
Nonrepudiation Preventing the denial of previous commitments or actions
Revocation Retracting certification or authorization
So you want to know how to be very successful in security? Well in a Based on the security
objectives in the following table; design an enterprise encryption strategy-a public key
infrastructure (PKI) that supports internal employees, external business partners, and clients.
Include the design and reasoning for using the selected encryption strategy. Have a secure
network takes a lot of work and has to be monitored 24 hours a day 7 days a week. There are
many different ways to go about this topic the one I am going to pick is a public key
infrastructure (PKI).
One security options that can be used is the Privacy or confidentiality. Using this will help keep
information confidently from others or outsiders unless you are authorized. This will keep
employees from finding things such as SSN (social security numbers), personal home address,
and/or documents that may be considered sensitive. Having this as a security option is an all-
around good idea. I would implement this on all of the networks/domains that I would manage.
This PKI card will give access to the following. Entering the building, Access to specific areas of
the building, The ability to open encrypted messages/email, The ability to sign-in/log-off of your
company pc, Punch-in and Punch-out of time clock, and Specific access to certain applications
and folders. All new employees must fill-out proper paperwork given by the building security
© ITT Educational Services Page 2
NT2580: Unit 7 Design an Encryption Strategy
team. After that paperwork has been filled-out, a picture will be taken to place onto the card.
The same process will follow if your PKI card is lost. The PKI card will roll out in 30 days, once
your card is received please follow the instructions given to activate the card. The PKI cards will
differentiate between the U.S. and foreign countries, but security policies will work within the
United States at every location. Any other personnel will receive a “Visitors” badge for
temporary access. There are a number of many different features to implement on these.
http://www.studymode.com/essays/Nt2580-46141881.html
© ITT Educational Services Page 3