Richman Investments requires strict network access controls and monitoring of internet usage. Specific prohibited activities include file sharing, downloading executables, copyright violations, port scanning, denial of service attacks, unsolicited emailing, and accessing adult content. The document asks to define an acceptable use policy for Richman's internet connection that restricts usage and allows monitoring, considering implications on IT infrastructure and users.
A) Richman Investments requires the enforcement of strict ingre.docx
1. A) Richman Investments requires the enforcement of strict
ingress-egress filtering policies for network traffic. Certain
traffic is expressly forbidden:
No peer-to-peer file sharing or externally reachable file
transfer protocol (FTP) servers
No downloading executables from known software sites
No unauthorized redistribution of licensed or copyrighted
material
No exporting internal software or technical material in
violation of export control laws
No
introduction
of malicious programs into networks or onto systems
No accessing unauthorized internal resources or information
from external sources
No port scanning or data interception on the network
No denying service or circumventing authentication to
legitimate users
No using programs, scripts, or commands to interfere with
other network users
No sending unsolicited email messages or junk mail to
company recipients
2. No accessing adult content from company resources
No remote connections from systems failing to meet minimum
security requirements
Building on the Internet and email use policy you created for
Richman in a previous assignment, define a LAN-to-WAN,
Internet, and web surfing AUP that restricts usage of the
company’s Internet connection and permits the company to
monitor usage of the corporate Internet connection. Carefully
evaluate the implications of the policy and how implementations
might impact the IT infrastructure, both positively and
negatively. Weigh the benefits and the disadvantages of each
method. Consider whether or not a proposed solution causes an
interruption to legitimate users and how it might enhance
security at the expense of preventing a perfectly legitimate
activity.
Required Resources
Internet access
Submission Requirements
Format: Microsoft Word or compatible
Font: Times New Romans 12-point, double-spaced
Citation Style: APA
Length: 1–2 pages
3. Self-Assessment Checklist
I defined an effective LAN-to-WAN, Internet, and web surfing
AUP.
I evaluated the implications of the policy.
I carefully considered the benefits and disadvantages of each
policy enforcement control.
I proposed strong ideas for acceptable and unacceptable
resource usage.
I followed the submission guidelines.
B) Enhance an Existing IT Security Policy Framework
Learning Objectives and Outcomes
§ Research standards.
§ Write a remote access standard.
§ Describe how procedures and guidelines fit within an IT
security policy framework.
Assignment Requirements
You will receive the text sheet entitled “Existing IT Security
Policy Framework.” It contains a scenario and an illustration of
a portion of a company's security policy framework. After
4. studying the text sheet, complete the following tasks:
1. Research remote access standards on the Internet. For the
given scenario, write a draft Remote Access Standard that will
reduce the occurrence of risks, threats, and vulnerabilities in the
Remote Access Domain of an IT infrastructure. Include the
minimum remote computer configurations, the use of anti-
malware software, and the secure virtual private network (VPN)
access in the Remote Access Standard.
2. Indicate the names of procedures or guidelines you would
add under the Remote Access Standard.
Required Resources
Text sheet: Existing IT Security Policy Framework
(ts_policyframework)
Internet access
Submission Requirements
Format: Microsoft Word or compatible
Font: Times New Romans 12-point, double-spaced
Citation Style: APA
Length: 1–2 pages
Self-Assessment Checklist
5. I wrote an appropriate Remote Access Standard, which includes
the minimum remote computer configurations, the use of anti-
malware software, and the secure VPN access.
I included the names of at least two procedures or guidelines
that would appear under the Remote Access Standard in the
framework.
I followed the submission guidelines.