SlideShare a Scribd company logo

Design and Implement Security Operat.docx

Download as DOCX, PDF
T
theodorelove43763

D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices LAB #10 – ASSESSMENT WORKSHEET A Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview Review the deliverables you created for Lab #6 and Lab #8, including the following: From Lab #6: • Block diagram of a LAN-to-WAN DMZ in Microsoft® PowerPoint, Visio, or OpenOffice; • Functional overview document explaining your DMZ and LAN-to-WAN security solution; • Your answers to the Lab #6 Assessment Questions and Answers. From Lab #8: • Block diagram design of the Mock IT infrastructure components in Microsoft® PowerPoint or Visio; • Functional overview document explaining each of the security controls and security countermeasures enabled within each block/component; • Your answers to the Lab #8 Assessment Questions and Answers. Security Monitoring and Operations Management Rationale Using the information just reviewed as the basis for your answer, develop a short text document (no more than two pages) detailing your rationale for why a security monitoring and operations management strategy is critical. Note: To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:\Security_ Strategies\) using the File Transfer function. 10 Assessment Worksheet A 147 38504_LB10_Pass1.indd 147 26/02/13 6:35 PM LAB #10 – ASSESSMENT WORKSHEET B Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview Work alone or in a small group and formulate a strategy for implementing a security operations management best practices policy for the Cisco Mock IT infrastructure. Reference the deliverables you submitted for Lab #6 and Lab #8 as part of your discussion. Answer the following questions and indicate, where possible, how tools like Splunk contribute to the overall strategy you develop. Record your strategy in a text document of no longer than five pages and provide it to your instructor as a deliverable for this lab. Note: To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:\Security_ Strategies\) using the File Transfer fun.

Education
1 of 25
D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices LAB #10 – ASSESSMENT WORKSHEET A Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name:
Instructor Name: Lab Due Date: Overview Review the deliverables you created for Lab #6 and Lab #8, including the following: From Lab #6: • Block diagram of a LAN-to-WAN DMZ in Microsoft® PowerPoint, Visio, or OpenOffice; • Functional overview document explaining your DMZ and LAN-to-WAN security solution; • Your answers to the Lab #6 Assessment Questions and Answers. From Lab #8: • Block diagram design of the Mock IT infrastructure components in Microsoft® PowerPoint or Visio; • Functional overview document explaining each of the security controls and security countermeasures enabled within each block/component; • Your answers to the Lab #8 Assessment Questions and Answers. Security Monitoring and Operations Management Rationale Using the information just reviewed as the basis for your answer, develop a short text document (no more than two pages) detailing your rationale for why a security monitoring and operations management strategy is critical. Note: To successfully complete this deliverable, you will need access
to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:Security_ Strategies) using the File Transfer function. 10 Assessment Worksheet A 147 38504_LB10_Pass1.indd 147 26/02/13 6:35 PM LAB #10 – ASSESSMENT WORKSHEET B Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview Work alone or in a small group and formulate a strategy for implementing a security operations management best practices policy for the Cisco Mock IT infrastructure. Reference the deliverables you submitted for Lab #6 and Lab #8 as part of your discussion. Answer the following
questions and indicate, where possible, how tools like Splunk contribute to the overall strategy you develop. Record your strategy in a text document of no longer than five pages and provide it to your instructor as a deliverable for this lab. Note: To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:Security_ Strategies) using the File Transfer function. Network/Security Assessment Questionnaire Network Assessment – Required Information 1. Do you have detailed logical network drawings? If so, please attach. 148 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 148 26/02/13 6:35 PM D esig
n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 2. What Directory service, if any, is in use? 3. How many network elements do you have? List each, including make and model or attach list. 4. Have you configured multiple networks on this infrastructure? 5. What internal (RFC1918 or otherwise not-Internet-routable) IP address ranges do you use? 6. What external (Internet routable) address ranges do you use?
7. What protocols are in use on your network? 10 Assessment Worksheet B 149 38504_LB10_Pass1.indd 149 26/02/13 6:35 PM 8. What is the role of each network? (Attach list if multiple networks.) 9. How many hosts do you have on the network? 10. What operating systems are used among your servers and workstations? 11. What applications rely on your network(s)? 12. How many Internet-exposed servers are on your network? 13. What applications do you use to manage your network(s)? 150 Lab #10 | Design and Implement Security Operations Management Best Practices
38504_LB10_Pass1.indd 150 26/02/13 6:35 PM D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 14. What geographic locations connect to your network(s)? 15. What are your future growth plans for your network(s)? Security Assessment – Required Information 1. Do you have firewalls, ACLs, or other types of traffic filters
in place within your network? If yes, please describe. 2. What is the general firewall policy: Default permit, default deny inbound, default permit outbound? 3. Do you have any other filtering technologies implemented at the network or host level, such as data leakage prevention, spam filtering, and Web application firewall or other? If so, please describe. 4. Do you use wireless networking? If so, what types? What wireless security measures are in place? 10 Assessment Worksheet B 151 38504_LB10_Pass1.indd 151 26/02/13 6:35 PM 5. Do you use any of the following technologies, and if so, what model: a. IDS/IPS: b. Antivirus: c. Anti-spyware or anti-spam: d. Desktop encryption:
e. Other: 6. Do you use VPNs to connect? If so, what type and vendor of VPN software do you use? 7. What services are permitted inbound to your network? Such as SMTP, DNS, HTTP, FTP, or other? 8. Are the servers delivering these services in a DMZ? 9. Are your various system logs aggregated to a central location for monitoring and analysis? 10. Do you have a patch management system in place? If so, please describe. 152 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 152 26/02/13 6:35 PM D esig n and Im p
lem ent Security O p eratio ns M anag em ent B est Practices LAB #10 – ASSESSMENT WORKSHEET C Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you used the Splunk administration tool to develop a standard operating procedure for imple- menting security operations best practices. After exploring the main areas of Splunk, you used it to create a security monitoring and alerting solution. You also worked alone or in a small groups to organize and
prioritize the information about network, IT, and security assets into a security operations management best practices deliverable based on your work in the two paper-based labs for this couse. Lab Assessment Questions & Answers 1. During the lab demo, how did you connect to the Splunk management tool? 2. What are the main functions of Splunk that were demonstrated in the lab and why do they help build more secure operations? 10 Assessment Worksheet C 153 38504_LB10_Pass1.indd 153 26/02/13 6:35 PM 3. What types of “Data Inputs” are available in Splunk and most other log management tools? 4. What types of “Alert Conditions” are available in Splunk and most other log management tools? 5. What is the search string for the “Top five sourcetypes” preconfigured Search? 6. Describe at least three examples of security- or operations-
related Windows Management Reports and Searches that are preconfigured and available within Splunk. 154 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 154 26/02/13 6:35 PM D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 7. What Chart Types are available for a search or report within Splunk?
8. Based on the information you learned in the Getting started module of Splunk, which preconfigured search would you wish to receive via the Alerts feature described? Explain the reasoning behind sched- uling this particular alert. How will this alert help your goal of implementing security operations management best practices? 10 Assessment Worksheet C 155 38504_LB10_Pass1.indd 155 26/02/13 6:35 PM 38504_LB10_Pass1.indd 156 26/02/13 6:35 PM Course Name and Number: Student Name: Instructor Name: Lab Due Date: Course Name and Number_2: Student Name_2: Instructor Name_2: Lab Due Date_2: 1 Do you have detailed logical network drawings If so please attach 1: 1 Do you have detailed logical network drawings If so please attach 2: 1 Do you have detailed logical network drawings If so please attach 3: 1 Do you have detailed logical network drawings If so please attach 4: 2 What Directory service if any is in use 1: 2 What Directory service if any is in use 2: 2 What Directory service if any is in use 3: 2 What Directory service if any is in use 4: 3 How many network elements do you have List each including make and model or attach list 1: 3 How many network elements do you have List each including make and model or attach list 2: 3 How many network elements do you have List each including make and model or attach list 3: 3 How many network elements do you have List each including make and model or
attach list 4: 4 Have you configured multiple networks on this infrastructure 1: 4 Have you configured multiple networks on this infrastructure 2: 4 Have you configured multiple networks on this infrastructure 3: 4 Have you configured multiple networks on this infrastructure 4: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 1: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 2: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 3: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 4: 6 What external Internet routable address ranges do you use 1: 6 What external Internet routable address ranges do you use 2: 6 What external Internet routable address ranges do you use 3: 6 What external Internet routable address ranges do you use 4: 7 What protocols are in use on your network 1: 7 What protocols are in use on your network 2: 7 What protocols are in use on your network 3: 7 What protocols are in use on your network 4: 8 What is the role of each network Attach list if multiple networks 1: 8 What is the role of each network Attach list if multiple networks 2: 8 What is the role of each network Attach list if multiple networks 3: 8 What is the role of each network Attach list if multiple networks 4: 9 How many hosts do you have on the network 1: 9 How many hosts do you have on the network 2: 9 How many hosts do you have on the network 3: 9 How many hosts do you have on the network 4: 10 What operating systems are used among your servers and workstations 1: 10 What operating systems are used among your servers and workstations 2: 10 What operating systems are used among your servers and workstations 3: 10 What operating systems are used among your servers and workstations 4: 11 What applications rely on your networks 1: 11 What applications rely on your networks 2: 11 What applications rely on your networks 3: 11 What applications rely on your networks 4: 12 How many Internetexposed servers are on your network 1: 12 How many Internetexposed servers are on your network 2: 12 How many
Internetexposed servers are on your network 3: 12 How many Internetexposed servers are on your network 4: 13 What applications do you use to manage your networks 1: 13 What applications do you use to manage your networks 2: 13 What applications do you use to manage your networks 3: 13 What applications do you use to manage your networks 4: 14 What geographic locations connect to your networks 1: 14 What geographic locations connect to your networks 2: 14 What geographic locations connect to your networks 3: 14 What geographic locations connect to your networks 4: 15 What are your future growth plans for your networks 1: 15 What are your future growth plans for your networks 2: 15 What are your future growth plans for your networks 3: 15 What are your future growth plans for your networks 4: describe 1: describe 2: describe 3: describe 4: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 1: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 2: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 3: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 4: leakage prevention spam filtering and Web application firewall or other If so please describe 1: leakage prevention spam filtering and Web application firewall or other If so please describe 2: leakage prevention spam filtering and Web application firewall or other If so please describe 3: leakage prevention spam filtering and Web application firewall or other If so please describe 4: 4 Do you use wireless networking If so what types What wireless security measures are in place 1: 4 Do you use wireless networking If so what types What wireless security measures are in place 2: 4 Do you use wireless networking If so what types What wireless security measures are in place 3: 4 Do you use wireless networking If so what types What wireless security measures are in place 4: 5 Do you use any of the following technologies and if so what model: Antivirus: undefined: Antispyware or antispam: d Desktop encryption: 6
Do you use VPNs to connect If so what type and vendor of VPN software do you use 1: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 2: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 3: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 4: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 1: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 2: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 3: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 4: 8 Are the servers delivering these services in a DMZ 1: 8 Are the servers delivering these services in a DMZ 2: 8 Are the servers delivering these services in a DMZ 3: 8 Are the servers delivering these services in a DMZ 4: 9 Are your various system logs aggregated to a central location for monitoring and analysis 1: 9 Are your various system logs aggregated to a central location for monitoring and analysis 2: 9 Are your various system logs aggregated to a central location for monitoring and analysis 3: 9 Are your various system logs aggregated to a central location for monitoring and analysis 4: 10 Do you have a patch management system in place If so please describe 1: 10 Do you have a patch management system in place If so please describe 2: 10 Do you have a patch management system in place If so please describe 3: 10 Do you have a patch management system in place If so please describe 4: Course Name and Number_3: Student Name_3: Instructor Name_3: Lab Due Date_3: 1 During the lab demo how did you connect to the Splunk management tool 1: 1 During the lab demo how did you connect to the Splunk management tool 2: 1 During the lab demo how did you connect to the Splunk management tool 3: 1 During the lab demo how did you connect to the Splunk management tool 4: more secure operations 1: more secure operations 2: more secure operations 3: more secure operations 4: more secure operations 5: 3 What types of
Data Inputs are available in Splunk and most other log management tools 1: 3 What types of Data Inputs are available in Splunk and most other log management tools 2: 3 What types of Data Inputs are available in Splunk and most other log management tools 3: 3 What types of Data Inputs are available in Splunk and most other log management tools 4: 3 What types of Data Inputs are available in Splunk and most other log management tools 5: 3 What types of Data Inputs are available in Splunk and most other log management tools 6: 4 What types of Alert Conditions are available in Splunk and most other log management tools 1: 4 What types of Alert Conditions are available in Splunk and most other log management tools 2: 4 What types of Alert Conditions are available in Splunk and most other log management tools 3: 4 What types of Alert Conditions are available in Splunk and most other log management tools 4: 5 What is the search string for the Top five sourcetypes preconfigured Search 1: 5 What is the search string for the Top five sourcetypes preconfigured Search 2: 5 What is the search string for the Top five sourcetypes preconfigured Search 3: 5 What is the search string for the Top five sourcetypes preconfigured Search 4: Searches that are preconfigured and available within Splunk 1: Searches that are preconfigured and available within Splunk 2: Searches that are preconfigured and available within Splunk 3: Searches that are preconfigured and available within Splunk 4: Searches that are preconfigured and available within Splunk 5: Searches that are preconfigured and available within Splunk 6: Searches that are preconfigured and available within Splunk 7: 7 What Chart Types are available for a search or report within Splunk 1: 7 What Chart Types are available for a search or report within Splunk 2: 7 What Chart Types are available for a search or report within Splunk 3: 7 What Chart Types are available for a search or report within Splunk 4: 7 What Chart Types are available for a search or report within Splunk 5: management best practices 1: management best practices 2: management best practices 3: management best practices 4:
LAB #9 – ASSESSMENT SPREADSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Internal Firewall Policy Definition Configure your “TargetUbuntu02” desktop Linux internal host IP stateful firewall according to the following policy definition. Test and validate your implementation after you configure it based on the policy definition. The following is your Ubuntu internal firewall policy definition: • Deny incoming traffic • Deny the following specific applications: • TFTP • Telnet • SNMP • ICMP • FTP
• Allow the following specific applications under “Advanced” settings: • SSH • SMTP • POP3 • HTTPS • HTTP Make a screen capture of the changes you made to the configuration and paste it into the text document. Use the File Transfer button to download the text file to your local computer and submit it as part of your deliverables. 130 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 130 25/02/13 3:00 PM C o nstruct a Linux H o st Firew all and
M o nito r fo r IP Traffi c LAB #9 – ASSESSMENT WORkSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured the Gufw Ubuntu host IP stateful firewall as an internal service running on the Linux desktop. By defining what IP traffic is allowed and what IP traffic is denied, you implemented another layer of security in your overall layered security strategy. In addition, you explored some useful network management and security operation tools, which can be enabled to monitor your IP traffic and security functions. Lab Assessment Questions & Answers 1. Briefly explain how the Gufw internal Ubuntu host IP stateful firewall can be used in a layered security
strategy at the workstation domain level. 2. Briefly explain how each of the Linux-based tools demonstrated in this lab can be used to monitor bandwidth, protocol, and network traffic information. 9 Assessment Worksheet 131 38504_LB09_Pass1.indd 131 25/02/13 3:00 PM 3. Given that the Ubuntu internal firewall is not installed by default, should you enable this firewall if your organization already has a firewall? Why or why not? 4. How do you block specific ports and IP ranges from communicating via TCP/IP to and from your Ubuntu Target VM using Gufw? 5. Other than Deny or Allow incoming connections, what other options are available in Ubuntu’s internal firewall? Why would they include any additional option? 6. What usefulness is there in monitoring IP traffic to and from an individual workstation or server? 132 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 132 25/02/13 3:00 PM C
o nstruct a Linux H o st Firew all and M o nito r fo r IP Traffi c 7. How are you going to test if your internal firewall configuration is working properly? 8. This is a two–part, real-world scenario question. Read the REQUIREMENTS section. Then, based on the requirements, answer PART A with a technical solution using the tools demonstrated in this lab and answer PART B with a written explanation and justification for your solution. You must use at least two of the following Linux-based IP monitor tools presented in this lab in your real- world example: bmon, iftop, pktstat, iperf, and/or tcptrack. REQUIREMENTS: A strategy is required to effectively monitor IP traffic on an individual server as well as many servers on a “point in time” as well as on an “over
time” basis. There is also a requirement to automate the alerting of potential issues based on changes in network utilization. PART A: Give a real-world example of how you could meet this requirement with the use of tools presented in this lab and the use of any other available resources, such as scripts, alerts, output formats, or scheduled tasks (i.e., cron jobs). 9 Assessment Worksheet 133 38504_LB09_Pass1.indd 133 25/02/13 3:00 PM PART B: Explain the usefulness and benefits of your real- world example to an organization and support your reasoning with technical facts and security in mind. Did you meet the requirements? Why or why not? 134 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 134 25/02/13 3:00 PM Course Name and Number: Student Name: Instructor Name: Lab Due Date: Course Name and Number_2: Student Name_2: Instructor Name_2: Lab Due Date_2: strategy at the workstation domain level 1: strategy at the workstation domain level 2: strategy at the workstation domain level 3: strategy at the workstation domain level 4: bandwidth protocol and network traffic information 1: bandwidth protocol and network traffic information 2: bandwidth protocol and network traffic
information 3: bandwidth protocol and network traffic information 4: bandwidth protocol and network traffic information 5: organization already has a firewall Why or why not 1: organization already has a firewall Why or why not 2: organization already has a firewall Why or why not 3: organization already has a firewall Why or why not 4: Target VM using Gufw 1: Target VM using Gufw 2: Target VM using Gufw 3: Target VM using Gufw 4: firewall Why would they include any additional option 1: firewall Why would they include any additional option 2: firewall Why would they include any additional option 3: firewall Why would they include any additional option 4: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 1: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 2: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 3: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 4: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 5: 7 How are you going to test if your internal firewall configuration is working properly 1: 7 How are you going to test if your internal firewall configuration is working properly 2: 7 How are you going to test if your internal firewall configuration is working properly 3: 7 How are you going to test if your internal firewall configuration is working properly 4: scheduled tasks ie cron jobs 1: scheduled tasks ie cron jobs 2: scheduled tasks ie cron jobs 3: scheduled tasks ie cron jobs 4: scheduled tasks ie cron jobs 5: scheduled tasks ie cron jobs 6: scheduled tasks ie cron jobs 7: Why or why not 1: Why or why not 2: Why or why not 3: Why or why not 4: Why or why not 5: Why or why not 6: Why or why not 7: Why or why not 8:
Design and Implement Security Operat.docx

Recommended

CST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Achievement Education--cst630rank.comCST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Achievement Education--cst630rank.comkopiko147
 
CST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.comCST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.comagathachristie266
 
CST 630 RANK Educational Specialist--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.comCST 630 RANK Educational Specialist--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.comVSNaipaul15
 
CST 630 RANK Inspiring Innovation--cst630rank.com
CST 630 RANK Inspiring Innovation--cst630rank.comCST 630 RANK Inspiring Innovation--cst630rank.com
CST 630 RANK Inspiring Innovation--cst630rank.comKeatonJennings104
 
CST 630 RANK Become Exceptional--cst630rank.com
CST 630 RANK Become Exceptional--cst630rank.comCST 630 RANK Become Exceptional--cst630rank.com
CST 630 RANK Become Exceptional--cst630rank.comagathachristie113
 
CST 630 RANK Redefined Education--cst630rank.com
CST 630 RANK Redefined Education--cst630rank.comCST 630 RANK Redefined Education--cst630rank.com
CST 630 RANK Redefined Education--cst630rank.comclaric241
 
CST 630 RANK Remember Education--cst630rank.com
CST 630 RANK Remember Education--cst630rank.comCST 630 RANK Remember Education--cst630rank.com
CST 630 RANK Remember Education--cst630rank.comchrysanthemu49
 
member is a security software architect in a cloud service provider .docx
member is a security software architect in a cloud service provider .docxmember is a security software architect in a cloud service provider .docx
member is a security software architect in a cloud service provider .docxwkyra78
 

Recommended

CST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Achievement Education--cst630rank.comCST 630 RANK Achievement Education--cst630rank.com
CST 630 RANK Achievement Education--cst630rank.comkopiko147
 
CST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.comCST 630 RANK Introduction Education--cst630rank.com
CST 630 RANK Introduction Education--cst630rank.comagathachristie266
 
CST 630 RANK Educational Specialist--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.comCST 630 RANK Educational Specialist--cst630rank.com
CST 630 RANK Educational Specialist--cst630rank.comVSNaipaul15
 
CST 630 RANK Inspiring Innovation--cst630rank.com
CST 630 RANK Inspiring Innovation--cst630rank.comCST 630 RANK Inspiring Innovation--cst630rank.com
CST 630 RANK Inspiring Innovation--cst630rank.comKeatonJennings104
 
CST 630 RANK Become Exceptional--cst630rank.com
CST 630 RANK Become Exceptional--cst630rank.comCST 630 RANK Become Exceptional--cst630rank.com
CST 630 RANK Become Exceptional--cst630rank.comagathachristie113
 
CST 630 RANK Redefined Education--cst630rank.com
CST 630 RANK Redefined Education--cst630rank.comCST 630 RANK Redefined Education--cst630rank.com
CST 630 RANK Redefined Education--cst630rank.comclaric241
 
CST 630 RANK Remember Education--cst630rank.com
CST 630 RANK Remember Education--cst630rank.comCST 630 RANK Remember Education--cst630rank.com
CST 630 RANK Remember Education--cst630rank.comchrysanthemu49
 
member is a security software architect in a cloud service provider .docx
member is a security software architect in a cloud service provider .docxmember is a security software architect in a cloud service provider .docx
member is a security software architect in a cloud service provider .docxwkyra78
 
Cst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.comCst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.comMcdonaldRyan79
 
Cst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.comCst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.comBaileyabw
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comPrescottLunt385
 
CST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.comCST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.comDavisMurphyA97
 
CST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.comCST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.comdonaldzs8
 
Cst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.comCst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.comrobertlesew6
 
Cst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.comCst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.comDavis11a
 
01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docx01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docxhoney725342
 
Unit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docxUnit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docxdickonsondorris
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksJoseph Holbrook, Chief Learning Officer (CLO)
 
ITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons LearnedITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons LearnedJoão Pedro Martins
 
Cryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docxCryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docxmydrynan
 
Final ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to tFinal ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to tChereCheek752
 
Level 3 IT Principles Overview
Level 3 IT Principles OverviewLevel 3 IT Principles Overview
Level 3 IT Principles OverviewStellaITEC
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk courseGreg Hanchin
 
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docxDesign Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docxcarolinef5
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 courseGreg Hanchin
 
W5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docxW5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docxjessiehampson
 
Enterprise Project Management Essential #3
Enterprise Project Management Essential #3Enterprise Project Management Essential #3
Enterprise Project Management Essential #3Nah Wee Yang
 
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docxExam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docxtheodorelove43763
 
Evolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docxEvolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docxtheodorelove43763
 

More Related Content

Similar to Design and Implement Security Operat.docx

Cst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.comCst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.comMcdonaldRyan79
 
Cst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.comCst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.comBaileyabw
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comPrescottLunt385
 
CST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.comCST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.comDavisMurphyA97
 
CST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.comCST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.comdonaldzs8
 
Cst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.comCst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.comrobertlesew6
 
Cst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.comCst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.comDavis11a
 
01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docx01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docxhoney725342
 
Unit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docxUnit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docxdickonsondorris
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
 
ITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons LearnedITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons LearnedJoão Pedro Martins
 
Cryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docxCryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docxmydrynan
 
Final ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to tFinal ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to tChereCheek752
 
Level 3 IT Principles Overview
Level 3 IT Principles OverviewLevel 3 IT Principles Overview
Level 3 IT Principles OverviewStellaITEC
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk courseGreg Hanchin
 
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docxDesign Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docxcarolinef5
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 courseGreg Hanchin
 
W5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docxW5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docxjessiehampson
 
Enterprise Project Management Essential #3
Enterprise Project Management Essential #3Enterprise Project Management Essential #3
Enterprise Project Management Essential #3Nah Wee Yang
 

Similar to Design and Implement Security Operat.docx (20)

Cst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.comCst 630Education Specialist / snaptutorial.com
Cst 630Education Specialist / snaptutorial.com
 
Cst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.comCst 630 Enhance teaching / snaptutorial.com
Cst 630 Enhance teaching / snaptutorial.com
 
Cst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.comCst 630 Inspiring Innovation--tutorialrank.com
Cst 630 Inspiring Innovation--tutorialrank.com
 
CST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.comCST 630 Exceptional Education - snaptutorial.com
CST 630 Exceptional Education - snaptutorial.com
 
CST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.comCST 630 Effective Communication - snaptutorial.com
CST 630 Effective Communication - snaptutorial.com
 
Cst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.comCst 630 Education Organization-snaptutorial.com
Cst 630 Education Organization-snaptutorial.com
 
Cst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.comCst 630 Believe Possibilities / snaptutorial.com
Cst 630 Believe Possibilities / snaptutorial.com
 
01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docx01-01-2017 This section will lay out the implementation plan o.docx
01-01-2017 This section will lay out the implementation plan o.docx
 
Unit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docxUnit1 - Individual Project Due on 03292014A company wan.docx
Unit1 - Individual Project Due on 03292014A company wan.docx
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
 
ITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons LearnedITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
ITARC15 Workshop - Architecting a Large Software Project - Lessons Learned
 
Cryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docxCryptography is the application of algorithms to ensure the confiden.docx
Cryptography is the application of algorithms to ensure the confiden.docx
 
Final ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to tFinal ProjectCreate a Security Lab Tutorial Look back to t
Final ProjectCreate a Security Lab Tutorial Look back to t
 
Level 3 IT Principles Overview
Level 3 IT Principles OverviewLevel 3 IT Principles Overview
Level 3 IT Principles Overview
 
Administering Splunk course
Administering Splunk courseAdministering Splunk course
Administering Splunk course
 
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docxDesign Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
Design Document – Week 1 – ProposalCourse ID IT 491 CAPSTONE .docx
 
Administering splunk 43 course
Administering splunk 43 courseAdministering splunk 43 course
Administering splunk 43 course
 
W5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docxW5 Technologies for Decision MakingGraded Discussion  Technolo.docx
W5 Technologies for Decision MakingGraded Discussion  Technolo.docx
 
Enterprise Project Management Essential #3
Enterprise Project Management Essential #3Enterprise Project Management Essential #3
Enterprise Project Management Essential #3
 

More from theodorelove43763

Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docxExam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docxtheodorelove43763
 
Evolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docxEvolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docxtheodorelove43763
 
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docx
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docxexam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docx
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docxtheodorelove43763
 
Evolution of Terrorism300wrdDo you think terrorism has bee.docx
Evolution of Terrorism300wrdDo you think terrorism has bee.docxEvolution of Terrorism300wrdDo you think terrorism has bee.docx
Evolution of Terrorism300wrdDo you think terrorism has bee.docxtheodorelove43763
 
Evidence-based practice is an approach to health care where health c.docx
Evidence-based practice is an approach to health care where health c.docxEvidence-based practice is an approach to health care where health c.docx
Evidence-based practice is an approach to health care where health c.docxtheodorelove43763
 
Evidence-Based EvaluationEvidence-based practice is importan.docx
Evidence-Based EvaluationEvidence-based practice is importan.docxEvidence-Based EvaluationEvidence-based practice is importan.docx
Evidence-Based EvaluationEvidence-based practice is importan.docxtheodorelove43763
 
Evidence TableStudy CitationDesignMethodSampleData C.docx
Evidence TableStudy CitationDesignMethodSampleData C.docxEvidence TableStudy CitationDesignMethodSampleData C.docx
Evidence TableStudy CitationDesignMethodSampleData C.docxtheodorelove43763
 
Evidence SynthesisCritique the below evidence synthesis ex.docx
Evidence SynthesisCritique the below evidence synthesis ex.docxEvidence SynthesisCritique the below evidence synthesis ex.docx
Evidence SynthesisCritique the below evidence synthesis ex.docxtheodorelove43763
 
Evidence Collection PolicyScenarioAfter the recent secur.docx
Evidence Collection PolicyScenarioAfter the recent secur.docxEvidence Collection PolicyScenarioAfter the recent secur.docx
Evidence Collection PolicyScenarioAfter the recent secur.docxtheodorelove43763
 
Everyone Why would companies have quality programs even though they.docx
Everyone Why would companies have quality programs even though they.docxEveryone Why would companies have quality programs even though they.docx
Everyone Why would companies have quality programs even though they.docxtheodorelove43763
 
Even though technology has shifted HRM to strategic partner, has thi.docx
Even though technology has shifted HRM to strategic partner, has thi.docxEven though technology has shifted HRM to strategic partner, has thi.docx
Even though technology has shifted HRM to strategic partner, has thi.docxtheodorelove43763
 
Even though people are aware that earthquakes and volcanoes typi.docx
Even though people are aware that earthquakes and volcanoes typi.docxEven though people are aware that earthquakes and volcanoes typi.docx
Even though people are aware that earthquakes and volcanoes typi.docxtheodorelove43763
 
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docx
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docxEvaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docx
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docxtheodorelove43763
 
Evaluation Title Research DesignFor this first assignment, .docx
Evaluation Title Research DesignFor this first assignment, .docxEvaluation Title Research DesignFor this first assignment, .docx
Evaluation Title Research DesignFor this first assignment, .docxtheodorelove43763
 
Evaluation is the set of processes and methods that managers and sta.docx
Evaluation is the set of processes and methods that managers and sta.docxEvaluation is the set of processes and methods that managers and sta.docx
Evaluation is the set of processes and methods that managers and sta.docxtheodorelove43763
 
Evaluation Plan with Policy RecommendationAfter a program ha.docx
Evaluation Plan with Policy RecommendationAfter a program ha.docxEvaluation Plan with Policy RecommendationAfter a program ha.docx
Evaluation Plan with Policy RecommendationAfter a program ha.docxtheodorelove43763
 
Evaluating 19-Channel Z-score Neurofeedback Addressi.docx
Evaluating 19-Channel Z-score Neurofeedback Addressi.docxEvaluating 19-Channel Z-score Neurofeedback Addressi.docx
Evaluating 19-Channel Z-score Neurofeedback Addressi.docxtheodorelove43763
 
Evaluate the history of the Data Encryption Standard (DES) and then .docx
Evaluate the history of the Data Encryption Standard (DES) and then .docxEvaluate the history of the Data Encryption Standard (DES) and then .docx
Evaluate the history of the Data Encryption Standard (DES) and then .docxtheodorelove43763
 
Evaluate the Health History and Medical Information for Mrs. J.,.docx
Evaluate the Health History and Medical Information for Mrs. J.,.docxEvaluate the Health History and Medical Information for Mrs. J.,.docx
Evaluate the Health History and Medical Information for Mrs. J.,.docxtheodorelove43763
 
Evaluate the environmental factors that contribute to corporate mana.docx
Evaluate the environmental factors that contribute to corporate mana.docxEvaluate the environmental factors that contribute to corporate mana.docx
Evaluate the environmental factors that contribute to corporate mana.docxtheodorelove43763
 

More from theodorelove43763 (20)

Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docxExam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
Exam Questions1. (Mandatory) Assess the strengths and weaknesse.docx
 
Evolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docxEvolving Leadership roles in HIM1. Increased adoption of hea.docx
Evolving Leadership roles in HIM1. Increased adoption of hea.docx
 
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docx
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docxexam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docx
exam 2 logiWhatsApp Image 2020-01-18 at 1.01.20 AM (1).jpeg.docx
 
Evolution of Terrorism300wrdDo you think terrorism has bee.docx
Evolution of Terrorism300wrdDo you think terrorism has bee.docxEvolution of Terrorism300wrdDo you think terrorism has bee.docx
Evolution of Terrorism300wrdDo you think terrorism has bee.docx
 
Evidence-based practice is an approach to health care where health c.docx
Evidence-based practice is an approach to health care where health c.docxEvidence-based practice is an approach to health care where health c.docx
Evidence-based practice is an approach to health care where health c.docx
 
Evidence-Based EvaluationEvidence-based practice is importan.docx
Evidence-Based EvaluationEvidence-based practice is importan.docxEvidence-Based EvaluationEvidence-based practice is importan.docx
Evidence-Based EvaluationEvidence-based practice is importan.docx
 
Evidence TableStudy CitationDesignMethodSampleData C.docx
Evidence TableStudy CitationDesignMethodSampleData C.docxEvidence TableStudy CitationDesignMethodSampleData C.docx
Evidence TableStudy CitationDesignMethodSampleData C.docx
 
Evidence SynthesisCritique the below evidence synthesis ex.docx
Evidence SynthesisCritique the below evidence synthesis ex.docxEvidence SynthesisCritique the below evidence synthesis ex.docx
Evidence SynthesisCritique the below evidence synthesis ex.docx
 
Evidence Collection PolicyScenarioAfter the recent secur.docx
Evidence Collection PolicyScenarioAfter the recent secur.docxEvidence Collection PolicyScenarioAfter the recent secur.docx
Evidence Collection PolicyScenarioAfter the recent secur.docx
 
Everyone Why would companies have quality programs even though they.docx
Everyone Why would companies have quality programs even though they.docxEveryone Why would companies have quality programs even though they.docx
Everyone Why would companies have quality programs even though they.docx
 
Even though technology has shifted HRM to strategic partner, has thi.docx
Even though technology has shifted HRM to strategic partner, has thi.docxEven though technology has shifted HRM to strategic partner, has thi.docx
Even though technology has shifted HRM to strategic partner, has thi.docx
 
Even though people are aware that earthquakes and volcanoes typi.docx
Even though people are aware that earthquakes and volcanoes typi.docxEven though people are aware that earthquakes and volcanoes typi.docx
Even though people are aware that earthquakes and volcanoes typi.docx
 
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docx
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docxEvaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docx
Evaluative Essay 2 Grading RubricCriteriaLevels of Achievement.docx
 
Evaluation Title Research DesignFor this first assignment, .docx
Evaluation Title Research DesignFor this first assignment, .docxEvaluation Title Research DesignFor this first assignment, .docx
Evaluation Title Research DesignFor this first assignment, .docx
 
Evaluation is the set of processes and methods that managers and sta.docx
Evaluation is the set of processes and methods that managers and sta.docxEvaluation is the set of processes and methods that managers and sta.docx
Evaluation is the set of processes and methods that managers and sta.docx
 
Evaluation Plan with Policy RecommendationAfter a program ha.docx
Evaluation Plan with Policy RecommendationAfter a program ha.docxEvaluation Plan with Policy RecommendationAfter a program ha.docx
Evaluation Plan with Policy RecommendationAfter a program ha.docx
 
Evaluating 19-Channel Z-score Neurofeedback Addressi.docx
Evaluating 19-Channel Z-score Neurofeedback Addressi.docxEvaluating 19-Channel Z-score Neurofeedback Addressi.docx
Evaluating 19-Channel Z-score Neurofeedback Addressi.docx
 
Evaluate the history of the Data Encryption Standard (DES) and then .docx
Evaluate the history of the Data Encryption Standard (DES) and then .docxEvaluate the history of the Data Encryption Standard (DES) and then .docx
Evaluate the history of the Data Encryption Standard (DES) and then .docx
 
Evaluate the Health History and Medical Information for Mrs. J.,.docx
Evaluate the Health History and Medical Information for Mrs. J.,.docxEvaluate the Health History and Medical Information for Mrs. J.,.docx
Evaluate the Health History and Medical Information for Mrs. J.,.docx
 
Evaluate the environmental factors that contribute to corporate mana.docx
Evaluate the environmental factors that contribute to corporate mana.docxEvaluate the environmental factors that contribute to corporate mana.docx
Evaluate the environmental factors that contribute to corporate mana.docx
 

Recently uploaded

Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 

Design and Implement Security Operat.docx

  • 1. D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices LAB #10 – ASSESSMENT WORKSHEET A Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name:
  • 2. Instructor Name: Lab Due Date: Overview Review the deliverables you created for Lab #6 and Lab #8, including the following: From Lab #6: • Block diagram of a LAN-to-WAN DMZ in Microsoft® PowerPoint, Visio, or OpenOffice; • Functional overview document explaining your DMZ and LAN-to-WAN security solution; • Your answers to the Lab #6 Assessment Questions and Answers. From Lab #8: • Block diagram design of the Mock IT infrastructure components in Microsoft® PowerPoint or Visio; • Functional overview document explaining each of the security controls and security countermeasures enabled within each block/component; • Your answers to the Lab #8 Assessment Questions and Answers. Security Monitoring and Operations Management Rationale Using the information just reviewed as the basis for your answer, develop a short text document (no more than two pages) detailing your rationale for why a security monitoring and operations management strategy is critical. Note: To successfully complete this deliverable, you will need access
  • 3. to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:Security_ Strategies) using the File Transfer function. 10 Assessment Worksheet A 147 38504_LB10_Pass1.indd 147 26/02/13 6:35 PM LAB #10 – ASSESSMENT WORKSHEET B Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview Work alone or in a small group and formulate a strategy for implementing a security operations management best practices policy for the Cisco Mock IT infrastructure. Reference the deliverables you submitted for Lab #6 and Lab #8 as part of your discussion. Answer the following
  • 4. questions and indicate, where possible, how tools like Splunk contribute to the overall strategy you develop. Record your strategy in a text document of no longer than five pages and provide it to your instructor as a deliverable for this lab. Note: To successfully complete this deliverable, you will need access to a text editor or word processor, such as Word. If you don’t have a word processor or graphics package, use OpenOffice on the student landing vWorkstation for your lab deliverables and to answer the lab assessment questions. To capture screenshots, press Prt Sc > mSPaINt, paste into a text document, and save the document in the Security_Strategies folder (C:Security_ Strategies) using the File Transfer function. Network/Security Assessment Questionnaire Network Assessment – Required Information 1. Do you have detailed logical network drawings? If so, please attach. 148 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 148 26/02/13 6:35 PM D esig
  • 5. n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 2. What Directory service, if any, is in use? 3. How many network elements do you have? List each, including make and model or attach list. 4. Have you configured multiple networks on this infrastructure? 5. What internal (RFC1918 or otherwise not-Internet-routable) IP address ranges do you use? 6. What external (Internet routable) address ranges do you use?
  • 6. 7. What protocols are in use on your network? 10 Assessment Worksheet B 149 38504_LB10_Pass1.indd 149 26/02/13 6:35 PM 8. What is the role of each network? (Attach list if multiple networks.) 9. How many hosts do you have on the network? 10. What operating systems are used among your servers and workstations? 11. What applications rely on your network(s)? 12. How many Internet-exposed servers are on your network? 13. What applications do you use to manage your network(s)? 150 Lab #10 | Design and Implement Security Operations Management Best Practices
  • 7. 38504_LB10_Pass1.indd 150 26/02/13 6:35 PM D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 14. What geographic locations connect to your network(s)? 15. What are your future growth plans for your network(s)? Security Assessment – Required Information 1. Do you have firewalls, ACLs, or other types of traffic filters
  • 8. in place within your network? If yes, please describe. 2. What is the general firewall policy: Default permit, default deny inbound, default permit outbound? 3. Do you have any other filtering technologies implemented at the network or host level, such as data leakage prevention, spam filtering, and Web application firewall or other? If so, please describe. 4. Do you use wireless networking? If so, what types? What wireless security measures are in place? 10 Assessment Worksheet B 151 38504_LB10_Pass1.indd 151 26/02/13 6:35 PM 5. Do you use any of the following technologies, and if so, what model: a. IDS/IPS: b. Antivirus: c. Anti-spyware or anti-spam: d. Desktop encryption:
  • 9. e. Other: 6. Do you use VPNs to connect? If so, what type and vendor of VPN software do you use? 7. What services are permitted inbound to your network? Such as SMTP, DNS, HTTP, FTP, or other? 8. Are the servers delivering these services in a DMZ? 9. Are your various system logs aggregated to a central location for monitoring and analysis? 10. Do you have a patch management system in place? If so, please describe. 152 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 152 26/02/13 6:35 PM D esig n and Im p
  • 10. lem ent Security O p eratio ns M anag em ent B est Practices LAB #10 – ASSESSMENT WORKSHEET C Design and Implement Security Operations Management Best Practices Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you used the Splunk administration tool to develop a standard operating procedure for imple- menting security operations best practices. After exploring the main areas of Splunk, you used it to create a security monitoring and alerting solution. You also worked alone or in a small groups to organize and
  • 11. prioritize the information about network, IT, and security assets into a security operations management best practices deliverable based on your work in the two paper-based labs for this couse. Lab Assessment Questions & Answers 1. During the lab demo, how did you connect to the Splunk management tool? 2. What are the main functions of Splunk that were demonstrated in the lab and why do they help build more secure operations? 10 Assessment Worksheet C 153 38504_LB10_Pass1.indd 153 26/02/13 6:35 PM 3. What types of “Data Inputs” are available in Splunk and most other log management tools? 4. What types of “Alert Conditions” are available in Splunk and most other log management tools? 5. What is the search string for the “Top five sourcetypes” preconfigured Search? 6. Describe at least three examples of security- or operations-
  • 12. related Windows Management Reports and Searches that are preconfigured and available within Splunk. 154 Lab #10 | Design and Implement Security Operations Management Best Practices 38504_LB10_Pass1.indd 154 26/02/13 6:35 PM D esig n and Im p lem ent Security O p eratio ns M anag em ent B est Practices 7. What Chart Types are available for a search or report within Splunk?
  • 13. 8. Based on the information you learned in the Getting started module of Splunk, which preconfigured search would you wish to receive via the Alerts feature described? Explain the reasoning behind sched- uling this particular alert. How will this alert help your goal of implementing security operations management best practices? 10 Assessment Worksheet C 155 38504_LB10_Pass1.indd 155 26/02/13 6:35 PM 38504_LB10_Pass1.indd 156 26/02/13 6:35 PM Course Name and Number: Student Name: Instructor Name: Lab Due Date: Course Name and Number_2: Student Name_2: Instructor Name_2: Lab Due Date_2: 1 Do you have detailed logical network drawings If so please attach 1: 1 Do you have detailed logical network drawings If so please attach 2: 1 Do you have detailed logical network drawings If so please attach 3: 1 Do you have detailed logical network drawings If so please attach 4: 2 What Directory service if any is in use 1: 2 What Directory service if any is in use 2: 2 What Directory service if any is in use 3: 2 What Directory service if any is in use 4: 3 How many network elements do you have List each including make and model or attach list 1: 3 How many network elements do you have List each including make and model or attach list 2: 3 How many network elements do you have List each including make and model or attach list 3: 3 How many network elements do you have List each including make and model or
  • 14. attach list 4: 4 Have you configured multiple networks on this infrastructure 1: 4 Have you configured multiple networks on this infrastructure 2: 4 Have you configured multiple networks on this infrastructure 3: 4 Have you configured multiple networks on this infrastructure 4: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 1: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 2: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 3: 5 What internal RFC1918 or otherwise notInternetroutable IP address ranges do you use 4: 6 What external Internet routable address ranges do you use 1: 6 What external Internet routable address ranges do you use 2: 6 What external Internet routable address ranges do you use 3: 6 What external Internet routable address ranges do you use 4: 7 What protocols are in use on your network 1: 7 What protocols are in use on your network 2: 7 What protocols are in use on your network 3: 7 What protocols are in use on your network 4: 8 What is the role of each network Attach list if multiple networks 1: 8 What is the role of each network Attach list if multiple networks 2: 8 What is the role of each network Attach list if multiple networks 3: 8 What is the role of each network Attach list if multiple networks 4: 9 How many hosts do you have on the network 1: 9 How many hosts do you have on the network 2: 9 How many hosts do you have on the network 3: 9 How many hosts do you have on the network 4: 10 What operating systems are used among your servers and workstations 1: 10 What operating systems are used among your servers and workstations 2: 10 What operating systems are used among your servers and workstations 3: 10 What operating systems are used among your servers and workstations 4: 11 What applications rely on your networks 1: 11 What applications rely on your networks 2: 11 What applications rely on your networks 3: 11 What applications rely on your networks 4: 12 How many Internetexposed servers are on your network 1: 12 How many Internetexposed servers are on your network 2: 12 How many
  • 15. Internetexposed servers are on your network 3: 12 How many Internetexposed servers are on your network 4: 13 What applications do you use to manage your networks 1: 13 What applications do you use to manage your networks 2: 13 What applications do you use to manage your networks 3: 13 What applications do you use to manage your networks 4: 14 What geographic locations connect to your networks 1: 14 What geographic locations connect to your networks 2: 14 What geographic locations connect to your networks 3: 14 What geographic locations connect to your networks 4: 15 What are your future growth plans for your networks 1: 15 What are your future growth plans for your networks 2: 15 What are your future growth plans for your networks 3: 15 What are your future growth plans for your networks 4: describe 1: describe 2: describe 3: describe 4: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 1: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 2: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 3: 2 What is the general firewall policy Default permit default deny inbound default permit outbound 4: leakage prevention spam filtering and Web application firewall or other If so please describe 1: leakage prevention spam filtering and Web application firewall or other If so please describe 2: leakage prevention spam filtering and Web application firewall or other If so please describe 3: leakage prevention spam filtering and Web application firewall or other If so please describe 4: 4 Do you use wireless networking If so what types What wireless security measures are in place 1: 4 Do you use wireless networking If so what types What wireless security measures are in place 2: 4 Do you use wireless networking If so what types What wireless security measures are in place 3: 4 Do you use wireless networking If so what types What wireless security measures are in place 4: 5 Do you use any of the following technologies and if so what model: Antivirus: undefined: Antispyware or antispam: d Desktop encryption: 6
  • 16. Do you use VPNs to connect If so what type and vendor of VPN software do you use 1: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 2: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 3: 6 Do you use VPNs to connect If so what type and vendor of VPN software do you use 4: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 1: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 2: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 3: 7 What services are permitted inbound to your network Such as SMTP DNS HTTP FTP or other 4: 8 Are the servers delivering these services in a DMZ 1: 8 Are the servers delivering these services in a DMZ 2: 8 Are the servers delivering these services in a DMZ 3: 8 Are the servers delivering these services in a DMZ 4: 9 Are your various system logs aggregated to a central location for monitoring and analysis 1: 9 Are your various system logs aggregated to a central location for monitoring and analysis 2: 9 Are your various system logs aggregated to a central location for monitoring and analysis 3: 9 Are your various system logs aggregated to a central location for monitoring and analysis 4: 10 Do you have a patch management system in place If so please describe 1: 10 Do you have a patch management system in place If so please describe 2: 10 Do you have a patch management system in place If so please describe 3: 10 Do you have a patch management system in place If so please describe 4: Course Name and Number_3: Student Name_3: Instructor Name_3: Lab Due Date_3: 1 During the lab demo how did you connect to the Splunk management tool 1: 1 During the lab demo how did you connect to the Splunk management tool 2: 1 During the lab demo how did you connect to the Splunk management tool 3: 1 During the lab demo how did you connect to the Splunk management tool 4: more secure operations 1: more secure operations 2: more secure operations 3: more secure operations 4: more secure operations 5: 3 What types of
  • 17. Data Inputs are available in Splunk and most other log management tools 1: 3 What types of Data Inputs are available in Splunk and most other log management tools 2: 3 What types of Data Inputs are available in Splunk and most other log management tools 3: 3 What types of Data Inputs are available in Splunk and most other log management tools 4: 3 What types of Data Inputs are available in Splunk and most other log management tools 5: 3 What types of Data Inputs are available in Splunk and most other log management tools 6: 4 What types of Alert Conditions are available in Splunk and most other log management tools 1: 4 What types of Alert Conditions are available in Splunk and most other log management tools 2: 4 What types of Alert Conditions are available in Splunk and most other log management tools 3: 4 What types of Alert Conditions are available in Splunk and most other log management tools 4: 5 What is the search string for the Top five sourcetypes preconfigured Search 1: 5 What is the search string for the Top five sourcetypes preconfigured Search 2: 5 What is the search string for the Top five sourcetypes preconfigured Search 3: 5 What is the search string for the Top five sourcetypes preconfigured Search 4: Searches that are preconfigured and available within Splunk 1: Searches that are preconfigured and available within Splunk 2: Searches that are preconfigured and available within Splunk 3: Searches that are preconfigured and available within Splunk 4: Searches that are preconfigured and available within Splunk 5: Searches that are preconfigured and available within Splunk 6: Searches that are preconfigured and available within Splunk 7: 7 What Chart Types are available for a search or report within Splunk 1: 7 What Chart Types are available for a search or report within Splunk 2: 7 What Chart Types are available for a search or report within Splunk 3: 7 What Chart Types are available for a search or report within Splunk 4: 7 What Chart Types are available for a search or report within Splunk 5: management best practices 1: management best practices 2: management best practices 3: management best practices 4:
  • 18. LAB #9 – ASSESSMENT SPREADSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Internal Firewall Policy Definition Configure your “TargetUbuntu02” desktop Linux internal host IP stateful firewall according to the following policy definition. Test and validate your implementation after you configure it based on the policy definition. The following is your Ubuntu internal firewall policy definition: • Deny incoming traffic • Deny the following specific applications: • TFTP • Telnet • SNMP • ICMP • FTP
  • 19. • Allow the following specific applications under “Advanced” settings: • SSH • SMTP • POP3 • HTTPS • HTTP Make a screen capture of the changes you made to the configuration and paste it into the text document. Use the File Transfer button to download the text file to your local computer and submit it as part of your deliverables. 130 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 130 25/02/13 3:00 PM C o nstruct a Linux H o st Firew all and
  • 20. M o nito r fo r IP Traffi c LAB #9 – ASSESSMENT WORkSHEET Construct a Linux Host Firewall and Monitor for IP Traffic Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you configured the Gufw Ubuntu host IP stateful firewall as an internal service running on the Linux desktop. By defining what IP traffic is allowed and what IP traffic is denied, you implemented another layer of security in your overall layered security strategy. In addition, you explored some useful network management and security operation tools, which can be enabled to monitor your IP traffic and security functions. Lab Assessment Questions & Answers 1. Briefly explain how the Gufw internal Ubuntu host IP stateful firewall can be used in a layered security
  • 21. strategy at the workstation domain level. 2. Briefly explain how each of the Linux-based tools demonstrated in this lab can be used to monitor bandwidth, protocol, and network traffic information. 9 Assessment Worksheet 131 38504_LB09_Pass1.indd 131 25/02/13 3:00 PM 3. Given that the Ubuntu internal firewall is not installed by default, should you enable this firewall if your organization already has a firewall? Why or why not? 4. How do you block specific ports and IP ranges from communicating via TCP/IP to and from your Ubuntu Target VM using Gufw? 5. Other than Deny or Allow incoming connections, what other options are available in Ubuntu’s internal firewall? Why would they include any additional option? 6. What usefulness is there in monitoring IP traffic to and from an individual workstation or server? 132 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 132 25/02/13 3:00 PM C
  • 22. o nstruct a Linux H o st Firew all and M o nito r fo r IP Traffi c 7. How are you going to test if your internal firewall configuration is working properly? 8. This is a two–part, real-world scenario question. Read the REQUIREMENTS section. Then, based on the requirements, answer PART A with a technical solution using the tools demonstrated in this lab and answer PART B with a written explanation and justification for your solution. You must use at least two of the following Linux-based IP monitor tools presented in this lab in your real- world example: bmon, iftop, pktstat, iperf, and/or tcptrack. REQUIREMENTS: A strategy is required to effectively monitor IP traffic on an individual server as well as many servers on a “point in time” as well as on an “over
  • 23. time” basis. There is also a requirement to automate the alerting of potential issues based on changes in network utilization. PART A: Give a real-world example of how you could meet this requirement with the use of tools presented in this lab and the use of any other available resources, such as scripts, alerts, output formats, or scheduled tasks (i.e., cron jobs). 9 Assessment Worksheet 133 38504_LB09_Pass1.indd 133 25/02/13 3:00 PM PART B: Explain the usefulness and benefits of your real- world example to an organization and support your reasoning with technical facts and security in mind. Did you meet the requirements? Why or why not? 134 Lab #9 | Construct a Linux Host Firewall and Monitor for IP Traffic 38504_LB09_Pass1.indd 134 25/02/13 3:00 PM Course Name and Number: Student Name: Instructor Name: Lab Due Date: Course Name and Number_2: Student Name_2: Instructor Name_2: Lab Due Date_2: strategy at the workstation domain level 1: strategy at the workstation domain level 2: strategy at the workstation domain level 3: strategy at the workstation domain level 4: bandwidth protocol and network traffic information 1: bandwidth protocol and network traffic information 2: bandwidth protocol and network traffic
  • 24. information 3: bandwidth protocol and network traffic information 4: bandwidth protocol and network traffic information 5: organization already has a firewall Why or why not 1: organization already has a firewall Why or why not 2: organization already has a firewall Why or why not 3: organization already has a firewall Why or why not 4: Target VM using Gufw 1: Target VM using Gufw 2: Target VM using Gufw 3: Target VM using Gufw 4: firewall Why would they include any additional option 1: firewall Why would they include any additional option 2: firewall Why would they include any additional option 3: firewall Why would they include any additional option 4: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 1: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 2: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 3: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 4: 6 What usefulness is there in monitoring IP traffic to and from an individual workstation or server 5: 7 How are you going to test if your internal firewall configuration is working properly 1: 7 How are you going to test if your internal firewall configuration is working properly 2: 7 How are you going to test if your internal firewall configuration is working properly 3: 7 How are you going to test if your internal firewall configuration is working properly 4: scheduled tasks ie cron jobs 1: scheduled tasks ie cron jobs 2: scheduled tasks ie cron jobs 3: scheduled tasks ie cron jobs 4: scheduled tasks ie cron jobs 5: scheduled tasks ie cron jobs 6: scheduled tasks ie cron jobs 7: Why or why not 1: Why or why not 2: Why or why not 3: Why or why not 4: Why or why not 5: Why or why not 6: Why or why not 7: Why or why not 8: