information tech

User Generated

gnzgbf

Computer Science

Description

Your group is working for a global organization that handles highly classified intellectual property. In many situations and scenarios, the implementation and operations teams have been creating and setting up environments that violate your vision for security. After discussing the situation with various parties, they all admit they do not fully know or understand what is expected from them as they set up and configure the environment. To solve this situation, your group has been asked to create a network security policy for the organization.

Each group member will choose an element of the policy to design and the group will collaborate on what the overall design and outline should look like and include components from end user behavior and training plan, file and folder access, social engineering safeguards, bring your own device policies, use of external drives on company assets, security hardware, penetration testing, and affiliation of the information security department with law enforcement agencies. Students may either interview someone in the local FBI field office or research the FBI and DHS Web sites related to information sharing programs that the government offers, as this could be advantageous to the organization’s information security program.

  • To keep the scope narrow, your group should first describe what should be included and what should not be included in the policy (remember that a policy should clearly set management's expectations).
  • After the scope has been defined, research the various components, and create an appropriate policy.

Prepare a Word document of 7-10 pages (excluding title page, abstract and references page) that includes the network security policy for an organization that addresses all of the stated design requirements. It should be in APA format, including an introduction and conclusion.

I am entitle to work on 3 topic,

1) Security hardware

2)Penetration testing

3) Social engineering safeguards

Only this 3 topic I need and references in APA formart

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Here you go, please let me know if you need any revisions!

Running head: NETWORK SECURITY POLICY

Network Security Policy
Student Name
Course Name
December 17, 2016

1

NETWORK SECURITY POLICY

2

Abstract
This paper explains the network security policies for an organization. The policy includes
incorporates a game plan of objectives for the association, standards of lead for customers and
regulators, and necessities for structure and organization that things being what they are an
assurance the security of framework and PC systems in an organization. In this paper, you know
about the scope of policy in which policy protections all IT frameworks and devices those
include the corporate system or that control by the organization. It should offer planning to an
extensive variety of people who speak with IT structures. Next paper defines the need for
network security policies and risks associated with these policies. Some security policies for the
organization define in it. And various components of the network policies explain in this paper.
Security policies ought to adjust get to and security. Security policies should minimize chance
while not driving undue get to repressions on the people who oblige access to resources. The
access controls and procedures etc. relate to this policies define in it.

NETWORK SECURITY POLICY

3

Network Security Policy
Introduction
In this paper, we are working for a worldwide association that handles profoundly
characterized licensed innovation. Much of the time and situations, the execution and operations
groups have been making and setting up situations that abuse vision for security. It defines the
policy for the assurance of the secrecy, respectability and accessibility of the system and also
security obligations regarding guaranteeing the security of our systems. The system with the end
goal of this approach is an accumulation of correspondence gear, for example, servers, PCs, and
printers which are associated together utilizing our nearby and full zone systems (Paquet, 2013).
Some person may require that something for himself, or he may need the satisfaction of denying
something to its rightful proprietor. A security strategy incorporates a plan of objectives for the
association, standards of lead for customers and regulators, and necessities for structure and
organization that in light of present circumstances ensure the security of framework and PC
systems in an organization.
The policy is a "living archive," involving that the report not ever complete and regularly
overhaul as advance and worker necessities alteration. It illuminates clients, staff, and
supervisors of their compulsory needs for ensuring change and data resources (Jonathan Gana
KOLO, 2008). It ought to determine the instruments that you have to meet these obligations. It
should decide the devices that you need to achieve these commitments. It similarly gives a
benchmark from which to get, organize, and survey PC structures and frameworks for
consistency with the security technique. Along these lines, an attempt to use a plan of security
gadgets without no not exactly a proposed security strategy is worthless (Paquet, 2013). The

NETWORK SECURITY POLICY

4

paper describes the about the security policy for the organization in detail manner. In this scope
of the policy explain in it and the controls for the network. The paper also describes the needs of
this security policy and risk associated with this policy.
Scope of Policy
The policy shields all IT devices and frameworks that include the business system that
control by the organization (Thomas M. Thomas, 2012). Since clients require setting up that
relates particularly to their use of particular systems, you need to supplement a limitless,
affiliation extensive program with more structure specific tasks. The scope additionally
characterizes who must take after the system security policy. Does the arrangement relate just to
the workers? On the other hand, does the strategy stretch out to temporary workers, clients, and
sellers, who may be required to take after the policy if they associate their system to the
association's system? It additionally characterizes whether the policy addresses just system
security or incorporates different zones of security (Paquet, 2013).
Need of Security Policy
A “network security policy” illustrates the association's needs of appropriate PC utilize
the systems to forestall and respond to security incidents. A network policy is the creation of
security since it traces what resources value ensuring and whatever activities undermine the
benefits (cisco, 2005). An arrangement will quantify possible perils against the estimation of
individual gainfulness and capability and recognize the particular corporate assets which require
different levels of security. Without a system security arrangement, an honest to goodness
security structure can't be set up. Laborers can't suggest any settled benchmarks and security
controls would avoid for expanding effectiveness. Deprived of a security policy, the availability

NETWORK SECURITY POLICY

5

of your framework can be exchanged off. The policy begins with looking over the peril to the
framework and building a gathering to respond (EC-Council, 2010). Continuation of the
technique requires executing a security change organization rehearse and checking the
framework for safety violations. Ultimately audit procedure changes the current policy and
changes to lessons knowledgeable (cisco, 2005).
Security Policies
IT security policies are the guidelines and practices that a foundation uses to oversee and
ensure its data assets. These policies must create, archived, actualized, looked into and assessed
to guarantee an appropriately managed and secured arrange. A traded off secret word on a
system device could have annihilating, organize full outcomes (comptechdoc, n.d.). Passwords
utilize to secure devices, for example, switches, plus servers, must be thought to higher models
than regular client level framework passwords. The following requirement for IT security
policies in any foundation can't overemphasize. Policies are a course of action of necessities or
principles which are required to set a path to a particular objective. Security arrangements should
modify get to and security. Security strategies should minimize danger while not constraining
undue get to controls on the people who oblige access to resources. Some network security
policies for an organization as follows:


Device Passwords
The password on a system could have wrecked, organize excellent outcomes. Passwords
utilize to safe these devices, for example, switches, in addition to servers, must be
thought to sophisticated guidelines than common client level system passwords (ECCouncil, 2010). Keeping in mind the end goal to ensure against file speculating, after

NETWORK SECURITY POLICY

6

login frustrations happen the error message transmitted to the customer must not
demonstrate especially whether the password was erroneous.


Logging
The logging of particular occasions is an essential segment of real system administration
practices. Logging needs change contingent upon the kind of system framework, and the
sort of information the framework holds. Logs from system gadgets are of enthusiasm
since these devices control all system activity (Mallery, 2005). While logging is vital to
the organization's network security, log administration can get to be distinctly difficult if
not executed fittingly. As logs develop, so does the time required to audit the logs.
Hence, the organization suggests that a log administration application considers.



Firewalls
Firewa...


Anonymous
I was struggling with this subject, and this helped me a ton!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags