app 3 3.4
**Pick a company of your choice for this project. Due to a recent security breach, "Your Company" wants to increase the overall security of its network and systems. They have chosen to use a solid multilayered defense to reduce the likelihood that an attacker will successfully compromise the company’s information security. Multiple layers of defense throughout the IT infrastructure makes the process of compromising any protected resource or data more difficult than any single security control. In this way, "Your Company" protects its business by protecting its information. Scenario Assume you are an entry-level security administrator working for “Your Company”. You have been asked to evaluate the option of adding Active Directory to the company’s network. Tasks Create a summary report to management that answers the following questions to satisfy the key points of interest regarding the addition of Active Directory to the network: 1. System administrators currently create users on each computer where users need access. In Active Directory, where will system administrators create users? 2. How will the procedures for making changes to the user accounts, such as password changes, be different in Active Directory? 3. What action should administrators take for the existing workgroup user accounts after converting to Active Directory? 4. How will the administrators resolve differences between user accounts defined on different computers? In other words, if user accounts have different settings on different computers, how will Active Directory address that issue? (Hint: Consider security identifiers [SIDs].) Submission Requirements ▪ Format: Microsoft Word (or compatible) ▪ Font: Arial, size 12, double-space ▪ Citation Style: Follow your school’s preferred style guide ▪ Length: 2 page *** will be reviewed for plagiarism prior to all grading -------------------------------------------------------------------------------------------------------------------------------- Part 2 Do it in new document **Pick a company of your choice for this project. Due to a recent security breach, "Your Company" wants to increase the overall security of its network and systems. They have chosen to use a solid multilayered defense to reduce the likelihood that an attacker will successfully compromise the company’s information security. Multiple layers of defense throughout the IT infrastructure makes the process of compromising any protected resource or data more difficult than any single security control. In this way, "Your Company" protects its business by protecting its information. Scenario “Your Company” allows external users, such as vendors and business partners, to access the “Your Company” Windows environment. You have noticed a marked increase in malware activity in the test environment that seems to originate from external users. After researching the likely source of new malware, you conclude that allowing external users to connect to your environment using compromised computers exposes “Your Company” to malware vulnerabilities. After consulting with your manager, you are asked to create a policy that will ensure all external computers that connect to “Your Company” environment are malware free. You create the following policy: “To protect the “Your Company” computing environment from the introduction of malware of any type from external sources, all external computers and devices must demonstrate that they are malware free prior to establishing a connection to any “Your Company” resource.” Consider the following questions: 1. What does “malware free” mean? 2. How can a user demonstrate that their computer or device is malware free? 3. What are the steps necessary to establish a malware-free computer or device? 4. How should “Your Company” verify that a client computer or device is compliant? Submission Requirements ▪ Format: Microsoft Word (or compatible) ▪ Font: Arial, size 12, double-space ▪ Citation Style: Follow your school’s preferred style guide ▪ Length: 2 pages