Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Separate Domains of IT Infrastructure

advertisement 
Separate Domains of IT
Infrastructure
CS5493
7 Domains of IT
1. User Domain
2.Workstation Domain
3.LAN Domain
4.LAN to WAN Domain
5.WAN Domain
6.Remote Access
7.System Application Domain
Logical Grouping of IT Domains
●
User/Workstation
●
Network
●
LAN
●
LAN-WAN interface
●
WAN
●
Remote (Brave new world)
●
System/Application
User Domain
●
The subjects:
●
The people using the system.
●
This is the domain of the AUP
The AUP
• Acceptable usage policy – a contract between
the system owner and system user outlining
the acceptable usage parameters of the
computing system.
User Domain
●
Threats/Vulnerabilities
–
Lack of user awareness
–
User apathy toward policies
–
Security policy violations
–
Disgruntled employee attacks
–
Social engineering attacks
–
Etc
Mitigation strategies …
Workstation Domain
●
Usually refers to the computer on your desk or
workspace.
–
This includes the staff supporting the workstations
–
The AUP is a key document for this domain
Workstation Domain
●
Risks/threats/vulnerabilities
–
Unauthorized access
–
Malware
–
Support staff threats/vulnerabilities
–
Social engineering attacks
–
Etc.
Mitigation strategies…
Network Domain
●
For the purpose of this course, we will
combine the domains for LAN, LAN-to-WAN,
and WAN into the Network Service Domain
Network Service Domain
●
●
Includes the equipment, cables, the wireless
access, etc.
Key document is the SLA
SLA: Service Level Agreement
• An agreement between the system provider
and system user. Outlines provider
responsibilities and defines realistic
expectations to the users.
Network Service Domain
●
Threats/Vulnerabilities/
–
Unauthorized access, physical or otherwise
–
Malware attacks
–
Hardware vulnerabilities
–
Support staff threats/vulnerabilities
–
Misuse of network resource by users
–
Clear-text (unencrypted) data traffic
–
DoS
–
Wireless attacks
Remote Access Domain
●
Accessing the computing services from
outside the boundary of the computing system.
–
Smart phones
–
Laptop computers
–
PDAs
–
Remote E-mail usage
–
Wireless access
–
Access to cloud resources
Remote Access Domain
• The AUP is the governing document
Remote Access Domain
●
threat/vulnerability
–
Theft or loss of electronic devices
–
Theft or loss of data
–
Unauthorized access (shoulder surfers)
–
Clear-text data transfer
–
Poor security on personal devices.
–
Reliability of cloud services
System/Application Domain
●
The critical infrastructure of server systems,
applications, and data.
–
Payroll
–
Accounting, purchasing, billing
–
Sales
–
Intellectual property, etc.
–
Proprietary technology
System/Application Domain
●
Threat/vulnerability
–
Unauthorized access
–
Hardware failure
–
Data loss
–
Malware
–
Failure to keep systems and software up-to-date.
–
Social engineering attacks
–
etc
System/Application Domain
• The governing document is the SLA.
Domain Group Assignments
●
User/Workstation
Green Group
●
Network
Blue Group
●
Remote
Gold Group
●
System/Application
Silver Group
Related documents
AIC
AIC
AIC
AIC
Lecture 3
Lecture 3
In today world of advance computing and more computer conneted
In today world of advance computing and more computer conneted
10 General Security Rules
10 General Security Rules
Computer Security: Principles and Practice, 1/e
Computer Security: Principles and Practice, 1/e
Chapter 1 Security Problems in Computing
Chapter 1 Security Problems in Computing
Introduction CS 239 Security for Networks and System
Introduction CS 239 Security for Networks and System
Gallaugher2_0-PPT
Gallaugher2_0-PPT
Business Plan Scope Sheet - Cleveland Clinic Academy
Business Plan Scope Sheet - Cleveland Clinic Academy
A Survey on different Attacks on Mobile Devices and its Security
A Survey on different Attacks on Mobile Devices and its Security
Features list
Features list
Download
advertisement