IS3220 Lab 8 Chris Wiginton
IS3220 Lab 8
Chris Wiginton
ITT Technical Institute, Tampa FL
Instructor: Sherman Moody
11 November, 2014
1. Explain why a layered security strategy helps mitigate risk and threats both external and internal. Multiple layers can be used to secure internal threats like keeping employees from accessing inappropriate material, update and patch workstations and run current anti-virus/malware on workstations daily. The layers also help mitigate external threats like hackers by using firewalls and shutting traffic out of the internal network.
2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access? With a DMZ, there are two firewalls to protect the internal network from external threats. The necessary servers can be placed between the two in order to allow access from either side through strict firewalls while still allowing very little external traffic into the internal zone. The outermost firewall can allow a certain set of traffic to come in and access the servers. The inner most firewall blocks access into the intranet while allowing internal users to access the information on the servers.
3. What recommendations do you have for the future e-commerce server and deployment in regards to physical location and back-end security for privacy data and credit card data? The e-commerce server could be placed in the DMZ with the private and credit card data stored inside the internal network. The commerce server will have access to the private data and will pass it in an encrypted form to and from wherever it needs to go.
4. What recommendations do you have to secure the server farm from unauthorized access? Lock the servers into their own room with keycard or fingerprint access only. Only authorized IT staff shall have access. Management, vendors and all other authorized guest shall be escorted by an authorized IT staff member. Video surveillance should be maintained and monitored at all access
Chris Wiginton
ITT Technical Institute, Tampa FL
Instructor: Sherman Moody
11 November, 2014
1. Explain why a layered security strategy helps mitigate risk and threats both external and internal. Multiple layers can be used to secure internal threats like keeping employees from accessing inappropriate material, update and patch workstations and run current anti-virus/malware on workstations daily. The layers also help mitigate external threats like hackers by using firewalls and shutting traffic out of the internal network.
2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access? With a DMZ, there are two firewalls to protect the internal network from external threats. The necessary servers can be placed between the two in order to allow access from either side through strict firewalls while still allowing very little external traffic into the internal zone. The outermost firewall can allow a certain set of traffic to come in and access the servers. The inner most firewall blocks access into the intranet while allowing internal users to access the information on the servers.
3. What recommendations do you have for the future e-commerce server and deployment in regards to physical location and back-end security for privacy data and credit card data? The e-commerce server could be placed in the DMZ with the private and credit card data stored inside the internal network. The commerce server will have access to the private data and will pass it in an encrypted form to and from wherever it needs to go.
4. What recommendations do you have to secure the server farm from unauthorized access? Lock the servers into their own room with keycard or fingerprint access only. Only authorized IT staff shall have access. Management, vendors and all other authorized guest shall be escorted by an authorized IT staff member. Video surveillance should be maintained and monitored at all access