Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 05 - Lesson 12 Network Security Policy.

Published byJemima Johnston Modified over 8 years ago

Similar presentations

Presentation on theme: "Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 05 - Lesson 12 Network Security Policy."— Presentation transcript:

1 Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 05 - Lesson 12 Network Security Policy

2 Session Objectives Understand the necessity for security procedures and how they can be implemented to ensure that data equipment and data is kept secure

3 Network Security Policies Network security policies and procedures are in place to strengthen network security and prevent any loss to data with maliciously or accidental, Policies are rules which need to be followed whilst procedures are step by step instructions showing how to complete a task – e.g. blocking a port on the firewall, A typical network policy will have rules governing: Firewall management, Access control lists, Device hardening, Continuous policy review, (penetration testing, security audits, access control lists review) User rights and when to review them.

4

5 Network Administration Overview To ensure that users behave themselves there are number of techniques we can use – the next few slides cover some of the basic aspects of network administration.

6 User Accounts To log onto a network each user needs a unique user account with a username, Each user should have their own username and shouldn’t share because: Its possible to keep a log of who is logged in, Able to keep a history of who is logged in, Provides user with a unique identity on the network, Links user automatically to their files, Allows access rights to be enforced, Can trace any body who breaks the acceptable use policy. Users need to be told not the share / write down their password, Also should be encouraged to change their password regularly and log off workstations when finished – password policies can be used enforce this,

7 User Groups To make it easier to manage users they are spilt into groups, Groups are then given different security rules or policies and access to different files and folders, The policies then apply to all members in a group – much quicker than granting rights to each user account individually, A basic model is to have three groups but an organisation may have hundreds of different groups all with different levels of access. User 1User 2 User 6 User 3 User 4User 5 User 8User 9 User 13 User 10 User 11User 12 User 7 Group 1 = users Maximum Security Applied Group 2 = PowerUsers Medium Security Applied Group 3 = Administrator Have Full Control

8 Password Policies One of the easiest ways to hack a network is to guess a users password, Users tend to have silly passwords which can be easily deduced by others – brute force method hacking is very common, Password policy aims to prevent silly passwords from being used by: Ensuring a user account has a password, Allowing users to change their passwords, Setting a minimum length for passwords, Forcing users to frequently change their password, Ensuring passwords contain a mixture of numbers, upper and lower case characters, Blocking accounts for 24hours where the password has been entered incorrectly three times (prevents brute force attack),

9 Password Policy Examples Setting up password policy Example of a brute force attack Setting up password policy

10 Login Policies Security policies can also be applied to logging into the network, Network operating systems allow you to: Restrict login times (e.g. 9 till 5 Mon-Fri only), Disable a user or groups of users accounts, Limit the number of concurrent connections, Force accounts to automatically expire on a given day.

11 Login Policies Example Limiting Jacks logon hours to between 6am and 8pm

12 WorkStation Policies Workstation Policies apply to the computers users work on, They prevent users from: Changing Settings, Installing Software / Hardware, Customising Machines (screen savers, backgrounds etc), Accessing Certain Software, Normally you will have a Workstation policy for each group of users or type of user, which has an appropriate level of security, To set-up Workstation Policies you select from the what you will allow users to, and not to do.

13 Workstation Policies Example Setting up a security policy to control how the workstations look and prevent changes

14 File and Folder Policy To access a file or folder on the network you need to have the correct permissions, Each file or folder can be marked with permissions including: No Access List (File Scan) Read only Add (Write) Change (Modify) Full Control File and Folder policy specifies the permissions files and folders have to each user and group of users.

15 File and Folder Policy Example No Access - N List (File Scan) - FS Read only - R Add (Write) - W Change (Modify) - M Full Control - FC Shared Users – FS, R PowerUsers – FS, R Admins - FC Document Templates Users – FS, R PowerUsers – FS, R, A, M Admins – FC Private Users – N PowerUsers – FS, R Admins – FC Users Shared Users – FS, R, A, M PowerUsers – FS, R, A, M Admins – FC

16 Task 1 [P1] You will be given a machine to explore by your tutor – you need to make some notes about the specification of the hardware parts and what each is for, Use photos and system information utilities as evidence within your notes, Include a diagram to show the how data flows between some of the main components. For P1, evidence such as diagrams or photographs with clear supporting notes will be sufficient. An alternative form of evidence is a web page with hot-spots over different components explaining what the components are. The communication between components must be identified. It is possible that everything could be identified within one diagram. P1 - explain the function of computer hardware components

Download ppt "Mr C Johnston ICT Teacher www.computechedu.co.uk BTEC IT Unit 05 - Lesson 12 Network Security Policy."

Similar presentations

Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.

Security Strategy. You will need to be able to explain:  Data Security  Data Integrity and  Data Privacy  Risks  Hacking  Denial of Service DOS.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
An Introduction to System Administration Chapter 1.

An Introduction to System Administration Chapter 1.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
15.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Network security policy: best practices

Network security policy: best practices
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
BTEC IT Unit 02 Lesson 09 Practical Work Briefing – P5, P6, P7

BTEC IT Unit 02 Lesson 09 Practical Work Briefing – P5, P6, P7
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.

September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
G046 Lecture 05 Task E Briefing Notes Mr C Johnston ICT Teacher www.computechedu.co.uk.

G046 Lecture 05 Task E Briefing Notes Mr C Johnston ICT Teacher

Similar presentations

Ads by Google