Copyright  2002 Microsoft Corporation. All Rights Reserved. Exercise 1 Developing a Security Plan Design Worksheet A Risk Policy Design solution Virus infection from the Internet All incoming files must be scanned by a virus scanner. Use Group Policy to deploy a desktop virus scanner and configure scanning preferences. Virus scanner must scan files being downloaded from the Internet. Loss of internal data from file servers due to accidental deletion of data Cannot tolerate a loss of more than one day’s worth of data. Implement a training plan to make sure that all staff members know where to store data and how to save data to file servers. Implement disaster recovery plan and make sure that the backup strategy can recover at least all of the data from the previous day. Information from HR database stolen by internal staff Must make sure that access to HR database is granted on an as- needed basis. Make sure that permissions on the HR database secure the information. Information from HR database stolen by external partners Must make sure that external partners have access only to the information that they need in the HR database. Partition the information available in the HR database so that information that can be accessed externally is in a different section of the database from internal information. Set permissions on the internal information to deny access to external partners. Compromise of data on internal servers due to VPN connection to the Internet Must not allow attacks from the Internet to compromise HR data. Implement certificate-based authentication for partners. Use remote access policies and require strong encryption of data. Grant VPN access on an as-needed basis. Copyright  2002 Microsoft Corporation. All Rights Reserved. Design Worksheet B Design solution Strategy for maintenance Use Group Policy to deploy a desktop virus scanner and configure scanning preferences. The virus scanner must scan e-mail. Monitor virus information sources and make sure that virus scanner files are up-to-date. Monitor audit logs to identify attacks before they happen to minimize the chance of a successful attack. Make sure that all file server security issues are implemented on all internal servers. Monitor security information sources for software updates and configuration changes that affect file server security. Test and apply updates to file servers as security issues become known. Regularly check audit logs to identify attacks before they cause problems. Train staff on which printer to use for each form of data. Use permissions to restrict access to printers for staff members who have access to confidential data. Use scripts to configure printer connections for staff with access to confidential information. Update courseware as changes occur and make sure that staff members receive notifications of updates. Perform audits on print servers to make sure that staff members have print permissions as needed. Regularly audit who has access to confidential data. Use Group Policy to deploy a desktop virus scanner and configure scanning preferences. The virus scanner must scan files being downloaded from the Internet. Monitor information sites regarding attacks, and monitor event logs for evidence of DoS attacks and attempted DoS attacks. Implement a training plan to make sure that all staff members know where to store data and how to save data to file servers. Implement a disaster recovery plan and make sure that the backup strategy can recover at least all of the data from the previous day. Regularly update the training plan and advise internal users of the changes. Test the backup strategy and recovery plan regularly to ensure that it meets your policies. Make sure that permissions on the HR database secure the information. Perform regular security audits on permissions. Perform regular checks on the physical security of servers to ensure that they are secure. Perform checks on passwords to make sure that users are not using easily breakable passwords. Partition the information available in the HR database so that information that can be accessed externally is in a different section of the database from internal information. Set permissions on the internal information to deny access to external partners. Monitor for remote access software updates, and make sure that all dial-up clients have correct dial-up settings. Implement certificate-based authentication for partners. Use remote access policies and require strong encryption of data. Grant VPN access on an as-needed basis. Monitor firewall event logs to determine whether DoS attacks are occurring, and whether they are being prevented. Monitor for software updates to firewall and Web software. . of DoS attacks and attempted DoS attacks. Implement a training plan to make sure that all staff members know where to store data and how to save data to. database. Partition the information available in the HR database so that information that can be accessed externally is in a different section of the database