Citrix 1Y0-351 Citrix CCP-N Exam Training Software
100% Success Guaranteed At Citrix NetScaler 10.5 Essentials for Networking Exam
1Y0-351 Questions & Answers
Was 138.59 USD
Today 125.99 USD
Exam Code: 1Y0-351
Exam Name: Citrix NetScaler 10.5 Essentials for Networking
Certs Covered: CCP-N
No of Questions: 289
Last Updated: December 01, 2016
Understanding Business Requirements for Security Design
When analyzing and determining the security business requirements of the organization, you have to include the following factors:
Business model: The business model that the organization uses greatly influences the type of security an organization implements. An organization that has world-wide branches would have different security requirements to a business that has a single office.
Business processes: To successfully implement security, you have to know how business processes within the organization work. You have to ensure that security does not prevent business processes from being carried out.
Business growth: As the business grows so too must the security policies and processes be able to cater for this growth.
Determine the risk tolerance of the organization. The level of risk tolerance would differ between organizations.
Determine whether there are any laws and regulations that the organization has to adhere to. This is especially important when you draw up the security design.
Management strategy: Organizations can use either a centralized management strategy or a decentralized management strategy.
Existing security policies and procedures: Determine what the current security policy of the organization is.
The financial stance of the organization would also influence which security design is implemented.
Assessing Existing Security Processes and Policies
One of the first steps in assessing the existing security processes and security policies is to determine what the current security processes and security policies are, and whether these can be improved to meet the security requirements of the organization.
Security policies usually fall into one of the following classes:
Technical policies; include security processes and mechanisms that protect the network resources and the data of the organization.
Physical policies; include physical measures to implement physical security, such as implementing controlled room access.
Administrative policies; includes mechanisms such as nondisclosure agreements.
For a security policy to be effective, users have to be aware of the policy, and the security policy has to be regularly updated so that it remains current.
An important element of security policies is an Acceptable Use Policy (AUP). An AUP is a document that details the following:
The types of access and activity that are allowed on the network.
The types of access and activity that are not allowed on the network.
The responsibilities and rights of the employee and company have to be encompassed when the AUP is defined. For the AUP to be successful, you have to define how it will be determined whether the AUP has been violated. The actions which will be taken when the Acceptable Use Policy is violated should also be addressed. The AUP can then be used to determine when security breaches have occurred on the corporate network.
Another important aspect when assessing security requirements of the business to decide on the level of privacy and the level of security that will be maintained:
Security deals with protecting mission critical data and network resources from being accessed by individuals who are not authorized to access the data or resources. When determining the level of security to implement, it is important that you maintain a balance between securing the network environment and usability.
Privacy deals with protecting employee information and customer information. An organization needs to examine the privacy of its own information and assets well.
If you are running a Windows Server 2003 Active Directory, you can use the Resultant Set of Policies (RSoP) tool to determine what current security settings have been applied to the network through Group Policy Objects (GPOs). The RSoP tool can also be used to assist in the planning of a Group Policy implementation, and to troubleshoot Group Policy settings
Through the RSoP Wizard, you can determine the following:
Which GPOs are applied
The level (site, domain, OU) at which they are applied
Which GPOs are blocked
If you want to determine what the current Group Policy settings are for a particular user account or computer account, you would need to utilize RSoP logging mode. Logging mode provides the means for you to re-examine the existing GPOs which are applied to a user or computer. You can also use logging mode to examine existing software installation applications and security for a user or computer.
RSoP logging mode is typically used for the purposes listed below:
Determine how local policy affect Group Policy settings
Determine how certain security groups affect the application of Group Policy settings.
Identify any failed policy settings. This includes policy settings which have been overwritten.
How to create a RSoP query in Logging Mode with the Resultant Set Of Policy Wizard
Click Start, Run, and enter mmc in the Run dialog box. Click OK.
From the File menu, select Add/Remove Snap-In.
When the Add/Remove Snap-In dialog box opens, click Add.
When the Add Standalone Snap-In dialog box opens, select Resultant Set of Policy from the available list, and click Add.
Click Close to close the Add Standalone Snap-In dialog box opens.
Click OK in the Add/Remove Snap-In dialog box.
Proceed to right-click Resultant Set of Policy in the MMC, and select Generate RSoP Data on the shortcut menu.
The Resultant Set of Policy Wizard launches.
Click Next on the Welcome To The Resultant Set Of Policy Wizard page.
When the Mode Selection page appears, select Logging Mode. Click Next.
On the Computer Selection page, you can choose the This Computer option, or you can choose the Another Computer option. If you select the Another Computer option, click Browse to select the other computer.
Enable the Do Not Display Policy Settings For The Selected Computer In the Results | Display User Policy Settings Only! checkbox if you only want to view user policy settings. Click Next.
On the User Selection page, you can choose the Current User option, or you can choose the Select A Specific User option. If you select the Select A Specific User option, choose the user from the list.
Enable the Do Not Display User Policy Settings In the Results | Display Computer Policy Settings Only! checkbox if you only want to view computer policy settings. Click Next.
When the Summary Of Selections page opens, verify that the options which you chose are correct.
To view the query results, click the folders in the RSoP console tree.
Matching Business Requirements to the Security Plan
If the organization uses business processes,
You should determine how these business processes flow and how the data associated with these processes flow.
You should determine the users that need to access services used in the business processes.
If the organization uses a centralized management strategy,
You should minimize the number of domains
Include the management of administrative group membership.
If the organization uses a decentralized management strategy,
You should determine the rights that users require.
You should determine whether users need administrative abilities on the network, and if yes, determine who those users are.
If the risk tolerance level of the organization shows an aversion to risks,
You should determine the risks that the organization is not prepared to tolerate.
Identify the actions which are necessary should the risk become a reality, and then include this in the security plan.
If the organization expects business growth in the next number of years,
You should try to estimate how many users and computers will be needed to provide for future business expansion.
Try to determine how the business will be geographically dispersed.
Pass4sure's IT Certification kit presents a unique and practical way of approaching IT Exams. When compared to this material, all other materials look useless and waste of time. We are so certain in this product that we guarantee that anyone can get high marks in IT Exams.
Your purchase with Pass4sure is safe and fast. Your products will be available for immediate download after your payment has been received.
The Pass4Sure website is protected by 256 -bit SSL from McAfee, the leader in online security.
Experience Pass4Sure exam testing engine for yourself.
Simply submit your e-mail address below to get started with our interactive software demo of your Citrix Citrix CCP-N Citrix NetScaler 10.5 Essentials for Networking exam.
Customizable, interactive testing engine
Simulates real exam environment