There are seven domains to the IT Infrastructure typically and all IT technician will at some point in their careers come in contact with or deal with all seven domains. The domains that I am familiar with are; User Domain, Workstation Domain, LAN Domain and the Remote Access Domain. I have done some work with all of these domains as an IT/Helpdesk employee for a Construction Company which had employees located all over the U.S.
The User Domain is the most vulnerable of all the seven domains. One of the countermeasures that I have used most of all was to verbally remind and sent emails to employees as reminders about security awareness. A couple of other countermeasures that I have conducted are; restricted access for a user to a company’s terminal server and monitor abnormal employee behavior. The next Domain that I have experienced having to apply countermeasures is the Workstation Domain. I have implemented password protection, screen lockout policies, as well as other strict access control policies in order to help mitigate the risk of unauthorized access to workstations and systems.
The types of countermeasures that I have deployed as part of the LAN Domain were; ensuring that the wiring closets were secure, applied the appropriate updates and patches on Servers/Desktops/Laptops running Windows to mitigate the vulnerabilities. The last domain that I have had to implement countermeasures for is the Remote Access Domain. As with a local domain access I have had to apply strict policies in place such as; the length that a password is valid for before having to be changed, the use of passwords enforced, limiting the number of attempts to logon before the user is locked out of their user account, strict password criteria standards (i.e. must be at least eight characters in length using alphanumeric complexity. These countermeasures are typically used in order to mitigate the risk or threat of a Brute-Force attack or someone trying to guess...