IAM Day 2

It's been a couple days since I attended day two of the IAM training, but I've been a little busy taking that information and preparing for our class' assessment of the school.

On day two, we went over modules 3 and 4 (available at the IATRP website, for those interested) and did an actual assessment of our example organization's security posture and delivered a final report. We addressed three areas our customer was concerned most with, Networking/Connectivity, System Assurance, and Physical Environment. We made up a couple of concerns that such an organization would have, like not having backup connectivity at remote sites or ACLs and firewalls protecting internet facing systems.

Here's a copy of the assessment plan outline (nts450_day_2.pdf) and the information we gathered throughout the IAM process.

Posted by Marcin on Friday, September 15, 2006 in School and Security.