Lesson 8 Security Policy Elements Answer the following questions about the inclusions of a security policy for an information technology classroom and lab. Be as specific as possible.

1. Who should be the person(s) responsible for each piece of networking equipment in the classroom (for example, routers, switches, and wireless access points).

2. List the person(s) responsible for the computers that are used in the classroom.

3. List the person(s) responsible for assigning permissions to use the network resources.

4. Which types or subject-area Internet websites should users have permission to access from the IT lab?

5. Which types or subject-area Internet websites should users not be able to access from the IT lab?

6. What actions by users could damage the network or computers?

7. Should anyone, other than the network administrator, be allowed to attach computer or devices to the network? Why or why not?

Answers: 1. The school administrators. The operators or owners of the school. The instructor.

2. The school administrators. The operators or owners of the school. Possibly the students or the instructor.

3. The school network administrator.

4. Sites for operating system updates (Microsoft.com). Sites for downloading utilities or (various) antivirus applications. News media research sites to learn of security break-ins (various). Job opportunities sites (various), and so on.

5. Any material that is illegal or that is viewed as offensive by any member of the class. Any site that displays content that conflicts with the mission or philosophy of the school or sponsoring organization.

6. Opening e-mails from unknown persons or downloading anything from unapproved websites.

7. No. It is never permissible to attach unknown or outside modems or wireless access points to the network because they could introduce unauthorized access to the network.