First Advisor

Bowles, Robert


College for Professional Studies

Degree Name

MS Computer and Information Technology


School of Computer & Information Science

Document Type

Thesis - Open Access

Number of Pages

96 pages


This project proposes to establish a security policy for the computer lab Local Area Network (LAN) at the Colorado Springs Campus (CSC) for the Network Lab Practicum (NLP) by completing a network analysis to determine requirements. Utilizing the current network configuration, a risk assessment will be performed to identify vulnerabilities and threats to the information system. Once the risk analysis is completed, a network security plan will be developed to protect system resources. The security policy will include, at a minimum, access policies, password management, firewall policy, policy on use of active code and the Internet, standards and interoperability policies, a VPN policy, and enforcement standards. The System Development Life Cycle (SDLC) approach will be used as the project methodology. Key deliverables will include a configuration management baseline, security policy and procedures, wiring diagram, firewall, anti virus protection and lessons learned. The project will culminate with a presentation to the academic board. Class utilization of the LAN will determine the success of the project. In the final phase of the project, the LAN will be turned over to the CSC NLP for administration, classroom support and future project opportunities. Keywords: security policy, risk assessment, lessons learned, local area network, system development life cycle, password, firewall, antivirus, configuration management.

Date of Award

Summer 2005

Location (Creation)

Denver, Colorado

Rights Statement

All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes. The materials may not be downloaded in whole or in part without permission of the copyright holder or as otherwise authorized in the “fair use” standards of the U.S. copyright laws and regulations.