0% found this document useful (0 votes)

61 views11 pages

Lab 4

This document is a lab report submitted by student Mai Gia Tú for the course IAP301 under instructor Mai Hoàng Đỉnh. It discusses the information security policy of ABC Credit Union, which is designed to ensure confidentiality, integrity and availability of the organization's information assets. The policy establishes guidelines and procedures to safeguard sensitive information from unauthorized access, disclosure, alteration and destruction. It references the "Workstation Configuration Standards" and "Network Security Standards" and addresses seven domains of a typical IT infrastructure: the user, workstation, LAN, LAN-to-WAN, WAN, remote access, and system/application domains.

Uploaded by

khoa20033002

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

61 views11 pages

Lab 4

Uploaded by

khoa20033002

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 11

LAB 4 REPORT

Course Name: IAP301

Student Name: SE151146 - Mai Gia Tú

Instructor Name: Mai Hoàng Đỉnh

Lab Due Date: 25/1/2024

FPT UNIVERSITY
ABC Credit Union
Policy Name: Information Security Policy

Policy Statement
The Information Security Policy of ABC Credit Union is designed to
ensure the confidentiality, integrity, and availability of the organization's
information assets. This policy establishes guidelines and procedures to
safeguard sensitive information from unauthorized access, disclosure,
alteration, and destruction.

Separation of duties is widely used, not only in the IT world, but

everywhere, for the sole purpose to task different individuals. As
we assigned these responsibilities, it’s expected for every
personnel to abide by all rules and regulations set forth on these
responsibilities.
Purpose/Objectives
- Used to prevent attacks, insider threats, errors, and maintain control
from within the organization.
- Ensure the security of information assets.
- Protect customer and organizational data.
- Comply with relevant laws and regulations.

Scope
The seven domains of a typical IT infrastructure impacted by this policy
include:
1. User Domain
2. Workstation Domain
3. LAN Domain
4. LAN-to-WAN Domain
5. WAN Domain
6. Remote Access Domain
7. System/Application Domain

BUSINESS REPORT 2
Standards
This policy references the "Workstation Configuration Standards" and
"Network Security Standards" for specific hardware, software, and
configuration requirements.

Procedures
- User Domain: User access privileges are managed by the IT department.
Employees receive training on security best practices.
- Workstation Domain: Workstations are configured according to the
"Workstation Configuration Standards." Antivirus software is mandatory.
- LAN Domain: Network access is restricted based on job roles. Firewalls
and intrusion detection/prevention systems are implemented.
- LAN-to-WAN Domain: Secure routers and switches are configured to
control traffic between the LAN and WAN.
- WAN Domain: Encryption is used for data transmitted over the WAN.
Access controls are enforced.
- Remote Access Domain: Remote access requires multi-factor
authentication. VPNs are used to secure connections.
- System/Application Domain: Regular vulnerability assessments and
patch management are conducted.

Guidelines:
Any disputes or gaps in the separation of duties responsibility should be
reported to the IT Security Officer.

BUSINESS REPORT 3
LAB ASSESSMENT QUESTIONS & ANSWERS

1. For each of the seven domains of a typical IT infrastructure, summarize

what the information systems security responsibilities are within that domain.
a. User Domain:
- Responsibility: Ensure that users understand and follow security policies.
- Motivation: Understand user behavior to prevent compromise.

b. Workstation Domain:
- Responsibility: Safeguard controls within workstations.
- Access Control: Define proper access control based on job roles.
Implementation: Assign access rights to systems, applications, and data based on
access control definitions.

c. LAN Domain:
- Responsibility: LAN support group is in charge.
- Tasks: Maintain and support file and print services, configure access controls for
users.

d. LAN-to-WAN Domain:
- Responsibility: Network security group is responsible.
- Tasks: Apply defined security controls in both physical and logical elements.

e. WAN Domain:
- Responsibility: Network engineer or WAN group.
- Tasks: Set up defined security controls according to policies. May involve
outsourcing to service providers for WAN and router management.

f. Remote Access Domain:

- Responsibility: Network engineer or WAN group.
- Tasks: Apply security controls, maintain, update, and troubleshoot hardware and
logical remote access connections.

g. System/Application Domain:
- Responsibility: Director of systems and applications, director of software
development.
BUSINESS REPORT 4
- Scope: Encompasses the development and maintenance of systems and
applications.

2. Which of the seven domain of a typical IT infrastructure require personnel

and executive management support outside of the IT or information systems
security organizations?
- The User Domain typically requires personnel and executive management support
outside of the IT or information systems security organizations.
Reason: In the User Domain, individuals throughout the organization, including
employees, contractors, and other personnel, play a crucial role in adhering to
security policies and practices. These individuals may not be part of the IT
department or directly involved in information systems security but are essential for
maintaining a secure environment.

3. What does separation of duties mean?

- Separation of duties is the means by which no one person has sole control over the
lifespan of a transaction.

4. How does separation of duties throughout an IT infrastructure mitigate rick

for an organization?
- Separation of duties fulfills two purposes. First, it prevents frauds, errors, and
abuse of systems and processes, and second, it aids in the discovery of control
failures such as theft of information, data breaches, and circumvention of security
controls.

5. How would you position a layered security approach with a layered security
management approach for an IT infrastructure?
- The solution is to make sure that protocols in each layer correspond and function
together. This way you can position the higher protocols with higher ones and lower
with lower ones.

6. If a system administrator had both the ID and password to a system, would that be a problem?
- Yes, Having both the ID and password to a system poses a serious security risk by
granting an administrator unrestricted access, potentially leading to misuse or
unauthorized access. This situation undermines security controls, complicates
auditing and accountability, and heightens the risk of insider threats.

BUSINESS REPORT 5
7. When using a layered security approaches to system administration, who
would have the highest access privileges?
- The super administrator of the IT system would have highest access privileges

8. Who would review the organizations layered approach to security?

- The administrator of the IT security apartment.

9. Why do you only want to refer to technical standards in a policy definition

document?
- Because the technical standards in a policy definition document identify and
enumerate these industries recommended standards that will help enforce an IT
policy.

10. Why it is important to define guidelines in this layered security

management policy?
- Because it is really important to understand guidelines, when a user violates policy
or bad things happen, the user will know the way to isolate the issue that will help
mitigate the risk.

11.Why is it important to define access control policies that limit or prevent

exposing customer privacy data to employee?
- Because employees are human so that sometimes they will violate policy for no
reason. To mitigate that risk, the data of customers must the encrypted or limited
access from employees.

12. Explain why the seven domains of a typical IT infrastructure helps

organizations align to separation of duties.
- Because each domain represents a distinct area of responsibility within the IT
environment, and by delineating these domains, organizations can clearly define
roles and responsibilities. This separation of duties ensures that no single individual
has excessive control over critical functions or systems, reducing the risk of
unauthorized access, fraud, and errors.

13. Why it is important for an organization to have a policy definition for

BUSINESS REPORT 6
Business Continuity and Disaster Recovery?
- Because it has the highest odds of recovering from it with minimal damages and
losses.

14.Why is it important to prevent users from downloading and installing

applications on organization owned laptops and desktop computers?
- Because some download on internet contains virus or malware. So, it really
important to prevent users download and install that will reduce risk.

15. Separation of duties is best defined by policy definition. What is needed to

ensure it success?
- Separation of duties is the concept of having more than one person required to
complete a task. Individual person in company will be the key of success.

-END-

BUSINESS REPORT 7
HEADING
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Feugiat vivamus at augue eget. Vitae turpis massa sed elementum tempus.
Bibendum enim facilisis gravida neque. Aenean euismod elementum nisi quis eleifend quam
adipiscing vitae proin. Facilisi nullam vehicula ipsum a. Integer enim neque volutpat ac tincidunt vitae
semper. Proin sagittis nisl rhoncus mattis rhoncus. Morbi tristique senectus et netus. Purus ut
faucibus pulvinar elementum integer.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Quis eleifend quam adipiscing vitae proin sagittis nisl rhoncus mattis. At tellus
at urna condimentum mattis. Odio aenean sed adipiscing diam donec adipiscing tristique. Molestie ac
feugiat sed lectus vestibulum mattis ullamcorper velit sed. Cursus in hac habitasse platea dictumst
quisque sagittis purus sit.

Subheading
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Pellentesque id nibh tortor id aliquet. Purus in mollis nunc sed. Elit duis tristique
sollicitudin nibh sit amet commodo nulla. At tellus at urna condimentum. Nunc non blandit massa
enim nec dui nunc. Massa id neque aliquam vestibulum morbi blandit.

Lorem ipsum dolor sit amet consectetur adipiscing. Nisi lacus sed viverra tellus. Orci eu lobortis
elementum nibh tellus molestie nunc non. Laoreet suspendisse interdum consectetur libero id
faucibus nisl tincidunt. Pharetra massa massa ultricies mi quis hendrerit dolor. Non tellus orci ac
auctor augue mauris augue neque gravida. Nunc non blandit massa enim nec dui nunc mattis. Nulla
malesuada pellentesque elit eget gravida cum. Sit amet nulla facilisi morbi

Description Description Description

Lorem Ipsum is simply dummy text ofLorem

the printing
Ipsum and
is simply
typesetting
dummy industry.
text ofLorem
the printing
Ipsum and
is simply
typesetting
dummy industry.
text of the p

BUSINESS REPORT 8
HEADING
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore
et dolore magna aliqua. Dictum at tempor commodo ullamcorper. Suspendisse ultrices gravida
dictum fusce ut. Mauris nunc congue nisi vitae suscipit tellus mauris a. Amet mauris commodo quis
imperdiet massa tincidunt nunc. Amet dictum sit amet justo donec. Netus et malesuada fames ac
turpis egestas integer. Faucibus interdum posuere lorem ipsum dolor. Porttitor eget dolor morbi non
arcu. Sit amet dictum sit amet justo donec enim diam. Augue lacus viverra vitae congue eu
consequat. Porta non pulvinar neque laoreet suspendisse interdum. Varius sit amet mattis vulputate
enim nulla aliquet porttitor lacus. Ipsum faucibus vitae aliquet nec ullamcorper sit amet risus nullam.
Pellentesque adipiscing commodo elit at. Fermentum iaculis eu non diam phasellus. Aliquet lectus
proin nibh nisl condimentum id venenatis a condimentum.

Ut ornare lectus sit amet est placerat. Tincidunt vitae semper quis lectus nulla at volutpat. Sit amet
nisl suscipit adipiscing bibendum. Nunc sed id semper risus in hendrerit. Tincidunt praesent semper
feugiat nibh sed pulvinar proin gravida. Sed felis eget velit aliquet sagittis. Porta lorem mollis aliquam
ut porttitor leo a diam. Mattis molestie a iaculis at erat pellentesque adipiscing commodo. Mi proin
sed libero enim sed. Egestas diam in arcu cursus euismod quis. Massa ultricies mi quis hendrerit
dolor magna. Fermentum iaculis eu non diam phasellus vestibulum.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eius

Metus dictum at tempor commodo ullamcorper a. Laoreet suspendisse interdum consectetur libero
id. Risus ultricies tristique nulla aliquet enim tortor at auctor urna. A lacus vestibulum sed arcu non
odio euismod lacinia at. Tortor id aliquet lectus proin nibh nisl condimentum id venenatis. Neque
gravida in fermentum et sollicitudin ac orci phasellus. Morbi enim nunc faucibus a pellentesque sit
amet porttitor eget. Nunc sed blandit libero volutpat sed cras ornare arcu. Sit amet nisl purus in mollis
nunc sed. Risus nec feugiat in fermentum. Integer vitae justo eget magna fermentum iaculis eu non
diam. Vulputate eu scelerisque felis imperdiet proin. Ridiculus mus mauris vitae ultricies. Gravida
rutrum quisque non tellus orci ac. Quam vulputate dignissim suspendisse in est ante in nibh mauris.
Quis auctor elit sed vulputate mi sit.

Eu lobortis elementum nibh tellus molestie nunc non. Consectetur lorem donec massa sapien
faucibus et molestie. Consequat interdum varius sit amet mattis vulputate enim. Non enim praesent
elementum facilisis leo. Elementum eu facilisis sed odio morbi quis commodo. Bibendum enim
facilisis gravida neque convallis a cras semper. Risus in hendrerit gravida rutrum quisque. Aliquam
eleifend mi in nulla posuere. Malesuada fames ac turpis egestas maecenas. Molestie ac feugiat sed
lectus vestibulum mattis. Eget nullam non nisi est sit amet. Pulvinar elementum integer enim neque.
Dui accumsan sit amet nulla facilisi morbi

BUSINESS REPORT 9
BUSINESS REPORT 10
HEADING
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Pellentesque id nibh tortor id aliquet. Purus in mollis nunc sed. Elit duis tristique
sollicitudin nibh sit amet commodo nulla. At tellus at urna condimentum. Nunc non blandit massa
enim nec dui nunc. Massa id neque aliquam vestibulum morbi blandit.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Nullam ac tortor vitae purus faucibus ornare suspendisse sed nisi. Adipiscing
elit pellentesque habitant morbi tristique senectus et. Ultricies leo integer malesuada nunc vel.

2020 2021 2022

Labor $50,000 $60,000 $75,000
Materials $20,000 $25,000 $27,000
Research $10,000 $5,000 $5,000

Year over year costs

80K

70K

60K

50K

40K

30K

20K

10K

K
Labor Materials Research

2020 2021 2022

BUSINESS REPORT 11

IT Security Policy Crafting Guide
No ratings yet
IT Security Policy Crafting Guide
8 pages
Lab 4
No ratings yet
Lab 4
5 pages
LAB4
No ratings yet
LAB4
6 pages
Layered Security Policy Guide
No ratings yet
Layered Security Policy Guide
4 pages
Lab4 Worksheet
No ratings yet
Lab4 Worksheet
7 pages
Lab4 IAP301 IA1802
No ratings yet
Lab4 IAP301 IA1802
4 pages
Lab 4
No ratings yet
Lab 4
4 pages
Võ Minh Khánh - SE140781 Trần Đăng Khoa - SE140934
No ratings yet
Võ Minh Khánh - SE140781 Trần Đăng Khoa - SE140934
6 pages
Lab3 IAP301 Group4
No ratings yet
Lab3 IAP301 Group4
7 pages
Lab3 Worksheet
No ratings yet
Lab3 Worksheet
9 pages
Lesson 8
No ratings yet
Lesson 8
33 pages
Chapter 8 Summary
No ratings yet
Chapter 8 Summary
2 pages
IT Infrastructure Risks & Policies
No ratings yet
IT Infrastructure Risks & Policies
4 pages
Network and Information Security
No ratings yet
Network and Information Security
29 pages
Lab9 Worksheet
No ratings yet
Lab9 Worksheet
8 pages
Information Assurance and Security (GOVERNANCE and RISK MANAGEMENT - Module5)
No ratings yet
Information Assurance and Security (GOVERNANCE and RISK MANAGEMENT - Module5)
5 pages
Lab #3 - Assessment Worksheet: Risk - Threat - Vulnerability
No ratings yet
Lab #3 - Assessment Worksheet: Risk - Threat - Vulnerability
4 pages
Lab3 - Information Systems Security Policy FW
0% (2)
Lab3 - Information Systems Security Policy FW
5 pages
Developing Secure Information System
No ratings yet
Developing Secure Information System
27 pages
Lab4 IAP301
No ratings yet
Lab4 IAP301
15 pages
IAP301 SE161501 Lab3
No ratings yet
IAP301 SE161501 Lab3
6 pages
CISSP
No ratings yet
CISSP
11 pages
Information Security Policy Template
No ratings yet
Information Security Policy Template
8 pages
Module IV Information Systems Security Domains of IT Infrastructure
No ratings yet
Module IV Information Systems Security Domains of IT Infrastructure
44 pages
Unit 4 Assignment 1
No ratings yet
Unit 4 Assignment 1
5 pages
Lab9 IAP301 HE172600 IA1802
No ratings yet
Lab9 IAP301 HE172600 IA1802
4 pages
M6-T2 Essay Questions
No ratings yet
M6-T2 Essay Questions
5 pages
Lab 3
No ratings yet
Lab 3
4 pages
Wireless Network Security Risks
No ratings yet
Wireless Network Security Risks
4 pages
Mod5 QB Crypto
No ratings yet
Mod5 QB Crypto
14 pages
Lab #3 - Assessment Worksheet
No ratings yet
Lab #3 - Assessment Worksheet
4 pages
IT General Controls - 08
100% (2)
IT General Controls - 08
19 pages
Delos Santos - Roan - Assignment - March 21
No ratings yet
Delos Santos - Roan - Assignment - March 21
3 pages
Security Policy
No ratings yet
Security Policy
7 pages
BETC - Security - Learning Outcome 4 5
No ratings yet
BETC - Security - Learning Outcome 4 5
34 pages
Lec 2
No ratings yet
Lec 2
37 pages
Chap 8
No ratings yet
Chap 8
4 pages
Lab #1: Assessment Worksheet
No ratings yet
Lab #1: Assessment Worksheet
5 pages
Lab 2 Assessment Worksheet Align Risk TH
No ratings yet
Lab 2 Assessment Worksheet Align Risk TH
18 pages
Business Value of Security Control
No ratings yet
Business Value of Security Control
3 pages
1-Computer Security EENG-524 Lecture-01
No ratings yet
1-Computer Security EENG-524 Lecture-01
25 pages
CH8. Controls For Information Security
0% (1)
CH8. Controls For Information Security
18 pages
Information Security and Analysis Labda4: NIST Report For VIT
No ratings yet
Information Security and Analysis Labda4: NIST Report For VIT
11 pages
Seinio Tweulongelwa Ndeiluka - 2126922
No ratings yet
Seinio Tweulongelwa Ndeiluka - 2126922
13 pages
Security in Applications EJE 2 PDF
No ratings yet
Security in Applications EJE 2 PDF
9 pages
Midterm 5226
No ratings yet
Midterm 5226
13 pages
Fundamentals of Information Systems Security
100% (1)
Fundamentals of Information Systems Security
34 pages
Information Systems Assignment 2
No ratings yet
Information Systems Assignment 2
53 pages
Lab3 SE150956
No ratings yet
Lab3 SE150956
4 pages
IT Security Risks for Healthcare
No ratings yet
IT Security Risks for Healthcare
7 pages
IT Security Frameworks
No ratings yet
IT Security Frameworks
11 pages
Lab 03
No ratings yet
Lab 03
6 pages
Introduction Information Assurance and Security 1
No ratings yet
Introduction Information Assurance and Security 1
12 pages
Lab 3-Nhóm 5
No ratings yet
Lab 3-Nhóm 5
5 pages
Module 8 Assignment
No ratings yet
Module 8 Assignment
4 pages
IT 253 Project Two Security Plan
No ratings yet
IT 253 Project Two Security Plan
4 pages
Bau4 Owen Kapichi Information Systems Audit Bau21me070
No ratings yet
Bau4 Owen Kapichi Information Systems Audit Bau21me070
7 pages
VIMPPPPPCISSPDomain05202019 - 25 PAGES
No ratings yet
VIMPPPPPCISSPDomain05202019 - 25 PAGES
25 pages
Cyber Security
No ratings yet
Cyber Security
628 pages
Project FunctionList Template
No ratings yet
Project FunctionList Template
9 pages
Assignment 3
No ratings yet
Assignment 3
2 pages
DATA301 Lab01 ReqDescrition
No ratings yet
DATA301 Lab01 ReqDescrition
1 page
Boat Booking System
No ratings yet
Boat Booking System
2 pages
Project 1
No ratings yet
Project 1
2 pages
Sir Ragnar Sir Ragnar: The Chronicles of
No ratings yet
Sir Ragnar Sir Ragnar: The Chronicles of
5 pages
TESTBANK MANAGEMENT ACCOUNTING - Chapter10
100% (1)
TESTBANK MANAGEMENT ACCOUNTING - Chapter10
41 pages
Pharmacy Services
No ratings yet
Pharmacy Services
3 pages
Digital Payment Insights Survey
No ratings yet
Digital Payment Insights Survey
2 pages
(Chavez V Gonzales By: Clyne
No ratings yet
(Chavez V Gonzales By: Clyne
10 pages
Stations of The Cross Way Booklet Children
0% (1)
Stations of The Cross Way Booklet Children
8 pages
Political Rap
No ratings yet
Political Rap
3 pages
Diajukan Untuk Memenuhi Salah Satu Tugas Mata Kuliah Bahasa Inggris II Susilawati, M.Kep., NS., Sp. Kep - MB
No ratings yet
Diajukan Untuk Memenuhi Salah Satu Tugas Mata Kuliah Bahasa Inggris II Susilawati, M.Kep., NS., Sp. Kep - MB
4 pages
Led Zeppelin's Essential Albums
No ratings yet
Led Zeppelin's Essential Albums
2 pages
Journal of Business Research: Ceridwyn King, Juan M. Madera, Lindsey Lee, Enrique Murillo, Tom Baum, David Solnet
No ratings yet
Journal of Business Research: Ceridwyn King, Juan M. Madera, Lindsey Lee, Enrique Murillo, Tom Baum, David Solnet
12 pages
1996 Williamson Vortex Dynamics in The Cylinder Wake Ann Review
No ratings yet
1996 Williamson Vortex Dynamics in The Cylinder Wake Ann Review
67 pages
Digital Circuit Testing Guide
No ratings yet
Digital Circuit Testing Guide
54 pages
Design Your Life with Design Thinking
No ratings yet
Design Your Life with Design Thinking
22 pages
Chandler, David P. - Royally Sponsored Human Sacrifices in Nineteenth Century Cambodia The Cult of Nak T A Me Sa (Mahisasuramardini) at Ba Phnom
No ratings yet
Chandler, David P. - Royally Sponsored Human Sacrifices in Nineteenth Century Cambodia The Cult of Nak T A Me Sa (Mahisasuramardini) at Ba Phnom
16 pages
Osman Hamdi Bey's Oriental Travels
No ratings yet
Osman Hamdi Bey's Oriental Travels
7 pages
China Bank vs. Ortega G.R. No. L-34964
No ratings yet
China Bank vs. Ortega G.R. No. L-34964
4 pages
EXAMINATION 2023-24 B.SC. (NEP) - YEAR-2-SEM-4 (U.G. NEP Semester (Back) Even)
No ratings yet
EXAMINATION 2023-24 B.SC. (NEP) - YEAR-2-SEM-4 (U.G. NEP Semester (Back) Even)
4 pages
Critical Analysis in Output-Based Education
100% (1)
Critical Analysis in Output-Based Education
4 pages
Peer Observation Instrument To Evaluate The Technical and Pedagogical Features of Hyper Studio
No ratings yet
Peer Observation Instrument To Evaluate The Technical and Pedagogical Features of Hyper Studio
9 pages
Calendula Oil PDF
No ratings yet
Calendula Oil PDF
5 pages
Benlac Melcs Creative
No ratings yet
Benlac Melcs Creative
3 pages
Comparative and Superlative Exercises
No ratings yet
Comparative and Superlative Exercises
2 pages
Chapter 1 Introduction To The Study of Globalization
No ratings yet
Chapter 1 Introduction To The Study of Globalization
22 pages
Petition For Habeas Corpus DC Template
No ratings yet
Petition For Habeas Corpus DC Template
4 pages
New Topic Proposal Template
No ratings yet
New Topic Proposal Template
13 pages
Level 4.1 Diagonstic Test
No ratings yet
Level 4.1 Diagonstic Test
5 pages
Clarium Save Now Invest Later
No ratings yet
Clarium Save Now Invest Later
22 pages
Chapter 4 - Phase 1
No ratings yet
Chapter 4 - Phase 1
25 pages
Ancient Indian History Quiz
No ratings yet
Ancient Indian History Quiz
22 pages
In The Kitchen-Revision
No ratings yet
In The Kitchen-Revision
53 pages