Reference no: EM131870942

Assignment

Throughout this course, you will be developing a framework to bring focus to areas of concern for the enterprise to take action toward implementing best practices for network security. The Partly Individual Project assignments will culminate in the final Key Assignment. Each Partly assignment will build upon the work and knowledge of previous Parts. You will create 1 single document that contains all of the Partly assignments in separate sections, culminating with the final submission. Additional information and the deliverables for each Individual Project will be provided in the assignment description for this project. You are responsible for adding each of these ongoing Individual Project assignments into your Key Assignment document.

The Network Architecture Security Plan Proposal will consist of the following deliverables:

• Part 1: Section 1: Introduction
• Part 1: Section 2: Network Architecture
• Part 2: Section 3: Managing and Protecting Data
• Part 3: Section 4: Risk Assessment
• Part 4: Section 5: Digital Evidence Controls, Computer Forensic Analysis, and Recovering Files
• Part 5: Section 6: Recommendations for Best Practices

The following is the outline for the document shell:

• Use Word

• Title Page

o Course number and name
o Project name
o Student name
o Date

• Table of Contents (TOC)

o Use an autogenerated TOC.
o This should be on a separate page.
o Be sure to update the fields of the TOC so it is up-to-date before submitting your project.
o Section Headings (create each heading on a new page with TBD as content except for sections listed under New Content below)

- Introduction
- Network Architecture
- Managing and Protecting Data
- Risk Assessment
- Digital Evidence Controls, Computer Forensic Analysis, and Recovering Files
- Disaster Recover and Business Continuity Policies
- Training Plan
- Recommendations for Best Practices

The project deliverables for Part 1 will include the completion of 2 sections.

Section 1: Introduction

You are a system administrator, and you have been selected to develop a Network Architecture Security Plan Proposal for an enterprise or organization with which you are familiar or for a fictitious enterprise.

The first step will be to select an enterprise or organization as the target for your Network Architecture Security Plan Proposal. This project will be used as the basis for each of the assignments throughout the course and should conform to the following guidelines:

• The selected enterprise should be large enough to reflect the need to consider the adoption of the Network Architecture Security Plan and best practices for network security.

• You should be familiar enough with the organization to allow focus on its network architecture.

• Select an enterprise that fits these requirements, and address the following:

o Describe the organization, including a company size, a company location, and a list of products or services.
o Include the rationale for your choice.

Section 2: Network Architecture

Complete the following:

• Describe the network architecture for this organization.

• Identify physical structures, major types of hardware used to connect computers and networks together, and the way data travels through the network.

• Include a diagram to help support your description of the network architecture.

Section 3: Managing and Protecting Data

Technology is not effective if people do not follow procedures. Policies designate how the technology can be used, by whom, and for what purpose. Through the policies, the technology can be appropriately applied to ensure business purposes and objectives are met. As the system administrator, you need to further develop your Network Architecture Security Plan Proposal for your organization.

In this section, describe how you will manage and protect your network. Describe policies for each of the following:

• User access to computer resources
• Security profiles
• Passwords
• E-mail
• Internet access
• Antivirus
• Backup
• System patches
• Remote access
• Intrusion detection
Key Assignment Draft

Section 5: Digital Evidence Controls, Computer Forensic Analysis, and Recovering Files

Digital evidence is digital information that may be used as evidence in a security investigation case. Computer forensic analysis involves searching, preserving, and reviewing information on a computer to find potential legal evidence. File recovery involves retrieving a damaged or deleted computer file.

As system administrator, you need to further develop your Network Architecture Security Plan Proposal for your organization with information regarding digital evidence controls, computer forensics, and file recovery.

In this section, perform the following:

• Describe how you will preserve information for forensic analysis.
• Identify digital evidence controls that are in place for your network.
• Research, analyze, and recommend at least 2 computer forensic tools for forensic analysis and file recovery to be used on your network.
• Describe each of the tools, and explain how each tool will help support forensic analysis and file recovery.
• Be sure to cite all sources using APA format.

Part 1: Final Key Assignment

Update your Network Architecture Security Plan Proposal for your Key Assignment. This will be a culmination of all of the documents that you have created in this course. Include any instructor and peer feedback that you received. Your final proposal should include the following:

• Updated table of contents
• Company background
• Network architecture
• Managing and protecting data
• Risk assessment
• Digital evidence controls
• Computer forensic analysis and recovering files
• Executive summary

Part 2: Section 6: Recommendations for Best Practices

Complete the following:

• Make recommendations for best practices that summarize the course concepts introduced in your Network Architecture Security Plan Proposal.

• Explain why the proposal should be accepted as best practices for the organization.

• Include all research completed during the build of your Key Assignment, such as corrective actions to mitigate the risks for threats that could affect the confidentiality, integrity, or availability of the system, security policies, and antiforensic techniques.