User Account

All Pages

Who serves as the overall business manager

Assignment Help Computer Network Security
Reference no: EM131324896

Assessment Project Network Security

You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer's data. With your background and skills, they are looking to you to provide guidance. In addition to helping them secure their network, they require that you obtain your CompTIA Security+ certification within 60 days of being hired.

In addition to the owner, who serves as the overall business manager, there are about 20 people on staff:

- 10 accountants
- 3 administrative support specialists
- 1 vice president
- 1 financial manager
- 2 interns

There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project.

The firm has a simple network. There are currently 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff e mail accounts are set up through the company's Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner is known to use his personal iPad during work hours to check and respond to e mail messages.

Prior to your hiring, they hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. They want to move away from using wireless as the primary network connection, but want to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them.

You've been asked to assess the current vulnerabilities and provide a recommendation to the firm's owner on how to better secure the network infrastructure. Now that you are aware of the firm's history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm's owner has a basic understanding of computing, so it is important that you explain the technical issues in layman's terms.

I. Vulnerability Assessments

Use this section to describe any network security vulnerabilities. Use the scenario along with industry standards and best practices to identify the vulnerabilities. Describe why it is vulnerable and what the implication is if it is not mitigated.

The example below is of the physical security of a warehouse. (In your submission, you will have several vulnerabilities identified and mitigated.)

At the Alpha Warehouse, we discovered one key vulnerability to the physical security. This was the use of a Master Lock combination lock to secure the back entrance. While the use of a combination lock can limit the number of people who can enter to those given the combination, vulnerability in the design of these locks was recently exposed. By using "a process that requires less than two minutes and a minimal amount of skill to carry out [[1]]," would-be thieves can access the warehouse through a single entrance. While the thief will need to also have access to an online calculator that helps stream the process, the prevalence of smart phones makes this a small hurdle to jump, allowing any interested parties quick access to the Alpha Warehouse.

II. Network/System Security Recommendations

This section will provide network/system security recommendations on how to address the vulnerabilities identified in Section I. Provide specific courses of action along with any pertinent information about the recommendations. In this section, you will cover recommendations only to network infrastructure or network devices. Don't cover software recommendations here.

Example

In order to resolve the vulnerability created by using a Master Lock combination lock, it is recommended that it be replaced by a more secure deadbolt door lock-specifically, a Falcon D241. This lock is rated as the top standard lock by Consumer Reports. They rate its resistance to kicking, prying, wrenching and hammering as excellent, and the resistance to picking and sawing as very good. The only thing that was considered poor was its resistance to drilling, but no standard lock was anything other than poor. Only the high security locks had higher ratings for drilling, and only one of those, the Medeco Macum 11WC60L, was rated higher than the Falcon [[2]]. Given its price of almost three times as much as the Falcon, the cost does not seem worth the benefit. However, it is a more secure option that the warehouse administration may want to consider.

III. Application/End-User Security Recommendations

This section will provide application/end-user security recommendations. Provide specific course of actions along with any pertinent information about the recommendations. This section will include any network protocol or software as well as actions that end-user must do.

Example

In addition to installing a new lock on the back door of the warehouse, there are policy recommendations that warehouse administration should implement. The most important policy recommendation is that the number of keys to the back entrance of the warehouse should be limited to only those that need it and in most cases only when they need it. As this is a secondary entrance, it is not necessary that all employees have a permanent key. The warehouse manager should have one key that he keeps at all times. Additionally, he should have access to a secondary key in the warehouse office that only he can access. This secondary key can be given on a temporary basis to employees who need to access the back entrance. Also, this secondary key should be given on a sign-out basis. Employees who are given the key should have their name noted in a log book. When they return it, another notation is made indicating such. This tracks who is responsible for the key at any given time, and should it go missing, will serve as a paper trail for who had the key last.

Bibliography

[1] D. Goodin. (2015). How to crack many Master Lock combinations in eight tries or less [Online]. Available: https://www.arstechnica.com/security/2015/04/how-to-crack-any-master-lock-combination-in-8-tries-or-less/

[2] No Author. (2011). Door Lock Ratings [Online]. Available behind paywall: https://www.consumerreports.org/cro/magazine-archive/2011/june/home-garden/best-door-locks/ratings/index.htm

Reference no: EM131324896

Questions Cloud

Estimate made from the three estimation methodologies : Barton Industries expects next year's annual dividend, D1, to be $1.90 and it expects dividends to grow at a constant rate g = 4.9%. The firm's current common stock price, P0, is $20.10. If it needs to issue new common stock, the firm will encounter ..
Effectively stimulate the methylation of dna : 1. Much pharmaceutical research targets developing anti-cancer drugs that can effectively stimulate the methylation of DNA. Formulate a possible hypothesis to explain why DNA methylation might be an effective anticancer drug.
Write a paper that presents a synthesis of your ideas : Your child comes home from school with an assignment sheet for a school project. He / she is very excited about the project and begins work immediately, doing research on the Internet and gathering materials. You read over the assignment sheet and..
Discuss financial risks : ACC 573 DISCUSSION - Evaluate whether or not you are confident that the models used for predicting bankruptcy would have been adequate to predict the invariable bankruptcy of the company you researched. Provide evidence supporting your position.
Who serves as the overall business manager : CMIT 320- In addition to the owner, who serves as the overall business manager. The example below is of the physical security of a warehouse.
Check clearing in the federal reserve system is handled by : Check clearing in the Federal Reserve System is handled by
What would be the aftertax cost of the call premium : The Harding Corporation has $50 million of bonds outstanding that were issued at a coupon rate of 10.25 percent seven years ago. Interest rates have fallen to 9 percent. Preston Alter, the vice-president of finance, does not expect rates to fall any ..
Determine the average total cost and marginal cost : What are Exotic Metals' profit-maximizing price and output levels for the production and sale of beryllium?
The standard deviation of the market portfolio : You are considering an investment in Tar Heel Championship, LLC. You know the risk free rate is 2.0%, the expected return on the market portfolio is 9.2%, and the standard deviation of the market portfolio is 22.09%. You also know that Tar Heel Champ..

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd