Vulnerabilities assessment and Recommendation Project

Anonymous
timer Asked: Mar 26th, 2017
account_balance_wallet $30

Question Description

Vulnerabilities Assessment and Recommendation Document (Parts 1-3)

You will provide a detailed vulnerabilities assessment document, along with some specific recommendations to implement to address the vulnerabilities you have described. This document should be based on the scenario provided. Use LabSim as a guide in your analysis and recommendations.

Your proposal will be submitted in three major parts:

1.Vulnerabilities Assessment

2.Network System Security Recommendations

3.Application/End-User Security Recommendations

Unformatted Attachment Preview

You have been recently hired as a network security analyst for a small accounting firm. The firm realizes that it needs help to secure its network and customers' data. With your background and skills, the firm is looking to you to provide guidance. In addition to helping the firm secure its network, the firm requires that you obtain your CompTIA Security+ certification within 60 days of being hired. In addition to the owner, who serves as the overall business manager, there are about 20 people on staff: ➢ 10 accountants ➢ 3 administrative support specialists ➢ 1 vice president ➢ 1 financial manager ➢ 2 interns There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project. The firm has a simple network. There are 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff email accounts are set up through the company’s Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner uses his personal iPad during work hours to check and respond to email messages. Prior to your hiring, the firm hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. The firm wants to move away from using wireless as the primary network connection, but wants to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them. You’ve been asked to assess the current vulnerabilities and provide a recommendation to the firm’s owner on how to better secure the network infrastructure. Now that you are aware of the firm’s history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm’s owner has a basic understanding of computing, so it is important that you explain the technical issues in layman's terms. In this learning demonstration, you will use TestOut Security Pro to help you understand how to identify and assess network infrastructure and pass the CompTIA Security+ certification. In order to identify your strengths and weaknesses, you will first complete the practice exam that will prepare you for the certification. The learning materials within LabSim will help you understand the types of vulnerabilities within a network and how to address them. As you step through each set of activities, you will submit a Vulnerabilities Assessment and Recommendation Document in three parts. Use the results of the certification practice exam you took at the beginning of the class to help guide you on which areas within LabSim you should pay closer attention. You must complete all online labs in LabSim; these are the activities with the computer mouse icon. Some of the other areas in LabSim are optional. You can complete any or all of those if you feel you need to learn more about the topics. There are nine steps in this project that lead you through each deliverable. Begin with Step 1, obtaining access to TestOut Security Pro and enrolling in LabSim, and then continue with Step 2, taking the practice exam. Vulnerabilities Assessment and Recommendation Document (Parts 1-3) You will provide a detailed vulnerabilities assessment document, along with some specific recommendations to implement to address the vulnerabilities you have described. This document should be based on the scenario provided. Use LabSim as a guide in your analysis and recommendations. Your proposal will be submitted in three major parts: 1.Vulnerabilities Assessment 2.Network System Security Recommendations 3.Application/End-User Security Recommendations It should be written using the IEEE citation style. To learn how you will be assessed on this assignment, please take a moment to review the rubric. Use this template as a guide while creating your Vulnerabilities Assessment and Recommendation Document (Parts 1-3). This section should include areas where network security could pose security problems. Explain why these vulnerabilities could be exploited and what the implications are if they are not addressed. In this section, you do not need to provide specific recommendations on how to mitigate these issues. Network System Security Recommendations This section should include specific recommendations based on the vulnerabilities identified in the previous section. These would include procuring new equipment or systems, and you should explain why these systems or equipment are needed. Cognizant that the firm only has a NETGEAR wireless router, you should determine what else is needed. The firm has Cat 6 cable running from each work area to the central wiring closet. But those cables are just hanging from the ceiling now. The technician has recommended implementing a managed switch, a firewall, and a Windows domain, as well as setting up some backups (note: this could mean many things). Research appropriate equipment and provide guidance on the setup as appropriate for the business. Include any configuration information for the equipment. For example, if you are getting a firewall, what setting(s) from a firewall should be in place for this firm? Application/End-User Security Recommendations This should include end-user specific recommendations such as the need for a specific application on the end-user’s computer or a specific training or best practice that the user must employ. Again, explain why these are necessary and provide the specific configuration information as needed. ...
Purchase answer to see full attachment

Tutor Answer

CASIMIR
School: New York University

Please use this second attachment it is the best

1
Student’s Name
Professor’s Name
Vulnerabilities Assessment and Recommendation Project
Date
Vulnerabilities Assessment and Recommendation Project
Vulnerabilities Assessment
A network infrastructure contains several devices which are interconnected and designed
to transport the communications needed for applications, multimedia, data, and devices. Any
network infrastructure need to be secured and as the threat change, so should the security
strategy. Vulnerability is simply a weak spot within a network infrastructure that might be
exploited by a threat or hacks. For a very long time now, vulnerable network devices have been
the target of choice and one of the most effective techniques for hackers and the advanced threat
actors [1].Unfortunately all form of protection has little effect on today’s most notorious cyber
creatures. Below are examples of network infrastructure vulnerabilities.
USB thumb drives are the most common ways used to infect any network inside a
firewall simply because they are inexpensive, hold a lot of data, they are small and can also be
used to between multiple computers of different types. USB thumb drives are mostly used by
hackers to develop malware that automatically executes as soon as it is connected to a live USB
port. The operating System (OS) makes it worse by allowing programs to run automatically
including the malicious programs.

2
Laptops and netbooks can be a vulnerability to any network infrastructure. Laptops or
iPads are portable, discreet, include a full operating system, have an internal battery and come
with an Ethernet port for tapping into any network. A laptop, iPad or a notebook may already
have a malicious code that is running at the background and that has been tasked to scour the
network and also f...

flag Report DMCA
Review

Anonymous
Goes above and beyond expectations !

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors