Designing a Secure Network Infrastructure

User Generated

Negrfvn

Writing

Description

It has 5 Parts.

I do not require all of them at once. Each part has the date next to them for when I require them. If you get them all done beforehand, great! :)


PART 1(September 20, 2018)

Milestone 1 (Due Week 4): Your first milestone consists of two deliverables: a Visio diagram that depicts your interpretation of the current network and a written summary of network vulnerabilities that you uncover. Your network diagram doesn't have to depict every object. Instead, you can summarize objects.

Good general guidelines for your diagram are as follows:

1. The diagram fits on one page.

2. Your name is on the diagram.

3. Your diagram has a title or heading that contains the assignment number.

4. It is formatted nicely to make it easy to understand.

5. The objects in the diagram are clearly identified.

6. When a single object is used to represent multiple objects, it is labeled to show the correct numbers.

7. Connections are labeled.

When creating your drawing, use Visio.

Your written summary is an explanation of the network, system, and server assets along with any vulnerabilities you may observe. This should be done in Microsoft Word and should follow standard academic formatting with proper attention to spelling, grammar, punctuation, etc. Make sure you include a brief introduction explaining your document.

PART 2 (October 4, 2018)

This encompasses everything that you have learned up to this point. This week you will design improvements to the network infrastructure that incorporate encryption. You will also design improvements to the wireless networks. Use the information from your studies and feedback from previous assignments, to help you with this process. Revise your original Visio diagram to depict any changes that you propose to make. Then, summarize your recommendations for change in a Microsoft Word document. You may use any appropriate sources for your requirements. Remember to cite your sources.

The following questions are useful to you while you are creating your design. You should think about them while you are revising your diagram and summarizing your recommendations. Please do not provide answers to them as part of your deliverables.

1. Have I uncovered additional vulnerabilities since Milestone 1?

2. How should I prioritize the known vulnerabilities?

3. Can vulnerabilities be addressed through reconfiguration, or will I need additional hardware and software?

4. How can encryption address known vulnerabilities?

5. What security features are not currently in use?

6. What is the impact of using every means to encrypt the network and secure wireless access?

Your document should be professionally formatted with a brief introduction and proper attention to spelling, grammar, punctuation, etc.

Your diagram should contain any revisions to the original network infrastructure that are required to improve security.

PART 3 (October 18, 2018)

For this milestone you will design improvements to the network infrastructure that improve security to electronic mail and protect against intruders and malicious software. Revise your original Visio diagram to depict any changes that you propose to make. Then, summarize your recommendations for change in a Microsoft Word document.

The following questions are useful to you while you are making additions to your design. You should think about them while you are revising your diagram and summarizing your recommendations. Please do not provide answers to them as part of your deliverables.

1. Have I uncovered additional vulnerabilities since Milestone 2?

2. Does the redesign provide defense in depth?

3. Will the new secure network architecture maximize accessibility for wireless devices while still providing an appropriate level of security for a payment processing system?

4. What types of encryption are most effective and where should they be utilized?

5. What is the impact of each change on authorized users?

Your diagram should contain any revisions to the original network infrastructure that are required to improve security.

PART 4 (November 1, 2018)

For this milestone you will be making your final design changes to the network infrastructure. Use everything that you have learned from this course to provide the appropriate level of security at each level of the network. Again, use the information from your studies and feedback from previous assignments, to help you with this process. Produce a final revision of your Visio diagram and a final set of recommendations for change in a Microsoft Word document. You should include any past Visio diagrams as tabs, so we can track changes and progress. Your written discussion should explain your recommendations in enough detail to be easily understood by the "customer."

You should be thinking about these questions when creating this design.

1. Does the network redesign address vulnerabilities that have been discovered since Milestone 3?

2. Will the use of security appliances restrict performance? If so, where?

3. Are there any back doors or hidden paths that could be used to circumvent security that haven’t been addressed in the new infrastructure?

4. Is the new design technically feasible? Is it cost effective?

5. What capabilities, if any, are lost or restricted once it is implemented?

6. Would the new system appeal to you as a user?

PART 5 (November 10, 2018)

A brief PowerPoint presentation to be made to senior management explaining your recommendations. In your presentation, provide an overview of the present system, including any security vulnerabilities that you found. Outline the main points/diagrams/recommendations. Be sure to have a conclusion that offers to continue your duties as consultant - you want to be hired to implement your design!

A good PowerPoint presentation has the following characteristics:

1. An introductory slide.

2. Separate slides for each main point.

3. Short phrases and headlines. Do not use complete sentences and paragraphs!

4. A good, solid conclusion.

5. A closing slide that states what you want to happen next. (You want to implement this design! Tell them how to contact you).

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello, the work is done.I have waited to hear from you but you have not responded.Am looking forward to work with you.

SURNAME 1
Name:
Tutor:
Course:
Date:

SURNAME 2

SURNAME 3
Abstract
Recently due to the high growth rate in Information Technology (IT) sector, major internal
and external threats and vulnerabilities in system and networking environment security have
rapidly prevail compared to back in time. Cyber insecurities/ cyber-attacks is among the top
leading crimes both locally and globally targeting government organizations and cooperate
agencies.
Security vulnerabilities and threats in computer system environment (computer hardware,
software, user and networks) should be assessed frequently at least quarterly per year, remedied
and mitigated accordingly to prevent the obstructive impacts that data breach situations can
inflict to an organization. Most security breaches can be blocked if the organization has
implemented some easy-to-learn preventive plan or measures like enforcement of encryption
schemas and firewalls. Security and risk assessments should also be conducted to preventing
future vandalization of the system at large.
The document will cover more in-depth findings of a Visio network diagram, network
threats, and vulnerabilities, network security assessment methodologies, recommendations about
the vulnerabilities, mitigation and remediation and final presentation of the present network
system (Amoroso, 1994)
Introduction
Computer or data network is a group of two or more interconnection of the different
computer system for an essential purpose of sharing of resources using data connectors or links
that connect the computer system between nodes. Examples of data links used frequently are

SURNAME 4
Ethernet cables, Wireless Fidelity (WIFI), Bluetooth and fiber- optic cables. Networking boosts
sharing and communication processes among users and devices. The common types of computer
networks are;
Wireless Local Area Network (WLAN) - It is a local network based and supported by Wi-Fi
technology
Local Area Network (LAN) – it is a network that covering a shorter area, for example, a
networked office building, school or home.
Wide Area Network (WAN) - it is a geographical network of widely distributed groups of
LANs
Metropolitan Area Network (MAN) - it is a network that covers a more significant sector
than LAN but smaller than WAN.

SURNAME 5

Retrieved from; https://www.conceptdraw.com/How-To-Guide/Local-Area-Network
Fig 2. A sample of a LAN computer network
Depending on the size of the organization a particular network is installed to ensure a smooth
running of organization activities and data sharing, in this case, the organization used both WAN
and LAN networks and besides other network computing platforms (distributed, centralized and
cloud computing) for efficiency. This other networks platforms and computer networking are the
most substantial pathways targeted by cyber-attackers in case of weak authentication networks or
system for the primary reason of gaining authorization of the organization system illegally for
malicious planned objective impacting to severe consequences through hacking techniques. Both

SURNAME 6
cloud, distributed and centralized computing networks have a sole common goal of coordinating,
communications and sharing of resources like computer networking
Network Scanning and Assessment
To uncover the existing vulnerabilities and threats in the organization network and system
environment an assessment and scanning of the network traffic has to be conducted using the
vulnerability assessment and scanning tools. Network traffic is a specific given number of data
passing through a particular network at a specific given time. The most commonly used security
assessments and analyzer tools for systems are Wireshark, Microsoft Baseline Security Analyzer
(MBSA) and Open VAS because they are fully integrated, open-source software's and are widely
known for LAN security assessments. Other examples of assessment analysis tools are Nikto,
Aircrack, Retina CS Community, Tripwire IP360 and Nessus Professionals. For my vulnerability
scanning and assessments processes, I used Wireshark because it is flexible, can work with
different analysis of network packets with dissimilar Internet Protocol (IP) hosts hence saving
time and also the Wireshark Analyzer provides the module of solutions to the detected
vulnerabilities
Network Vulnerabilities
I categorized the identified threats and vulnerabilities into two divisions; internal and external
threats. The internal network vulnerabilities included unavailability of a secure network and
computer system authorization; weak authentication mechanisms; lack of inventory of databases,
servers and networking devices; lack of stable vulnerability assessment and scanning tools like
MBSA; Lack of action plan for remediation after detection of vulnerabilities in the network.

SURNAME 7
Also, change and misconfigurations of the management planning policies; according to the
organization policy there is a threat of organization lacking trained personnel basing on the
procedures to handle the networks. Lack of risk management strategies is also a network
vulnerability factor (Gleichauf, 2001). The external factors are mainly the cyber threats primarily
caused by weak or poor authorization processes to the organization network (Denning, 1999).
They include;
Packet analysis/ sniffing- it is a strategically planned cyber-attack on network packets. The
hacker at an Ethernet level obtains the computer or data networks sensitive data after analyzing
it.
Denial of Service attacks (DoS) - this cyber-attack method locks the intended users out from
accessing the network giving the hacker authorization authority to any part of the system
network
Distributed Denial of Service attack (D-DoS) - commonly occurs in organizations with
distributed network computing platforms where the attacker makes all the online network and
system services inaccessible to the users.
IP addresses spoofing- it is a common cyber-attack threat that consists of creating a fake IP
address impersonating other networks or systems identities concealing the hackers’ information
or details.
Session hijacking attacks- also termed as cookie hijacking. It involves HTTP cookie theft.

SURNAME 8
Part 2: wireless network
Network system vulnerabilities exist for organizations and enterprises using Wide Area
Networks (WANs) and Local Area Networks (LANs) for resources sharing and communication
via multiple web and mail servers. Network hackers' attacks thro...


Anonymous
Goes above and beyond expectations!

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

Related Tags