Question

In: Computer Science

Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The...

Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements.

About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.

Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:

  • An external website permitting users to browse and purchase widgets
  • An internal intranet website for employees to use
  • Secure remote access for engineering employees
  • Reasonable, basic firewall rules
  • Wireless coverage in the office
  • Reasonably secure configurations for laptops

Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.

Engineers will require access to internal websites, along with remote, command line access to their workstations.

Grading: This is a required assignment for the module.

What you'll do: You’ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan:

  • Authentication system
  • External website security
  • Internal website security
  • Remote access solution
  • Firewall and basic rules recommendations
  • Wireless security
  • VLAN configuration recommendations
  • Laptop security configuration
  • Application policy recommendations
  • Security and privacy policy recommendations
  • Intrusion detection or prevention for systems containing customer data

Solutions

Expert Solution

Authentication:

Website authentication can be done by using the user-id and password, by using social sign in (Facebook, mail) or by using the bio-metrics (fingerprints, face). Authentication means verify the user who they claim they are and to grant them access.

Authentication works as follows:

Prompting the user to enter the credentials.

Send the credentials to the authentication server.

Match the credentials.

Authorize the user and grants the access.

External Website security:

External Website security is important to protect the website from hackers, electronic thieves and to prevent security breach.

Use of firewall.

Implement the access control.

Use of MVC (Model View Controller) to create different view for different type of user.

Use of encryption.

Use of SSL certificate.

Use of security plug-ins.

Implement tools and techniques for backup and disaster recovery.

Use of network monitoring team.

Internal Website security:

Use of authentication to identify the user identity.

Use of authorization to provide different user with the specific privileges and access.

Encrypt or hide sensitive web pages.

By implementing IT policies.

Educate the user about the website.

Remote Access Solution:

Remote access provides better security, cost efficiency, ease of management, and increased availability.

Remote access can be deployed by using the RAS gateway (single telnat or multitenant). VPN(Virtual private network), BGP(Border gateway protocol), hyper-V network can be used to provide the remote access.

Remote access can be provided by simple configuration. Remote access involves enabling user, managing their access, protecting the assets, use of remote desktop protocol and managing server sessions, remoteApp and personal and pooled desktop.

Firewall and Basic rules recommendations:

Firewall is important for managing the traffic and providing external website security.

Rules to prevent SQL injection and XSS.

Allow only the specific type of traffic.

Use access rules for IP security.

Implement certain IT policies.

Can implement their own rule.

Wireless Security:

Nowadays Wi-Fi is being used in every organization and it prevents the network from malicious and unauthorized access.

Wireless security can be provided by the use of encryption, decryption, authentication and authorization.

VLAN configuration:

VLAN are important for traffic filtering and providing the logical division of the network.

VLAN can be configured for web interface and can provide web filtering.

In the following manner VLAN can be configured for web interface:

Switching > VLAN > Advanced > VLAN Membership

Switching > VLAN > Advanced > Port PVID Configuraton.

VLAN web filtering:

VLAN can be configured between router and firewall, router and gateway, router and switch and by doing so one can filter the web traffic that passes the network.

Laptop Security Configuration:

Use of password, VPN and registering the laptop by their MAC address will provide laptop security. Use of security tool for local machine is also a good option. Use of device level authentication by using local username and password is also a good idea.

Application policy recommendations:

Application policy includes use of cookies, social media integration, access control, generating notifications and implanting other organization and IT rules.

Security and privacy policy recommendations:

It includes the list of security methods to be implemented for traffic filtering, IP spoofing, user authentication and other specific policy for the website.

Intrusion detection or prevention for systems containing customer data:

IPS is implemented behind the firewall and it matches the incoming traffic against the security policies. It matches the signature and handles the intrusion if any and generates the log and alerts for the same.

IDS goal is to identify malicious traffic before it can proceed further into the network. It generates alerts and notification so that the network monitoring team can look after the intrusion.

Use of anomaly-based detection and prevention system is the better choice.


Related Solutions

Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The...
Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal,...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security...
In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted...
You’ll create a security infrastructure design document for a fictional organization. The security services and tools...
You’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. You’ll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. The following elements should be incorporated into your plan: *Authentication system *External website security *Internal website security *Remote access solution *Firewall and basic rules...
You’ll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements.
You’ll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. Points will be awarded based on how well you met these requirements, considering the security implications of your choices.The following elements should be incorporated into your plan:Authentication systemExternal website securityInternal website securityRemote access solutionFirewall and basic rules recommendationsWireless securityVLAN configuration recommendationsLaptop security configurationApplication policy recommendationsSecurity and privacy policy recommendationsIntrusion detection or prevention for systems containing...
Please create a security infrastructure design document for afictional organization. Your plan will be evaluated...
Please create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. Points will be awarded based on how well you met these requirements, considering the security implications of your choices. The following elements should be incorporated into your plan:-Authentication system-External website security-Internal website security-Remote access solution-Firewall and basic rules recommendations-Wireless security-VLAN configuration recommendations-Laptop security configuration-Application policy recommendations-Security and privacy policy recommendations-Intrusion detection or prevention for systems...
Create a guideline document which should address the Physical Security requirements of the IT Infrastructure and IT Assets for the organization.
1) Create a guideline document which should address the Physical Security requirements of the IT Infrastructure and IT Assets for the organization. 2) Address the data security requirements for your branch offices in other cities.
write a Security Plan Proposal as a project draft document create a fictitious company and Briefly...
write a Security Plan Proposal as a project draft document create a fictitious company and Briefly provide an overview/description of your fictitious company. Identify and discuss the importance of risk assessment to the organization’s security framework? Discuss the five layers of risk.
Discussion: you will assume the role of an entrepreneur. You will create a fictional organization and...
Discussion: you will assume the role of an entrepreneur. You will create a fictional organization and consider some costing concepts as you create it. First, compose a full paragraph that describes the organization. Be sure to include the name of your company, the product (or products) or services that it provides, and who your intended customer base would be. Think strategically about what you can offer that a customer base would see as valuable, and what basic business model would...
In this assignment, you are to create a policy framework implementation plan for the fictional Specialty...
In this assignment, you are to create a policy framework implementation plan for the fictional Specialty Medical Clinic. The Specialty Medical Clinic is being acquired by a larger parent organization and both are required to follow the HIPAA compliance laws. The parent organization is a hierarchical structure with multiple departments and clinics. The medical clinic is a flat organization. Following is an outline of those areas of the plan you need to include: Parent Medical Clinic Acquires Specialty Medical Clinic...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT