Answered You can buy a ready-made answer or pick a professional tutor to order an original one.
Imagine you have recently been hired as the Information security director at a start-up health care research firm, where confidential
Imagine you have recently been hired as the Information security director at a start-up health care research firm, where confidential client data is housed in its Data Center. Currently, the company has 100 employees and expects to expand its workforce to 300 in the next three (3) months and the company is moving to a new location in an urban office building across four (4) floors. The security operations and defensive mechanisms have been run in the past by the Networking Department and due to the move, you have a chance to start anew with the company’s security operations to improve its overall security posture.Write an eight to ten (8-10) page paper in which you:
- Identify what you perceive to be the five (5) most concerning threats to the network, computing environment, and the database operations of the company.
- Examine each threat you identified in number 1, in which you:
- Explain why this is your perception.
- Identify what is at risk from these threats.
- Determine how you would design the security controls to mitigate the risks involved.
- Determine the security defense mechanisms that you would utilize in order to secure communications from floor to floor in the office space, including equipment and physical controls.
- Create an office space diagram detailing the security defense tools, equipment and controls utilized, using a diagramming application such as Visio or Dia. Note: The graphically depicted solution is not included in the required page length.
- Explain in detail the defensive mechanisms that you would implement to secure the corporate wireless network, including encryption, authentication methods, and at least two (2) WLAN security tools you would utilize on a regular basis.
- Create a wireless network diagram, using a diagramming application such as Visio or Dia based on your explanation in number 5. Note: The graphically depicted solution is not included in the required page length.
- Determine whether or not you would utilize encryption technologies on the network and / or computing equipment. Justify your response.
- Consider the use of a cloud-based solution for storing the company’s data. Determine the benefits and / or risks that would result using this kind of data storage, and decide whether or not you would utilize this storage option. Justify your decision.
- Select a minimum of five (5) security tools that you would implement on the network as security auditing and / or defense countermeasures.
- Analyze each security tool you selected in number 8, and determine why / how you would use them as part of your security operations.
- Provide an overview of the recovery and continuity plans you would develop to ensure the company could survive a temporary or prolonged disruption. Explain why each plan is needed based on the benefits it provides to the company.
- Use at least five (5) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
- Include diagrams created in Visio or one of their equivalents such as Dia. The completed diagrams must be imported into the Word document before the paper is submitted.
The specific course learning outcomes associated with this assignment are:
- Describe cryptology and impact on cybercrime response.
- Identify common information-gathering tools and techniques.
- Analyze system vulnerabilities exploited by hackers.
- Design plans that remove Trojans, backdoors, and malware from infected systems.
- Explain the process of network traffic analysis and sniffing, and their appropriate tools.
- Analyze wireless network vulnerabilities exploited by hackers.
- Examine the appropriate methods for performing incident handling.
- Use technology and information resources to research issues in cybercrime techniques and response.
- Write clearly and concisely about topics related to cybercrime techniques and response using proper writing mechanics and technical style conventions.
- @
- 165 orders completed
- ANSWER
-
Tutor has posted answer for $50.00. See answer's preview
************ ********** ********** *** ******************** ************** ** Information ******************** nameInstructor’s ************************************** ** **************** ************* ********* of ******* ******** ************ ******** ****** *** issues 4Updates ******* *** keep patches ******** *** 5Security threats *** issues ******** ******** *************** 6Office space ******* 7Defensive ********* ***** ************* 10Encryption technologies ** *** network/ Devices ******* ******** *** ****** **** organization 11Strategies *** ******* to ***** ******* ******* ******** *************** 12Conclusion ************ 13 Information Security *** data centre: A ****** of ******************** ****** years ****** makers *** ****** ***** ********* ******* ***** security ** **** ** a ***** ** ******** ** ** ** very ********* **** the ******* government *** ** *** attention towards ***** ******** and its ************** *** *** government thinks **** *** ***** ******** ** ******** ************** ** ******** ******** ******* *** sophisticated ****** *********** internet approach and ******* ********** ***** ** ********** for * single ****** ** any ***** entity **** *** the ******** ** cyber ************** *** ********** *** ********* ************* ***** collectively ** **** *** years ********** bodies *** ******* ************* **** ********* * strong *********** for *** ********** ** cybercrimeThe **** points ** **** ***** are ******** ****** ***** ********* confidence *** ******* **** ***** **** shows * *********** ** IT ********* **** **** methodology *** the ********** ** ***** ********* *** ******* ** *** ********** **** framework ****** ************* to ***** **** ********* *** ********** ** risk **** *********** *** the ******** ** critical infrastructure different standards *** **** ** *** government There are **** ************* ********* which *** **** ******* for the ******** ** ******** **************** ********** **** ******** and protection ** all *********** ****** ** *** ****** *** our ************ is ** important **** Our all ********* ********** *** *********** ** **** **** *** ********* ** We ****** *** ************** *** *************** ** *** ****** **** ***** ** take ***** ******** measures to ******* *** **** ** ****** **** may **** *** confidentiality ** *** ****** ************* **** highly ******* employees *** **** secured policesIntroductionThe ******** ********* ***** *** **** ** different ************* ** minimize *** ************* *** ***** as ***** ******** ********* These ********* ******* an ******* *** specific methods *** ****** implementation ** ***** ******** As ***** ******** ** an ************* ***** so *** ********* standards ****** ** of ************* ***** *** *** ***** *** *** ***** are ************* ********* *** ***** security ***** standards *** ****** by *** ************** Organization *** ********** *** *** ************** ******* technical *********** collectively (Humphreys ******** *** ********** ** ************* * ************ ******** ********* ** *** ******** ** *** ********** *** main ******* ** **** ******** ** to ******* *** ******* ********** **** cyber-attacks *** ** ****** any type of ************ ** ******* ** ************ **** ******** the ******** ** *** can ** protected **** *** ********************* ** ******* security fundamentals security threat *** ********** increasing cybercrime ******* ******** has ****** *** **** ******* ** ********* ****** ********* or cyber ********* can bring **** ********* computer ******* *** **** **** *************** Network security involves hardwaresoftwareprocedures and **** ******** ***** are ******** in * *** ** protect company’s computer ****** ******** *** ******** **** ******** layers ***** ******** company’s ******** ****** **** ******* damaged ******** ***** ********* 2006)There *** **** basic ******** ************ **** *** ********* to ******** ********** **************** ********** regulation ***************** current *** **** patchesVulnerabilities ** ******** ************ *********** ********* ****** *** ******* ******** *** ********* ** cyber ********* **** ************** are *** ******* about ******* *** ******** **************** in a company ****** ** ***** current ******** ** ******** that are **** **** which *** Microsoft ******** ******** ***** ***** Oracle java ********* office ***** ***** ******* and Reader * ********* ****** ** **** ** ****** **** each ****** ** ******* ********* ********* ******* ******** *** ****** devices *** automatic updating ****** ** ******* on ******* *** apple *************** ************* ***** *** not ***** of writing ********* on post –It ***** ***** gets ********* to ******** monitorsPasswords *** ** secured by ****** **** strong ** using ** ***** *** charactersnumbers *********** of ***** *** ***** case letters *** ********** ****** secured ********** ***** **** dictionary ****** noun *** foreign ***** ****** ** ******* Numbers ****** *** ** **** ** password ** ** ******* easy to detect using user’s ************ ******* to ******* **** ******** **** should ** avoidedA phrase ****** ** ******** that ***** ********* to ******* *** then first ****** ** each word and **** ******* ****** ** **** *** ********* **** ********* ************ ***** ** **** ********* ****** ** ************ should *** be ******* ** ***** ***** ******** **************** ****** * ******* VPN identity authentication *** **** ********** *** two ********* ********** ** **** *** hackers to exploit **** networkmore **** **** **** is ********** **** ******** ** **** **** ********** *** and ****** ******** documentation should be reviewed ** **** ********* protocols for ************** and ********** are in ****** more ****** ****** for ******** ************** ************ ************** should be **** **** ***** should ** ***** *** identity ************** for **** ******** *** ******* ***** should ** asked ** ***** *** ** any ****** **** generated ** ************* ***** * minute with passwordFirewall can also ** **** ** ******** VPN network **** other ******** More **** **** cloud ***** **** ******* *** ***** should ** **** instead ** *********** ****** ******** ****** ** created *** ******** *** ****** ** ******* while grating employeescontractors ** ******** *********** *************** ****** know *** ** ****** ***** ******** **** ******** Any malicious ******** **** ***** ***** **** ******* device can **** ******* ******* through ** **** connection of ********* devices should ** ****** **** ***************** software *** firewall before ****** them ****** ** *************** threats and *************** ****** ********** ** internal data:If ****** *** ***** ** ********* position *** ***** ****** ****** in * company ***** or system ************** **** been granted **** ****** ** ******* **** ** becomes threat ** **** ** against ************* ************ ****** *********** is ** longer ******* ** ***** *** ***** **** ** social network *** information shared ** ****** network **** *** ** a **** **** * scammer needs for informationThird party ********* *** **** *********** data *************** ********* own ********** ******* the ****** for **** ******* Cloud ********* *** no transparency ** services; this can’t be trusted *** ****** ********** ******** Attackers *** have **** fake ************ ** ********************* *** surveillance *** ** **** by anyone ******* *** ***** **** ************** ************ *********** motivated ******* is on ******* can **** this hacking ********* if *********** ******** are ********* policies are *** clarified *** defined **** ****** ***** ************ ******** ********************** security ********* ** ******** *** **** ******** ********** ** software based ******** ** ******* that controls out ***** *** in ****** of network traffic ** ** a **** ******* * ******* and ******* ******* and ******* ******* that ** not ************** ***** ********* are **** ** **** operating ******* ** ******** ********* ** *** ********** against ******* ******** ** also **** ** ************* ******* two ******** *** ** **** ** ******* a ******* ***** ** ***** ********** **** the *** ** ******* ********** dedicated connections *** ******* ********** ************ securely ******** *** ******* ** ** ************ **** *** geographically separated *** ******** a network *** is **** **** by ****** ** ******* ***** ******** *** ********** many **** firewalls *** **** to ******** ******** ** a ************* ******* ********* *** **** by ***** corporations ** **** their ********* ******** *** protectedIt *** also ** ********** ** * ******* **** **** ******** sensitive or ************ ******* ** sent *** ** **** ** * ****** of **** ** *** security ** ******** ***** corporations often **** **** ******* firewalls in place to protect ***** ********* networks ******** *** *** ******** side *** ** configured ** addition firewall can **** ** used ** ***** certain ***** on * ******** **** *** fire wall ******* computer can’t *** access ** internal ********* can ** ********** ** **** **** ** ******** ******** ***** requires ********* IT ******************* Firewall is * ********** *********** ******** It offers ******** that *** ** ******** **** Intrusion Prevention ****** (HIPS)it ******** ******** ****** resources changes *** can adjust **** ******** ** ones ***** (Raja et ** 2011)Company ****** use *** ** ****** a ****** ********** **** ****** ******* ** private ******* ** a remote locationWith the *** ** *** ************** *** ** *********** through a ******* ******* ******* **** **** ****** to ****** ****** *** technology uses ******** **** **** ************* ******************** protocolscertified connections **** are **** ** ******* identityVPN provides *** benefits of *** ****** **** Network) ******* using **** **** ************* in ******** to secured ************* providesprivacy ** ********* ******** to browsing ******** *** access ** ***** ** contents that *** ************* ***** ********** ****** ***** diagram *** **** ***** is ** ***** ************ floor ** the ******** will **** same ************ ** this floor plan can ** ******* ** *** **** ****** ** the buildingDefensive ************** *** ******* ******* that can **** ******** ******** **** ****** threats include **************************** viruses hacker *********** ***** etcThese ******* *** ****** unsecured ***************** wireless ************ ************* ******* ***** ******* such ******* ******** ******** *** taken ** ******* *** example:keeping patches and ******** ************** VPNstrong passwords *** For * ******* ******* firewalls *** **** *** **** *** ******* ************* ********** ******* security ********* **** enforcing right **************** unused **************** ******* *********** *********** ***** **** ******* ***** only *** ******* new ******** on ******* ******* is ********* are ******** ******* that *** ****** for the network setup: ************* ** ** ************* ** need a router ** ** ********* ** *** **** ** *** network ***** are ******** ******* *** *** major ones *** Cisco and ******* ***** *** ******* **** * **** ****** ** ******** *** ******* ******* ******** **** ******** *** ***** 2900 ****** ****** ******* ******* routerSwitches: ** need ** ******* multiple ******** ** *** ******* We **** ** have switches **** *** be placed and **** ****** *** some ***** ******** **** *** ** ****** ** ****** switches We **** need the ******** ** have PoE ************ **** ********** *** purchasing ******** are ***** ******* and ** **** products ** *** **** ************ are ***** **** *** access ***** Cisco 4500-X *** Core ********* network ******* ****** ******* ****** ************ ******** *** **** *** ******** **** ** *** ******* **** *** ****** ** ******** technology there ** **** **** ****** in ******* ******* *** *********** * ****** firewall ***** to ** ******** ** the ******* which ** ******* of ********** ****** ******* ******* **** major ******* firewall ******* *** ********** ******** ***** Juniper ********* Fortigate *** **** products ******* ** ***** ******* ******** *** **** Institute *** Cisco ****** ******* *** *** ******** PA3500 ********* ******* ****** ************ A ******** bridge ***** ** ** ******* ******* the two ********* ** need ******* ******** ****** ****** ** ******* **** We **** need to ******* ****** access points ** provide ******** ************ *** the end ***** Some ******* what ******* Outdoor *** ****** ****** ****** *** ***** ******* ***** etc Wireless ******* ****** ****** ***** Aironet 1570 ****** ***** ******* **** ****** Aruba *** ****** Netgear ****** *** *** ****** ****** ****** we *** use ***** *** or *** ****** ***** **** ***** Phones: *** ** ****** replaces *** old ****** ********* ******* *** ******* ** ******* **** ** ******* Some ***** vendors *** ** Phones *** ***** Avaya *** PolycomWiFi **************** ****** **** network configuration ******* *** the ******* ** the ************ ** ** ***** *********** ***** to **** *** ******* ******** ************ for *** ************ for ****** ******* is as given ****************************** ************ ******** *** ********* ** every ***** of the ************ for ******** ********************* *** **** ** connect various components ** ****** *** *** ***** RJ45 ** **** ** ******* *** ********************* ** ******** ** every ***** ** *** ************ to **** ******* ******************** ****** the ******* ******** ******* ********** ******** are ******************* *** ******** ** ******* ****** ********* will ** ******************** ************ on the ******** DevicesEncryption is *** of **** *** ** **** **** *** ************ ****** from the ************ **** ************ ********** *** ** **** ** ******* **** information ********** also ***** *** importance of *** *** of ******* ********** ** ************** in order ** ****** ******* **** ********** ** a ******* ** ****** ** ********** **** **** ****** *** two common ***** ** encryption are as ********* ******* **** ** **** both *** ******** *** the sender are ******** **** *** *** which is ******** ** ******* *** ******* **** ** ***** ************ ****** **** ** uses *** ******* ** two keys one is a ******* *** *** ******* *** ** * ****** *** ***** user will **** ********* ****** **** *** each user ********* ***** ********* ******* keyThus ********** is ******** *********** for ******* *** *** ******* ********** *** depend ** *** level *** work ** *** organizationCloud ******** *** ****** **** ***************** ********* ********* ****** ** the ***** ** ********* the ************* ********* *** most ********** ****** ** ********** with *** *** ** *** ******* ****** ********* ** computing (such ** ******** ******* various services *** ***************** ** the ***** ************ ***** **** ** the important characteristics **** ***** ********* ************** Access ** broad ********** Pooling *** Resources· ***** ******** ************ ******* of used *********** **** ******* **************** ** *** ******* ***** ************ *** ********* ** *** following ******* ** ***** below:1 ************** as a ******* (IASS): **** ** an arrangement that ********* ******** the *** of *********** technologies (such ** *** servers ******** *** the ******** **** *** ******** ********* of ******* ** **** *** company *** ** ********* **** to *** ******** *** run *** ******** equipment’s **** this level ** the ***** computing ** usually reflects to *** various ****** ** ******** *** ******** ****** *** *********** ******* ********************* ******* This ** ** *********** that ******** the *** ** *** company’s grouping ** the ******* ************* ********* **** *** ******* ******** ********* ** ******** Thus **** **** ** ********* ***** ******* ******* *** *********** servers database technologies *** ******* web ******** ********************** ******* **** ** an *********** **** ******** *** ********* ** *** *********** entire *********** ** *** ***** ** the application ** ***** *** ** *** ********** ******** ****** than on *** ******** ************** ** the ******* Example of **** ******** *** CRM ****** of ************* *** *** ****** in *** ********* IASS PASS *** **** *** *********** *** *** ****** **** ********************** and devices to ***** threat: Network ******** ********************** ******** ********* ** ******** *** **** Firewall ********** ** ******** based security ** ******* that ******** *** going *** ** ****** of network traffic It is * **** between a ******* and ******* ******* *** ******* ******* that ** *** ************** ***** ********* *** **** ** many operating ******* ** personal computers ** *** ********** ******* ******* ******** is **** **** in ************* ******* *** routersA *** is made by ******* a ******* point ** ***** ********** **** *** *** ** ******* ********** ********* *********** *** ******* tunnelling ************ ******** ******** *** ******* ** ** ************ that *** ************** ********* *** creating a ******* *** ** also used by ****** to ******* ***** ******** and ************** ******** ** * well-known recommended ******** It ****** ******** that *** ** ******** **** ********* Prevention ****** (HIPS)it ******** ******** system ********* ******* *** *** ****** this software ** ones ***** (Raja ** ** ******************** *** various ******* that *** **** ******** networks **** ****** ******* ******* ***************************** viruses hacker *********** ***** ******** ******* *** damage ********* websitesunsecured ******** networksweak ************* devices ****** ********* ** systematic answer to ****** failing ***************** *********** ****** privacy leaks ** authentication ****** ********** that **** exposed the *** ***** to *** ****** *** middle ******* *** ************* *** those ******* ********* World ****** ************ square ******* ******** **** can ** ** honest ****** ** ******* ******** ******** of *** *** **** **** ****** ** ******** **** **** ******* **** ********* ***** ******* **** ********** ****** **** can be ******* for the protection ********* we will **** ******* **** ************** ** the ***** ********* and their ******* are exposed ******************************* T ****** **************** *********** ******** management systems **** ISO/IEC ****** 2005ISO ********** ******** 1Raja * ****** * *** * Wang K * C ************* * ***** ***** * ***** wall a ****** **** *** * ******* * ******** ******** ******** *** ******** ******** ************* ** *** ******* ********* ** Usable ******* *** ********** 1)ACMWilliam * ***** Stallings * ****************** *** Network Security 4/E ******* ********* IndiaChandra * ******* * ********** * (2002)Network ******** **** OpenSSLO’Reily ********* * (2014) *** **** ** Exploit Heartbleed Bug *** ************ *** ************** from ********** www ********* *************************************************************************** **** Accessed *********** * * K *** * * ***** **** * * ***** ********* ******** ** wireless ****** ********* ****** and ********** ********** ************* ********** ********* 2006The 8th ************* ************** * pp ***********