Overview: Now that you’re super knowledgeable about security, let’s put your newfound know-how to the test….
The following solution is suggested to handle the subject “Overview: Now that you’re super knowledgeable about security, let’s put your newfound know-how to the test….“. Let’s keep an eye on the content below!
Question “Overview: Now that you’re super knowledgeable about security, let’s put your newfound know-how to the test….”
Overview: Now that you’re super knowledgeable
about security, let’s put your newfound know-how to the test. You
may find yourself in a tech role someday, where you need to design
and influence a culture of security within an organization. This
project is your opportunity to practice these important
skillsets.
Assignment: In this project, you’ll create a
security infrastructure design document for a fictional
organization. The security services and tools you describe in the
document must be able to meet the needs of the organization. Your
work will be evaluated according to how well you met the
organization’s requirements.
About the organization: This fictional
organization has a small, but growing, employee base, with 50
employees in one small office. The company is an online retailer of
the world’s finest artisanal, hand-crafted widgets. They’ve hired
you on as a security consultant to help bring their operations into
better shape.
Organization requirements: As the security
consultant, the company needs you to add security measures to the
following systems:
- An external website permitting users to browse and purchase
widgets - An internal intranet website for employees to use
- Secure remote access for engineering employees
- Reasonable, basic firewall rules
- Wireless coverage in the office
- Reasonably secure configurations for laptops
Since this is a retail company that will be handling customer
payment data, the organization would like to be extra cautious
about privacy. They don’t want customer information falling into
the hands of an attacker due to malware infections or lost
devices.
Engineers will require access to internal websites, along with
remote, command line access to their workstations.
What you’ll do: You’ll create a security
infrastructure design document for a fictional organization. Your
plan needs to meet the organization’s requirements and the
following elements should be incorporated into your plan:
- Authentication system
- External website security
- Internal website security
- Remote access solution
- Firewall and basic rules recommendations
- Wireless security
- VLAN configuration recommendations
- Laptop security configuration
- Application policy recommendations
- Security and privacy policy recommendations
- Intrusion detection or prevention for systems containing
customer data
Answer
ANSWER
This document describes how the functional and non-functional requirements of the Requirements Document are recorded. The first operational design that is targeted at users according the design specifications.
It also defines the design goals according to the requirements. It provides a comprehensive overview of the system design and describes the data connection with the system.
The high-level system design can also be divided into detailed information. and also data can also be retrivaled and integrated through the Hardware,software.
Security Infrastructure design Document
The Security Infrastructure Document Manual documents and tracks the information needed to correctly define the system’s structure and provide guidance for the creation of an IT security environment.
1. A general view showing the structure
Client requires IT infrastructure in order to run their business functions, including internal VPN access to customers and key employees to protect client and customer information
Guess/ Obstacles/ Dangers
Guessing
The increase in staff is 5% per year. This is due to increased network bandwidth and more devices connected to the network infrastructure.
Obstacles
Here are the top issues regarding infrastructure security:
* Authentication system
* External site security
* Internal site security
* Remote Access Solution
Firewall guidelines and basic rules
* Wireless security
VLAN configuration guidelines
Laptop configuration
* Application Policy Recommendations
Safety and privacy guidelines
Blocking or banning detection of systems containing customer information
Accidents
The infrastructure is designed to facilitate ecommerce-related transactions which may involve third party authorization and financial-related questions. A strict security approach must be in place to ensure that no customer-related issues are created. This could adversely affect the reputation of the organization.
A backup system should also be in place to keep backups of data to protect against unwelcome situations like system failures or intrusions.
Alignment With Federal Enterprise Architecture
This expertise aligns closely with Enterprise Enterprise integration. All protocols and the hardware interface are integrated with industry standards to ensure network compliance.
2. Design considerations
Objectives:
These are the desired outcomes for the security infrastructure that will be used within the organization.
* An external site that allows users secure browsing and purchasing widgets.
An intranet website that is similar to a VPN for employees
Remote access to engineering personnel
* Basic firewall rules
* Wireless distribution to the office
* Sensible safe configuration for laptops
Privacy of user data
Building Strategies:
External websites that sell customer products:
To ensure secure e-commerce transactions the following security policies are required:
Protect confidential information
Ensuring that no unauthorized programs or persons have access to user data;
* Ensuring the accuracy of information;
Data accessibility and useability;
* Login transaction to access additional monitoring and support functions
Verifying the authenticity and legitimacy of the person performing the transaction.
3.
By intranet website accessed by
employees:
The information should be accessible only to employees of the company. This makes it confidential and should only be made available at the company’s access level.
* Ensuring access is within their intranet with the firewall method
Indicate how staff can access the website
A manager can manage tasks and user management for a website.
Remote access for engineers
Remote control objectives can be secured by using the following security measures:
Type: Which device types need remote access?
Role – What remote access should this role be granted to a device that is being used?
Location. Access from the public, another company, or internal wireless?
Data and processes: What data and processes are available to support the accessibility features?
Authentication – How does robust authentication change depending on where the device is used and who has access?
The basic firewall rules to follow:
Autoblock – To block all outgoing and incoming communications
Allow specific traffic only – Only allow certain IP addresses
Only allow intranet users
* . Installation of office cord
This adapter can be equipped with an 802.11 WLAN adapter and a PSK configuration (preshared key), or with limited access to WIFI company login for employees
Security Considerations: Password protection and Meter Protection
· V-LAN configuration:
VLAN network segregation creates secure environments that allow remote users to have flexible and robust access control. Security zones that segregate incoming traffic from internal resources. We can manage user access using powerful VLAN assignments or access control lists depending on the situation.
* Security Configuration:
Laptop computers are one of the most dangerous parts of an infrastructure. These devices could be responsible for transmitting viruses or malware to the organization or for causing data loss. You can test this using the following techniques:
Encryption disks for laptops
Antimalware Verification / Antivirus up-to-date at regular intervals
*White list of devices in network
Launch a product like System Configuration Manager or Altiris.
App Policy recommendations
Use secure coding principles in all infrastructure software components.
Automated app security checks are part of general app testing.
Testing and development sites should rearrange sensitive data.
Compliance with data policies and agreements
Privacy and security policy recommendations
Describe How an
organization collects and uses personal information ——-
Cookie Policy – Cookies are used to store preferences and shopping cart contents. Please describe clearly your cookie habits.
*How the
Organization Will Share Customer Information ——–
Customers should know that their data is only used for the purpose of completing transactions. Any other uses, including selling or distributing their data, will require their consent.
·Contact
details —–
Make it easy to contact your customers or file a complaint.
Privacy Policy Ensure that new customers and users have easy access to your goals
Publish Email
Exit Policies —–
Add opt-out options to your email marketing
Get a sign of
approval —–
Third-party certification can improve your credibility and security reliability
Blocking or detection of systems that contain customer data
E-Commerce will continue to grow in popularity as the Internet becomes more popular. It is difficult to implement security measures in an E-Commerce environment. This should consider the many threats and instabilities that could cause attacks. This information can only be discovered by an engineering entry and retrieval testing to determine if the signature is correct or if it was erroneously. A third-party IDS system is available on the market that can do this.
Summary
We can conclude that the security infrastructure report of the organization has been reviewed and recommendations made in the area described.
4. Valuable assets are
protected:
Company information Customer details
Protect yourself from the following key threats:
Website Login, Data Loss
Security functions:
Customer purchases, payments transactions, activity data
Basic safety standards at
As part of the risk mitigation process, this is an important task for all employees. The standard for this project is:
Integrity is high
Secret: High
Unrepentance: N / A
Availability Moderate
Audit: Moderate
Conclusion
Above is the solution for “Overview: Now that you’re super knowledgeable about security, let’s put your newfound know-how to the test….“. We hope that you find a good answer and gain the knowledge about this topic of engineering.