Network Characteristics The ?graduate determines network characteristics based on functionality ?defined in the Open Systems Interconnection (OSI) re
Competencies
4027.1.4 : Network Characteristics
The graduate determines network characteristics based on functionality defined in the Open Systems Interconnection (OSI) reference model and the TCP/IP protocol stack for designing and building highly secure computer networks.
4027.1.5 : Network Device Security
The graduate securely configures network devices to maximize the security of a computer network.
4027.1.6 : Network Segmentation
The graduate recommends network segmentation strategies to isolate network segments based on business requirements and security concerns.
4027.1.7 : Troubleshooting Network Problems
The graduate performs root cause analysis to determine sources of network-related problems and propose solutions.
4027.1.8 : Secure Network Architecture
The graduate designs secure network architectures based on industry best practices and the principles of secure network design.
IntroductionSecure network design is a critical component for protecting resources, processes, and business continuity. Effective network design involves evaluating existing network problems and potential threats, considering secure architectures based on industry best practices and secure design principles, and proposing secure network design solutions that address the business needs of the organization.
For this task, you will access the “Performance Assessment Lab Area” to run Zenmap and OpenVAS. Screenshots saved for submission must include your name and student ID. Your final network drawing should be saved in *.vsd format using Microsoft Visio or a similar software tool.ScenarioCompany A is a property and casualty insurer underwriting multiple types of insurance. Company A is acquiring Company B, a financial services organization, in order to diversify and increase market share. Company B conducts business in the same geographical area as Company A and delivers business and individual financial planning services. Both companies provide services from their respective offices and at the customer’s site. Both companies use broadband connectivity.
You are the IT director for Company A and will be the chief information officer (CIO) for the merged organization. You are tasked with analyzing, designing, and presenting the proposed IT integration project. Company A has clear IT infrastructure documentation, including a logical diagram, an organizational chart, and a recent security risk analysis. Company B does not have any IT infrastructure documentation, and several security and integration issues are evident. Company B outsources any IT-related needs to a consultant. Leadership for the merged organization has allocated a limited budget of $35,000 for this project and will expect justification for recommended expenditures.
Integration project requirements include following secure network design principles, selecting or repurposing secure network components, assuring secure communication channels, addressing relevant regulatory compliance, minimizing potential network problems and security threats, delivering integration cost savings, and aligning IT to meet the business needs of the post-merger organization. This post-merger organization will reflect one corporate office and a branch office.Requirements
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. The originality report that is provided when you submit your task can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Tasks may not be submitted as cloud links, such as links to Google Docs, Google Slides, OneDrive, etc., unless specified in the task requirements. All other submissions must be file types that are uploaded and submitted as attachments (e.g., .docx, .pdf, .ppt).
A. Describe the problems Company A has with network security and infrastructure using details from one or more of the “Company A Organizational Chart,” “Company A Risk Analysis,” and “Company A Visio Diagram” supporting documents.
B. Run Zenmap and OpenVAS on Company B’s network(s) using the “Performance Assessment Lab Area” web link. Your submission should include the following documents:
• a screenshot of the completed Zenmap scan—should be taken within the lab environment and should include your name and student ID
• a screenshot of the OpenVAS report result—should be taken within the lab environment and should include your name and student ID
• the completed Zenmap PDF file(s)
• the completed OpenVAS PDF file—should include your name in the summary of the report
Note: This assessment requires you to submit pictures, graphics, and/or diagrams. Each file must be a supporting document no larger than 30 MB in size. Diagrams must be original and may be hand-drawn or drawn using a graphics program. Do not use CAD programs because the file will be too large. Your final network drawing should be saved in *.vsd format using Microsoft Visio or a similar software tool.
C. Describe the potential impact of two network security or infrastructure problems of Company B using details from the outputs of Zenmap and OpenVas (see supporting documents below), including rationale for each problem.
1. Explain how correcting each of these problems will improve the functioning of the merged network.
D. Provide a network topology diagram using Microsoft Visio or a similar software tool that represents the proposed merging requirements from the scenario of Company A and Company B, including remediation of all existing infrastructure problems described in part A and part C.
Please follow the web link listed below to download a free student version of Visio Professional 2019.
E. Identify which layer of the OSI model and layer of the TCP/IP protocol stack apply to each component in the merged network topology diagram.
F. Justify the retention or deletion of four existing components as suggested in your proposed network topology diagram. Include how each component’s retention or deletion and any newly required additions to the network address both security concerns and budgetary restrictions found in the scenario.
G. Explain how two secure network design principles are included in your proposed merged network topology diagram.
H. Describe two secure hardware and/or software components integrated into the proposed network topology and how each component will address the security needs of the merged organization.
I. Explain how the proposed network topology diagram for the merged organization addresses security safeguards based on a regulatory compliance requirement.
J. Explain a security threat and one potential network problem that would become a risk as part of the implementation of the proposed network topology diagram, including why each would become a risk.
1. Explain how the security threat and potential network problem should each be managed or mitigated as part of the implementation of the proposed topology diagram.
K. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
L. Demonstrate professional communication in the content and presentation of your submission.
File RestrictionsFile name may contain only letters, numbers, spaces, and these symbols: ! – _ . * ' ( )
File size limit: 200 MB
File types allowed: doc, docx, rtf, xls, xlsx, ppt, pptx, odt, pdf, txt, qt, mov, mpg, avi, mp3, wav, mp4, wma, flv, asf, mpeg, wmv, m4v, svg, tif, tiff, jpeg, jpg, gif, png, zip, rar, tar, 7z
https://lrps.wgu.edu/provision/285225355 – performance lab link
You can use draw.io for the network diagram
IAM4: Secure Network Design
IAM4: Secure Network Design Company A Organizational Chart
PAGE 1
PAGE 2
Company A Organizational Chart
,
IAM4: Secure Network Design
IAM4: Secure Network Design Company A Visio Diagram
PAGE 1
PAGE 2
Company A Visio Diagram
,
IAM4: Secure Network Design Company A Risk Analysis
PAGE 1
PAGE 2
Company A Risk Analysis
Company A performed this risk assessment in anticipation of system integration with Company B. This risk assessment was performed in accordance with a methodology described in NIST 800-30 to identify the following:
• vulnerabilities
• risk likelihood
Table A. Risk Classifications
Risk Level |
Description |
High |
The loss of confidentiality, integrity, or availability may be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. |
Moderate |
The loss of confidentiality, integrity, or availability may be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. |
Low |
The loss of confidentiality, integrity, or availability may be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. |
Table B. Data Sensitivity
Type of Data |
Sensitivity and Likelihood |
||
Confidentiality |
Integrity |
Availability |
|
Customer PII |
High |
High |
Moderate |
Insurance underwriting |
High |
High |
High |
Employee PII |
High |
High |
Moderate |
Company intellectual property |
High |
High |
Moderate |
Marketing and advertising |
Moderate |
Moderate |
Low |
Table C. System Inventory
System Components |
|
Servers |
Windows server 2012; role: web server Windows server 2008; role: exchange Windows server 2008; role: application Windows server 2012; role: data storage cluster DMZ Windows server 2012; role: FTP |
Workstations #86 |
Windows 10 Pro Six configured for remote desktop at ports 88–93 |
Switches |
HCC: four Cisco 2960 48/4 VCC: three Cisco 2960 24/4 |
Fire wall |
Cisco PIX 515E |
Border router |
Cisco 2811 |
Laptops |
Dell Inspiron, i5-4310M CPU @ 2.70GHz Mixture of Windows 7(14) and Windows 10(6) |
Cable plant |
Cat5e |
Table D. Risk Identification
Risk # |
Vulnerability |
Risk Likelihood |
1 |
Open ports 88–93 |
High |
2 |
User accounts no longer required are not removed |
Moderate |
3 |
Full access privileges are granted to every employee with exception to the payroll system |
Moderate |
4 |
Regular password changes are not enforced |
Moderate |
5 |
Cisco PIX 515E fire wall |
Moderate |
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.