Professional Documents
Culture Documents
Network Security Plan Case Project
Network Security Plan Case Project
The Acme Corporation is a new startup that wishes to sale their new phone to the public called
Acmephone, a more secure version of the phone to business organizations, called the Acmephone
B+, and highly secure version of the phone, called the Acmephone G+, to the government. Due
to the fear of corporate espionage and government security requirements, there are many security
concerns that must be addressed. As a security professional, you have been employed to design a
network infrastructure for their two campuses located in Atlanta and Cincinnati based upon the
following specifications:
m
er as
There needs to be a constant connection between the two locations that can carry at least 50
co
eH w
Mbps of data.
o.
rs e
1. Each facility has three floors. The buildings are rectangular with each floor being
ou urc
350’x350’.
2. There will be 200 network connections on each floor with an additional 100 network
o
aC s
connections in the data centers located on the third floor of each building.
vi y re
attacks.
ar stu
6. The Atlanta location will house the two secure development teams. As such, it will need
the most security. To further complicate the design, there will be database servers and the
is
1. You should submit a network drawing listing the network’s topology including any
necessary hardware.
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
2. You should list any recommended cable.
3. You can recommend wiring closets wherever you need them.
4. You should recommend ways to assure that you are not getting attacked.
5. You should build traps to stop attackers.
6. You should recommend any WAN or wireless technologies.
Network Drawing is shown below with listing of the networks topology including hardware
details:
Three topologies are used: Mesh topology, Star topology and Ring topology.
m
Hardware used are:
er as
co
eH w
1. Switches
2. Routers
o.
3.
4. rs e
Wireless Access points
Honeypot
ou urc
5. Various Networking cables
6. Workstations/Laptops
o
aC s
vi y re
ed d
ar stu
is
Th
sh
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
m
er as
co
eH w
o.
rs e
ou urc
o
aC s
vi y re
ed d
ar stu
is
Th
sh
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
Recommended Cables are:
Wiring closets are required in this project plan as a wiring closet is a central junction point for
the wiring and wiring equipment used to connect devices in a local area network (LAN). It is the
m
er as
center point of a star topology. A wiring closest can either be a specially designed room or
co
eH w
cabinet. Normally, the equipment in a wiring closet includes:
o.
rs e
ou urc
Patch panels
o
Wiring hubs
aC s
vi y re
Bridges
ed d
Switches
ar stu
Routers
is
Th
There are various ways by which we can assure that network is secure :
sh
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
The organization must take an enterprise-wide view of information security, first determining its
critical assets, then defining a risk management strategy for protecting those assets from both
All employees in an organization must understand that security policies and procedures exist,
that there is a good reason why they exist, that they must be enforced, and that there can be
m
er as
3.Enforce separation of duties and least privilege.
co
eH w
o.
Effective separation of duties requires the implementation of least privilege; that is, authorizing
rs e
ou urc
people only for the resources they need to do their jobs.
o
circumvent both manual and automated mechanisms in place to prevent insider attacks.
ed d
ar stu
discover and investigate suspicious insider actions before more serious consequences ensue.
and privileged users. Therefore, additional vigilance must be devoted to those users.
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
7.Actively defend against malicious code.
System administrators or privileged users can deploy logic bombs or install other malicious
code on the system or network. These types of attacks are stealthy and therefore difficult to
detect ahead of time, but practices can be implemented for early detection
Insiders tend to feel more confident and less inhibited when they have little fear of scrutiny
by coworkers; therefore, remote access policies and procedures must be designed and
m
er as
implemented very carefully.
co
eH w
o.
9.Monitor and respond to suspicious or disruptive behavior.
rs e
ou urc
In addition to monitoring online actions, organizations should closely monitor other
should be in place for employees to report such behavior when they observe it in coworkers,
vi y re
not, it is important that the organization have in place a rigorous termination procedure that
Th
disables all of the employee’s access points to the organization’s physical locations,
sh
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
Should an insider attack, it is important that the organization have evidence in hand to
implementing secure backup and recovery processes that are tested periodically
m
As an organization acts to mitigate insider threat, clear documentation will help to ensure
er as
co
fewer gaps for attack, better understanding by employees, and fewer misconceptions that the
eH w
o.
organization is acting in a discriminatory manner.
rs e
ou urc
o
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
m
er as
co
eH w
o.
rs e
ou urc
o
aC s
vi y re
ed d
ar stu
is
Th
sh
This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00
https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
Powered by TCPDF (www.tcpdf.org)