Network Security plan Case Project :

The Acme Corporation is a new startup that wishes to sale their new phone to the public called

Acmephone, a more secure version of the phone to business organizations, called the Acmephone

B+, and highly secure version of the phone, called the Acmephone G+, to the government. Due

to the fear of corporate espionage and government security requirements, there are many security

concerns that must be addressed. As a security professional, you have been employed to design a

network infrastructure for their two campuses located in Atlanta and Cincinnati based upon the

following specifications:

m
er as
There needs to be a constant connection between the two locations that can carry at least 50

co
eH w
Mbps of data.

o.
rs e
1. Each facility has three floors. The buildings are rectangular with each floor being
ou urc
350’x350’.
2. There will be 200 network connections on each floor with an additional 100 network
o
aC s

connections in the data centers located on the third floor of each building.
vi y re

3. The primary data center will be located at the Atlanta location.

4. There will be a failover data center at the Cincinnati location.
5. Each location should be protected from intrusions that are not limited to state change
ed d

attacks.
ar stu

6. The Atlanta location will house the two secure development teams. As such, it will need

the most security. To further complicate the design, there will be database servers and the
is

corporate Web servers housed at that location as well.

Th

7. There will be database servers located at the Cincinnati site.

8. The servers must have redundancy.
9. The solution must have a plan to verify security measures.
sh

Your job is to develop a network design to meet the requirements above.

1. You should submit a network drawing listing the network’s topology including any

necessary hardware.

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 2. You should list any recommended cable.
3. You can recommend wiring closets wherever you need them.
4. You should recommend ways to assure that you are not getting attacked.
5. You should build traps to stop attackers.
6. You should recommend any WAN or wireless technologies.

Network Drawing is shown below with listing of the networks topology including hardware

details:

Three topologies are used: Mesh topology, Star topology and Ring topology.

m
Hardware used are:

er as
co
eH w
1. Switches
2. Routers

o.
3.
4. rs e
Wireless Access points
Honeypot
ou urc
5. Various Networking cables
6. Workstations/Laptops
o
aC s
vi y re
ed d
ar stu
is
Th
sh

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 m
er as
co
eH w
o.
rs e
ou urc
o
aC s
vi y re
ed d
ar stu
is
Th
sh

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 Recommended Cables are:

1. Unshielded Twisted Pair (UTP) Cables

2. Shielded Twisted Pair (STP) Cable
3. Coaxial Cable
4. Fiber Optic Cable
5. Cable Installation Guides
6. Unshielded Twisted Pair (UTP) Cable

Wiring closets are required in this project plan as a wiring closet is a central junction point for

the wiring and wiring equipment used to connect devices in a local area network (LAN). It is the

m
er as
center point of a star topology. A wiring closest can either be a specially designed room or

co
eH w
cabinet. Normally, the equipment in a wiring closet includes:

o.
rs e
ou urc
 Patch panels
o

 Wiring hubs
aC s
vi y re

 Bridges
ed d

 Switches
ar stu

 Routers
is
Th

There are various ways by which we can assure that network is secure :
sh

1.Institute periodic enterprise-wide risk assessments.

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:03 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 The organization must take an enterprise-wide view of information security, first determining its

critical assets, then defining a risk management strategy for protecting those assets from both

insiders and outsiders.

2.Institute periodic security awareness training for all employees.

All employees in an organization must understand that security policies and procedures exist,

that there is a good reason why they exist, that they must be enforced, and that there can be

serious consequences for infractions.

m
er as
3.Enforce separation of duties and least privilege.

co
eH w
o.
Effective separation of duties requires the implementation of least privilege; that is, authorizing
rs e
ou urc
people only for the resources they need to do their jobs.
o

4.Implement strict password and account management policies and practices.

aC s
vi y re

If the organization’s computer accounts can be compromised, insiders have an opportunity to

circumvent both manual and automated mechanisms in place to prevent insider attacks.
ed d
ar stu

5.Log, monitor, and audit employee online actions.

is

Logging, periodic monitoring, and auditing provide an organization the opportunity to

Th

discover and investigate suspicious insider actions before more serious consequences ensue.

6.Use extra caution with system administrators and privileged users.

sh

Typically, logging and monitoring is performed by a combination of system administrators

and privileged users. Therefore, additional vigilance must be devoted to those users.

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 7.Actively defend against malicious code.

System administrators or privileged users can deploy logic bombs or install other malicious

code on the system or network. These types of attacks are stealthy and therefore difficult to

detect ahead of time, but practices can be implemented for early detection

8.Use layered defense against remote attacks.

Insiders tend to feel more confident and less inhibited when they have little fear of scrutiny

by coworkers; therefore, remote access policies and procedures must be designed and

m
er as
implemented very carefully.

co
eH w
o.
9.Monitor and respond to suspicious or disruptive behavior.
rs e
ou urc
In addition to monitoring online actions, organizations should closely monitor other

suspicious or disruptive behavior by employees in the workplace. Policies and procedures

o
aC s

should be in place for employees to report such behavior when they observe it in coworkers,
vi y re

with required follow-up by management.

ed d

10.Deactivate computer access following termination.

ar stu

When an employee terminates employment, whether the circumstances were favorable or

is

not, it is important that the organization have in place a rigorous termination procedure that
Th

disables all of the employee’s access points to the organization’s physical locations,
sh

networks, systems, applications, and data.

11.Collect and save data for use in investigations.

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 Should an insider attack, it is important that the organization have evidence in hand to

identify the insider and follow up appropriately.

12.Implement secure backup and recovery processes.

It is important that organizations prepare for the possibility of an attack or disruption by

implementing secure backup and recovery processes that are tested periodically

13.Clearly document insider threat controls.

m
As an organization acts to mitigate insider threat, clear documentation will help to ensure

er as
co
fewer gaps for attack, better understanding by employees, and fewer misconceptions that the

eH w
o.
organization is acting in a discriminatory manner.
rs e
ou urc
o

Traps for attackers can be :

aC s
vi y re
ed d
ar stu
is
Th
sh

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
 m
er as
co
eH w
o.
rs e
ou urc
o
aC s
vi y re
ed d
ar stu
is
Th
sh

This study source was downloaded by 100000803380160 from CourseHero.com on 05-20-2021 04:44:04 GMT -05:00

https://www.coursehero.com/file/34446495/Network-Security-Plan-Case-projectdocx/
Powered by TCPDF (www.tcpdf.org)