home / study / engineering / computer science / questions and answers / XYZ Corp

Question

home / study / engineering / computer science / questions and answers / XYZ Corporation Has Relocated To A New Building ... Question: XYZ Corporation has relocated to a new building th... Bookmark XYZ Corporation has relocated to a new building that was wired and set up for a local area network(LAN). The company implemented a client/server -based network in which all printers, folders, and other resources are shared but everyone has access to everything and there is no security outside of the defaults that were in place when the system was set up. You have been hired to secure XYZ;s network and ensure that the company has the highest levels of security to protect against internal and external attacks. In 8 to 10 pages prposal, include the following items to provide a comprehensive secure enviroment: 1. A plan to provide secure access control methods for all user access. 2. A viable password policy, which includes coomplexity, duration, and history requirments. 3. A cryptography method to ensure vital data is encrypted 4. A remote access plan to ensure that users who access the network remotely do so in a secure and efficient manner. 5. A thorough plan to protect the network from malware and various types of malicious attacks. Your proposal should include all of the element noted above with support, detail, and elaboration for each section.

Explanation / Answer

1.

802.1x authentication can be configured for controlled network access. It needs supplicant, network switch and Authentication server.

Authentication server communicates with domain controller to get the authentication verified provided by user.Once authentication successful DHCP server releases the IP address to that particular userid (which is domain login id usually). User activity on the network can be tracked and logs can be maintained and only authorised user will get the access of the network.

2.

The best practices :

Password History : Policy to be put to restrict user from using several common passwords.
Password Duration: Define maximum and minimum password duration . you can define maximum duration as 30 days after that user has to change the password.
Compexity: Following value can be enforced.

•Passwords must have at least six characters.
•Passwords must use at least three of the four available character types: lowercase letters, uppercase letters, numbers, and symbols.

3.

First, it is vital to understand what information needs encryption protection to decide where the technology will be deployed. It is also important when to secure the data.what needs to be encrypted is also important. for example: Hard Drives,Individual Files,Removable Media , IM(instant messaging) etc....
Symantec's encryption solutions provide maximum protection, robust management, and increased security with Symantec Data Loss Prevention (DLP) integration.

4.

if you use Checkpoints UTM-1 appliance , you can allow users to access it remotely through their Remote Access VPN Clients .

1) Set Up Your UTM-1 Appliance as a VPN Server.
2) Add and edit users that need to have Remote VPN access.

Configuration details can be refered from UTM configuration manual.

5.

Malware is a combination of the words malicious and software. This term is often used for threats
such as viruses, spyware, adware, and other software installed without a user's consent or knowledge.
Malware attacks are almost entirely an automated activity. Malware can get into your system in various ways, including :

•Infected email attachments
•Infected removable storage media like portable thumbnail drives
•Downloaded software, including mobile apps
•Links in email, social media websites, or instant messages .

Solution :
Antivirus and Anti-spyware software monitor your computer for potential threats. Such as Symantec Endpoint Protection :
you can use Symantec Endpoint Protection to centrally manage protection for all the endpoints in your organization's network.

This solution combines several Symantec technologies like antivirus and antispyware, Intrusion prevention system, proactive Threat scanning , application control .

Hope, it will help you.

Thanks

Related Questions

Navigate

• Browse (All)
• Browse H
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.