You have been recently hired as a network security analyst for a small accountin

Question

You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer’s data. With your background and skills, they are looking to you to provide guidance. In addition to helping them secure their network, they require that you obtain your CompTIA Security+ certification within 60 days of being hired.

In addition to the owner, who serves as the overall business manager, there are about 20 people on staff:

10 accountants

3 administrative support specialists

1 vice president

1 financial manager

2 interns

There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project.

The firm has a simple network. There are currently 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff e mail accounts are set up through the company’s Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner is known to use his personal iPad during work hours to check and respond to e mail messages.

Prior to your hiring, they hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. They want to move away from using wireless as the primary network connection, but want to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them.

You’ve been asked to assess the current vulnerabilities and provide a recommendation to the firm’s owner on how to better secure the network infrastructure. Now that you are aware of the firm’s history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm’s owner has a basic understanding of computing, so it is important that you explain the technical issues in layman's terms.

Explanation / Answer

Answer:-

1. Vulnerabilities Assessment:-

Detailing list of IP addresses to be scanned. Arrange to configure (IDS/IPS) to accept the originating IP address, Optional scans using User credentials, contact information for both parties and planning scans including time-of-day.

Then performing an in-depth scan of the IP addresses provided and optional User credential scans to identify security weaknesses and vulnerabilities. Verifying all vulnerabilities discovered, identify false positives, determine the potential impact of exploited vulnerabilities, deliver a final report, scheduled project close-out teleconference, ensure full understanding of the recommended remediation actions and facilitate an effective knowledge transfer.

2. Network System Security Recommendations:-

Keep the computers up to date which help keep the computers on network safe, turn automatic updating on each and every computer. Windows can automatically install important and recommended updates, or important updates only. Important updates provide significant benefit, such as improved security and reliability. These updates can address non-critical problems in helping to enhance the computing experience.

Using firewall which can help prevent hackers or malicious softwares from gaining access to the computer through a network or Internet. Firewalls help keep out hackers, but they're not designed to protect against viruses, so install and use antivirus softwares.

Then consider in using a router to share an Internet connection. These devices usually have built-in firewalls, network address translation, and other features that can help keep network better protected against hackers.

For, the wireless network, we should set up a network security key, which turns on encryption. With this encryption, no one can connect to network without the security key. Any information which sents across the network is encrypted so that only computers that have the key to decrypt the information can read it. This helps in averting attempts to access network and files without permission. WiFi Protected Access is a recommended wireless network encryption method.

3. Application/End-User Security Recommendations written using the IEEE Citation style:-

Database - There is exactly no period after URL without the access date. Including the accessed date is optional but helpful to reader. Using last date accessed if the source was accessed more than once.

Reports - The general form for citing the technical reports is placing the names and location of the company after the title and to give report number and date at the end of the reference.

Online Documents If you are using documents such as a reports, conference papers, standards, patents or thesis online and it also exists as an identical print equivalent i.e. with the same format and pagination, it can be usually be referenced as the print version.

Website Note - Including as much of the key informations as we can find for the given website. If web page has no personal author, we can use the corporate author. Failing which, we can use either Anon or it is permissible to use the title of the site.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.