SlideShare a Scribd company logo

Scenario Overview Now that you’re super knowledgeable about se.docx

Download as DOCX, PDF
T
todd331

This document proposes a security infrastructure design for a fictional online retail organization with 50 employees. It recommends securing the external website for customer purchases, internal intranet site, remote access for engineers, and wireless network. It also suggests implementing firewall rules, securing laptop configurations, and protecting customer data with intrusion detection. The goal is to securely enable e-commerce transactions while maintaining privacy of user information.

Education
1 of 8
Scenario: Overview: Now that you’re super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets. Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape. Organization requirements: As the security consultant, the company needs you to add security measures to the following systems: · An external website permitting users to browse and purchase widgets · An internal intranet website for employees to use · Secure remote access for engineering employees · Reasonable, basic firewall rules · Wireless coverage in the office · Reasonably secure configurations for laptops Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices. Engineers will require access to internal websites, along with
remote, command line access to their workstations. Grading: This is a required assignment for the module. What you'll do: You’ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan: · Authentication system · External website security · Internal website security · Remote access solution · Firewall and basic rules recommendations · Wireless security · VLAN configuration recommendations · Laptop security configuration · Application policy recommendations · Security and privacy policy recommendations · Intrusion detection or prevention for systems containing customer data **** This is an example*** I found same assignment on Chegg.com**** Introduction This document describes how the functional and nonfunctional requirements recorded in the Requirements Document and the preliminary user-oriented functional design based on the design specifications. Furthermore, it describes the design goals in accordance with the requirements, by providing a high-level overview of the system architecture, and describes the data design associated with the system, as well as the human-machine scenarios in terms of interaction and operation. The high-level system design is further decomposed into low-level detailed design
specifications including hardware, software, data storage and retrieval mechanisms and external interfaces. Purpose of theSecurity Infrastructure Design Document The Security Infrastructure Design Document helps to document and track the necessary information required to effectively define architecture and system design in order to give the guidance on the security architecture of the IT environment that is going to be established. 2. General Overview and Design Approach 2.1 General Overview The client requires an IT infrastructure to perform their business activities that involve e-commerce applications and internal VPN access for their customers as well as employees with a high priority on the security and privacy of customer information and of the client’s as well 2.2 Assumptions/Constraints/Risks Assumptions It has been assumed that the employees are increased by 5% every year thereby reflecting the usage of the network bandwidth and increase of the devices that are connected to the enterprise network infrastructure. Constraints The following are the key considerations associated with the security of the infrastructure: · Authentication system · External website security · Internal website security · Remote access solution · Firewall and basic rules recommendations · Wireless security · VLAN configuration recommendations · Laptop security configuration · Application policy recommendations · Security and privacy policy recommendations · Intrusion detection or prevention for systems containing customer data
Risks Since the infrastructure is meant to carry out the e-commerce related transactions that may involve third party merchant authorizations and financial related issues, a strict security mechanism needs to be enforced so as to ensure that there is no such issue related in customers transactions as it may affect the reputation of the organization. Additionally, there should be a backup mechanism to take the data backups at regular intervals to deal with any unwanted situations like system failures, attacks by intruders etc., 2.3 Alignment with Federal Enterprise Architecture The proposed architecture strictly complies with federal Enterprise architecture, All the protocols being used, and the hardware interfaces used compiles with the industry standards as specified so as to ensure compatibility of the networks as well as the security in compliance with CMS Enterprise Architecture (EA) 3. Design considerations 3.1 Goals: The following are the desirable outcomes of the security infrastructure proposed to be implemented in the organization: · An external website permitting users to browse and purchase widgets securely. · An internal intranet website like that of a VPN for employees to use · Secure remote access for engineering employees · Reasonable, basic firewall rules · Wireless coverage in the office · Reasonably secure configurations for laptops · Privacy of the user data 3.2 Architectural Strategies For external website to perform purchase activity by customers: In order to provide a secure e-commerce transaction, the following are the primary which security goals include: · Protecting confidentiality of the data · Making sure that unauthorized persons or systems cannot
access the information of users; · Making sure that the information accessed is genuine; · Making the data accessible and usable; · Logging the transactions for further reference and support activity · Verifying the authenticity of a person to perform a transaction. 1. For intranet website accessed by employees: Since the data is accessed by the company employees only it should be only available to company’s level of access making it private from other information being maintained on the infrastructure So,the following are the considerations in this case: · Making sure that the access is within their intranet by implementing a firewall mechanism · Specifying the authentication mechanism to access the website by the employees · Supervising the activities and user management on the website by an administrator 1. Secure remote access for engineering employees We can perform safe implementation of remote access control objectives based on the following security considerations: Device type: What device types require remote access? Role: What remote access is appropriate for that role given the device used? Location. Is access from a public location, another company site, internal wireless, etc.? Process and data: What processes and data are accessible given the first three access characteristics? Authentication method: Does the need for strong authentication increase based on the device used, where it is used, and what it is allowed to access? 1. Basic firewall rules to be implemented: Block by default – to block all incoming and outgoing connections Allow specific traffic – only allow specified IP addresses Allow Inbound-only allowing intranet users
1. Wireless coverage in the office Can be provided with an 802.11 WLAN adapter/router with PSK(pre-shared key) configuration or a login based limited access to company WIFI by the employees Security considerations: Should be Password protected and metered 1. V-LAN Configuration: VLAN network segmentation creates security zones that enables flexible and strong control of what a remote user can access. security zones separating incoming traffic from internal resources. Using dynamic VLAN assignments and access control lists, we can control user access based on the conditions 1. Laptop Security configuration: One of the most vulnerable parts of the infrastructure is the laptop computers that employees use. These devices can be responsible for bringing in viruses or malware or causing the organization to lose sensitive data. This can be checked using the techniques such as: · Encrypting the disks on the laptops · Ensuring Antimalware/Antivirus are up to date in regular intervals · White listing the devices on the network · Running a product such as System Center Configuration Manager, LANDesk, Altiris, or some other systems management platform 1. Application policy recommendations · Integrate secure coding principles in all software components of infrastructure. · Perform automated application security testing as part of the overall application testing process. · Development and testing environments should redact all sensitive data or use de-identified data. · Compliance with industry standard data policies and protocols 1. Security and privacy policy recommendations Explain How the organization Collects and Use Personal Information
· Cookie Policy – Cookies are used to store user preferences or shopping cart contents. Clearly explain your cookie practice. · How organization will Share Customer Information – Customers need to know that their data will only be used to complete the transaction and that any further use of that data (including selling or distributing it) requires their consent. · Contact Information – Make it easy for your customers to contact you or file a complaint. Display Privacy Policy Make sure new customers or users have easy access to your policy mandatorily Publish Email Opt-Out Policies – Include opt-out options in your email marketing Get a Seal of Approval – Third party validation of your online privacy and security policy can enhance your credibility. And trust of security Intrusion detection or prevention for systems containing customer data As the demand for E-Commerce grows on the Internet so will the increasing potential for E-Commerce sites to be attacked. Implementing security methodologies pertaining to an E- Commerce environment is not a simple thing. It should consider various threats and anomalies that can cause an attack. This can be achieved though penetration testing and reverse engineering to detect by signature or by an anomaly. This can be achieved by a third-party IDS system readily available in the market Summary Thus, we can conclude the report of the security infrastructure of the organization has been assessed and recommendations were made as required for the proposed environment as specified Key assets being protected: Customer information, Company related information Key threats to protect against: Intrusion to website, Data Loss Key activities to protect against: Customer purchase of artifacts, payment transactions, employee
data Relative ranking of fundamental security goals: This is an important exercise for every organization as part of the risk mitigation planning process. For this project, the ranking came out like this: Confidentiality: high Integrity: high Availability: medium Auditability: medium Nonrepudiation: N/A

Recommended

What Is Mixed Reality & Its Applications?
What Is Mixed Reality & Its Applications?What Is Mixed Reality & Its Applications?
What Is Mixed Reality & Its Applications?Sushil Deshmukh
 
ppt on android vs iOS
ppt on android vs iOSppt on android vs iOS
ppt on android vs iOSShivam Gupta
 
Google glass documentation
Google glass documentationGoogle glass documentation
Google glass documentationCharan Reddy Mutyala
 
Android technology- Advantages & Limitations
Android technology- Advantages & LimitationsAndroid technology- Advantages & Limitations
Android technology- Advantages & LimitationsVaibhav Dixit
 
Holographic Data Storage
Holographic Data StorageHolographic Data Storage
Holographic Data StorageLikan Patra
 
Android OS Presentation
Android OS PresentationAndroid OS Presentation
Android OS PresentationEks Dhiee ジ
 
Gigabit Fidelity: The next generation wireless technology
Gigabit Fidelity: The next generation wireless technologyGigabit Fidelity: The next generation wireless technology
Gigabit Fidelity: The next generation wireless technologyNimisha Radhakrishnan
 
Microsoft Hololens Seminar Report
Microsoft Hololens Seminar ReportMicrosoft Hololens Seminar Report
Microsoft Hololens Seminar ReportHitesh Kumar Singh
 

Recommended

What Is Mixed Reality & Its Applications?
What Is Mixed Reality & Its Applications?What Is Mixed Reality & Its Applications?
What Is Mixed Reality & Its Applications?Sushil Deshmukh
 
ppt on android vs iOS
ppt on android vs iOSppt on android vs iOS
ppt on android vs iOSShivam Gupta
 
Google glass documentation
Google glass documentationGoogle glass documentation
Google glass documentationCharan Reddy Mutyala
 
Android technology- Advantages & Limitations
Android technology- Advantages & LimitationsAndroid technology- Advantages & Limitations
Android technology- Advantages & LimitationsVaibhav Dixit
 
Holographic Data Storage
Holographic Data StorageHolographic Data Storage
Holographic Data StorageLikan Patra
 
Android OS Presentation
Android OS PresentationAndroid OS Presentation
Android OS PresentationEks Dhiee ジ
 
Gigabit Fidelity: The next generation wireless technology
Gigabit Fidelity: The next generation wireless technologyGigabit Fidelity: The next generation wireless technology
Gigabit Fidelity: The next generation wireless technologyNimisha Radhakrishnan
 
Microsoft Hololens Seminar Report
Microsoft Hololens Seminar ReportMicrosoft Hololens Seminar Report
Microsoft Hololens Seminar ReportHitesh Kumar Singh
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital TrustCA Technologies
 
Brain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar ReportBrain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar Reportjosnapv
 
Six sense technology
Six sense technologySix sense technology
Six sense technologyRahul Bhagat
 
Sixth Sense Seminar ppt
Sixth Sense Seminar pptSixth Sense Seminar ppt
Sixth Sense Seminar pptshwetha shwet
 
Blue Brain
Blue BrainBlue Brain
Blue BrainKusum Agroiya
 
Glv
GlvGlv
Glvparthmsu
 
Microsoft Hololens
Microsoft HololensMicrosoft Hololens
Microsoft HololensMohammad Mujeeb Beg
 
Survey APJII 2022.pdf
Survey APJII 2022.pdfSurvey APJII 2022.pdf
Survey APJII 2022.pdfGedeSanguGemigedesan
 
Internet of-medical-things (io mt) market
Internet of-medical-things (io mt) marketInternet of-medical-things (io mt) market
Internet of-medical-things (io mt) marketReportCruxMarketRese
 
Holographic Memory
Holographic MemoryHolographic Memory
Holographic Memorysajayonline
 
Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems Hardik Jain
 
Ai in healthcare (3)
Ai in healthcare (3)Ai in healthcare (3)
Ai in healthcare (3)Nicholas Gormley
 
virtual reality
virtual realityvirtual reality
virtual realitySTUDENT
 
Android Presentation
Android PresentationAndroid Presentation
Android PresentationAdhoura Academy
 
Google Glass
Google GlassGoogle Glass
Google Glassshiva0529
 
Project glass ieee document
Project glass ieee documentProject glass ieee document
Project glass ieee documentbhavyakishore
 
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...IRJET Journal
 
Android vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functionsAndroid vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functionsDipesh Bhatiya
 
EMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGYEMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGYsikandar8233
 
Google glass
Google glassGoogle glass
Google glassPRADEEP Cheekatla
 
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docxWeek 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docxcockekeshia
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxikirkton
 

More Related Content

What's hot

Brain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar ReportBrain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar Reportjosnapv
 
Six sense technology
Six sense technologySix sense technology
Six sense technologyRahul Bhagat
 
Sixth Sense Seminar ppt
Sixth Sense Seminar pptSixth Sense Seminar ppt
Sixth Sense Seminar pptshwetha shwet
 
Internet of-medical-things (io mt) market
Internet of-medical-things (io mt) marketInternet of-medical-things (io mt) market
Internet of-medical-things (io mt) marketReportCruxMarketRese
 
Holographic Memory
Holographic MemoryHolographic Memory
Holographic Memorysajayonline
 
Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems Hardik Jain
 
virtual reality
virtual realityvirtual reality
virtual realitySTUDENT
 
Google Glass
Google GlassGoogle Glass
Google Glassshiva0529
 
Project glass ieee document
Project glass ieee documentProject glass ieee document
Project glass ieee documentbhavyakishore
 
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...IRJET Journal
 
Android vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functionsAndroid vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functionsDipesh Bhatiya
 
EMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGYEMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGYsikandar8233
 

What's hot (20)

Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
 
Brain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar ReportBrain-Computer Interface (BCI)-Seminar Report
Brain-Computer Interface (BCI)-Seminar Report
 
Six sense technology
Six sense technologySix sense technology
Six sense technology
 
Sixth Sense Seminar ppt
Sixth Sense Seminar pptSixth Sense Seminar ppt
Sixth Sense Seminar ppt
 
Blue Brain
Blue BrainBlue Brain
Blue Brain
 
Glv
GlvGlv
Glv
 
Microsoft Hololens
Microsoft HololensMicrosoft Hololens
Microsoft Hololens
 
Survey APJII 2022.pdf
Survey APJII 2022.pdfSurvey APJII 2022.pdf
Survey APJII 2022.pdf
 
Internet of-medical-things (io mt) market
Internet of-medical-things (io mt) marketInternet of-medical-things (io mt) market
Internet of-medical-things (io mt) market
 
Holographic Memory
Holographic MemoryHolographic Memory
Holographic Memory
 
Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems Comparative Study On Mobile Operating Systems
Comparative Study On Mobile Operating Systems
 
Ai in healthcare (3)
Ai in healthcare (3)Ai in healthcare (3)
Ai in healthcare (3)
 
virtual reality
virtual realityvirtual reality
virtual reality
 
Android Presentation
Android PresentationAndroid Presentation
Android Presentation
 
Google Glass
Google GlassGoogle Glass
Google Glass
 
Project glass ieee document
Project glass ieee documentProject glass ieee document
Project glass ieee document
 
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
Explainable AI in Healthcare: Enhancing Transparency and Trust upon Legal and...
 
Android vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functionsAndroid vs. IOS: Comparing features & functions
Android vs. IOS: Comparing features & functions
 
EMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGYEMERGING CELLULAR TECHNOLOGY
EMERGING CELLULAR TECHNOLOGY
 
Google glass
Google glassGoogle glass
Google glass
 

Similar to Scenario Overview Now that you’re super knowledgeable about se.docx

Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docxWeek 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docxcockekeshia
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxikirkton
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxgriffinruthie22
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxericbrooks84875
 
Dr. Eric Cole - 30 Things Every Manager Should Know
Dr. Eric Cole - 30 Things Every Manager Should KnowDr. Eric Cole - 30 Things Every Manager Should Know
Dr. Eric Cole - 30 Things Every Manager Should KnowNuuko, Inc.
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
Choose the Best Quality Access Control System for Your Organization Safety
Choose the Best Quality Access Control System for Your Organization SafetyChoose the Best Quality Access Control System for Your Organization Safety
Choose the Best Quality Access Control System for Your Organization SafetyNexlar Security
 
Designing a security policy to protect your automation solution
Designing a security policy to protect your automation solutionDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solutionSchneider Electric India
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overviewtibbr
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfNeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docx
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docxRunning Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docx
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docxtoltonkendal
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxKENNEDYDONATO1
 

Similar to Scenario Overview Now that you’re super knowledgeable about se.docx (20)

Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docxWeek 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
Week 7Worksheet 4 LANWAN Compliance and AuditingCourse L.docx
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
 
Dr. Eric Cole - 30 Things Every Manager Should Know
Dr. Eric Cole - 30 Things Every Manager Should KnowDr. Eric Cole - 30 Things Every Manager Should Know
Dr. Eric Cole - 30 Things Every Manager Should Know
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Choose the Best Quality Access Control System for Your Organization Safety
Choose the Best Quality Access Control System for Your Organization SafetyChoose the Best Quality Access Control System for Your Organization Safety
Choose the Best Quality Access Control System for Your Organization Safety
 
Designing a security policy to protect your automation solution
Designing a security policy to protect your automation solutionDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solution
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overview
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
CCSK.pptx
CCSK.pptxCCSK.pptx
CCSK.pptx
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Network security
Network securityNetwork security
Network security
 
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docx
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docxRunning Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docx
Running Head NETWORK INFRASTRUCTURE VULNERABILITIES1NETWORK .docx
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
 

More from todd331

ScanScan 1Sc.docx
ScanScan 1Sc.docxScanScan 1Sc.docx
ScanScan 1Sc.docxtodd331
 
Scapegoating is a theory of prejudice and discrimination. Societ.docx
Scapegoating is a theory of prejudice and discrimination. Societ.docxScapegoating is a theory of prejudice and discrimination. Societ.docx
Scapegoating is a theory of prejudice and discrimination. Societ.docxtodd331
 
Scanned with CamScannerScanned with CamScannerIN.docx
Scanned with CamScannerScanned with CamScannerIN.docxScanned with CamScannerScanned with CamScannerIN.docx
Scanned with CamScannerScanned with CamScannerIN.docxtodd331
 
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docx
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docxSara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docx
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docxtodd331
 
Scanned with CamScannerApplication Assignment 2 Part 2 .docx
Scanned with CamScannerApplication Assignment 2 Part 2 .docxScanned with CamScannerApplication Assignment 2 Part 2 .docx
Scanned with CamScannerApplication Assignment 2 Part 2 .docxtodd331
 
Scanned with CamScannerGlobal editionGloba.docx
Scanned with CamScannerGlobal editionGloba.docxScanned with CamScannerGlobal editionGloba.docx
Scanned with CamScannerGlobal editionGloba.docxtodd331
 
Scanned by CamScannerScanned by CamScannerChapte.docx
Scanned by CamScannerScanned by CamScannerChapte.docxScanned by CamScannerScanned by CamScannerChapte.docx
Scanned by CamScannerScanned by CamScannerChapte.docxtodd331
 
SANS SIFT tool             Final project , related to (digital foren.docx
SANS SIFT tool             Final project , related to (digital foren.docxSANS SIFT tool             Final project , related to (digital foren.docx
SANS SIFT tool             Final project , related to (digital foren.docxtodd331
 
Scanned by CamScannerScanned by CamScannerTABLE .docx
Scanned by CamScannerScanned by CamScannerTABLE .docxScanned by CamScannerScanned by CamScannerTABLE .docx
Scanned by CamScannerScanned by CamScannerTABLE .docxtodd331
 
Sandro Reyes .docx
Sandro Reyes .docxSandro Reyes .docx
Sandro Reyes .docxtodd331
 
Scanned with CamScannerResearch Summary (paper)For thi.docx
Scanned with CamScannerResearch Summary (paper)For thi.docxScanned with CamScannerResearch Summary (paper)For thi.docx
Scanned with CamScannerResearch Summary (paper)For thi.docxtodd331
 
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docx
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docxScanned with CamScannerHACCP Recipe TermsCheck tempe.docx
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docxtodd331
 
Scan by Easy Scanner© 2011 Natur.docx
Scan by Easy Scanner© 2011 Natur.docxScan by Easy Scanner© 2011 Natur.docx
Scan by Easy Scanner© 2011 Natur.docxtodd331
 
Scanned with CamScanner1 STANDARIZATION OF A B.docx
Scanned with CamScanner1 STANDARIZATION OF A B.docxScanned with CamScanner1 STANDARIZATION OF A B.docx
Scanned with CamScanner1 STANDARIZATION OF A B.docxtodd331
 
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docx
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docxScanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docx
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docxtodd331
 
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docx
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docxscan the following 2 poems by Robert Herrick. analyze each poems rhy.docx
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docxtodd331
 
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docx
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docxSBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docx
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docxtodd331
 
Scan the articles in the attached course text.  Write a discussi.docx
Scan the articles in the attached course text.  Write a discussi.docxScan the articles in the attached course text.  Write a discussi.docx
Scan the articles in the attached course text.  Write a discussi.docxtodd331
 
Scale Ratio Variable Histograms are useful for presenting qu.docx
Scale Ratio Variable Histograms are useful for presenting qu.docxScale Ratio Variable Histograms are useful for presenting qu.docx
Scale Ratio Variable Histograms are useful for presenting qu.docxtodd331
 
Scan 12Scan 13Scan 14Scan 15Scan 16S.docx
Scan 12Scan 13Scan 14Scan 15Scan 16S.docxScan 12Scan 13Scan 14Scan 15Scan 16S.docx
Scan 12Scan 13Scan 14Scan 15Scan 16S.docxtodd331
 

More from todd331 (20)

ScanScan 1Sc.docx
ScanScan 1Sc.docxScanScan 1Sc.docx
ScanScan 1Sc.docx
 
Scapegoating is a theory of prejudice and discrimination. Societ.docx
Scapegoating is a theory of prejudice and discrimination. Societ.docxScapegoating is a theory of prejudice and discrimination. Societ.docx
Scapegoating is a theory of prejudice and discrimination. Societ.docx
 
Scanned with CamScannerScanned with CamScannerIN.docx
Scanned with CamScannerScanned with CamScannerIN.docxScanned with CamScannerScanned with CamScannerIN.docx
Scanned with CamScannerScanned with CamScannerIN.docx
 
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docx
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docxSara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docx
Sara Mohammed1991 Washington St.Indiana, PA 15701(571) 550-3.docx
 
Scanned with CamScannerApplication Assignment 2 Part 2 .docx
Scanned with CamScannerApplication Assignment 2 Part 2 .docxScanned with CamScannerApplication Assignment 2 Part 2 .docx
Scanned with CamScannerApplication Assignment 2 Part 2 .docx
 
Scanned with CamScannerGlobal editionGloba.docx
Scanned with CamScannerGlobal editionGloba.docxScanned with CamScannerGlobal editionGloba.docx
Scanned with CamScannerGlobal editionGloba.docx
 
Scanned by CamScannerScanned by CamScannerChapte.docx
Scanned by CamScannerScanned by CamScannerChapte.docxScanned by CamScannerScanned by CamScannerChapte.docx
Scanned by CamScannerScanned by CamScannerChapte.docx
 
SANS SIFT tool             Final project , related to (digital foren.docx
SANS SIFT tool             Final project , related to (digital foren.docxSANS SIFT tool             Final project , related to (digital foren.docx
SANS SIFT tool             Final project , related to (digital foren.docx
 
Scanned by CamScannerScanned by CamScannerTABLE .docx
Scanned by CamScannerScanned by CamScannerTABLE .docxScanned by CamScannerScanned by CamScannerTABLE .docx
Scanned by CamScannerScanned by CamScannerTABLE .docx
 
Sandro Reyes .docx
Sandro Reyes .docxSandro Reyes .docx
Sandro Reyes .docx
 
Scanned with CamScannerResearch Summary (paper)For thi.docx
Scanned with CamScannerResearch Summary (paper)For thi.docxScanned with CamScannerResearch Summary (paper)For thi.docx
Scanned with CamScannerResearch Summary (paper)For thi.docx
 
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docx
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docxScanned with CamScannerHACCP Recipe TermsCheck tempe.docx
Scanned with CamScannerHACCP Recipe TermsCheck tempe.docx
 
Scan by Easy Scanner© 2011 Natur.docx
Scan by Easy Scanner© 2011 Natur.docxScan by Easy Scanner© 2011 Natur.docx
Scan by Easy Scanner© 2011 Natur.docx
 
Scanned with CamScanner1 STANDARIZATION OF A B.docx
Scanned with CamScanner1 STANDARIZATION OF A B.docxScanned with CamScanner1 STANDARIZATION OF A B.docx
Scanned with CamScanner1 STANDARIZATION OF A B.docx
 
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docx
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docxScanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docx
Scanlon Technologies, Inc. Anne Scanlon founded Scanlon Technol.docx
 
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docx
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docxscan the following 2 poems by Robert Herrick. analyze each poems rhy.docx
scan the following 2 poems by Robert Herrick. analyze each poems rhy.docx
 
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docx
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docxSBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docx
SBUX ISIncome Statement - As Reported 10K in millionsIncome Statem.docx
 
Scan the articles in the attached course text.  Write a discussi.docx
Scan the articles in the attached course text.  Write a discussi.docxScan the articles in the attached course text.  Write a discussi.docx
Scan the articles in the attached course text.  Write a discussi.docx
 
Scale Ratio Variable Histograms are useful for presenting qu.docx
Scale Ratio Variable Histograms are useful for presenting qu.docxScale Ratio Variable Histograms are useful for presenting qu.docx
Scale Ratio Variable Histograms are useful for presenting qu.docx
 
Scan 12Scan 13Scan 14Scan 15Scan 16S.docx
Scan 12Scan 13Scan 14Scan 15Scan 16S.docxScan 12Scan 13Scan 14Scan 15Scan 16S.docx
Scan 12Scan 13Scan 14Scan 15Scan 16S.docx
 

Recently uploaded

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 

Recently uploaded (20)

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 

Scenario Overview Now that you’re super knowledgeable about se.docx

  • 1. Scenario: Overview: Now that you’re super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets. Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape. Organization requirements: As the security consultant, the company needs you to add security measures to the following systems: · An external website permitting users to browse and purchase widgets · An internal intranet website for employees to use · Secure remote access for engineering employees · Reasonable, basic firewall rules · Wireless coverage in the office · Reasonably secure configurations for laptops Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices. Engineers will require access to internal websites, along with
  • 2. remote, command line access to their workstations. Grading: This is a required assignment for the module. What you'll do: You’ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan: · Authentication system · External website security · Internal website security · Remote access solution · Firewall and basic rules recommendations · Wireless security · VLAN configuration recommendations · Laptop security configuration · Application policy recommendations · Security and privacy policy recommendations · Intrusion detection or prevention for systems containing customer data **** This is an example*** I found same assignment on Chegg.com**** Introduction This document describes how the functional and nonfunctional requirements recorded in the Requirements Document and the preliminary user-oriented functional design based on the design specifications. Furthermore, it describes the design goals in accordance with the requirements, by providing a high-level overview of the system architecture, and describes the data design associated with the system, as well as the human-machine scenarios in terms of interaction and operation. The high-level system design is further decomposed into low-level detailed design
  • 3. specifications including hardware, software, data storage and retrieval mechanisms and external interfaces. Purpose of theSecurity Infrastructure Design Document The Security Infrastructure Design Document helps to document and track the necessary information required to effectively define architecture and system design in order to give the guidance on the security architecture of the IT environment that is going to be established. 2. General Overview and Design Approach 2.1 General Overview The client requires an IT infrastructure to perform their business activities that involve e-commerce applications and internal VPN access for their customers as well as employees with a high priority on the security and privacy of customer information and of the client’s as well 2.2 Assumptions/Constraints/Risks Assumptions It has been assumed that the employees are increased by 5% every year thereby reflecting the usage of the network bandwidth and increase of the devices that are connected to the enterprise network infrastructure. Constraints The following are the key considerations associated with the security of the infrastructure: · Authentication system · External website security · Internal website security · Remote access solution · Firewall and basic rules recommendations · Wireless security · VLAN configuration recommendations · Laptop security configuration · Application policy recommendations · Security and privacy policy recommendations · Intrusion detection or prevention for systems containing customer data
  • 4. Risks Since the infrastructure is meant to carry out the e-commerce related transactions that may involve third party merchant authorizations and financial related issues, a strict security mechanism needs to be enforced so as to ensure that there is no such issue related in customers transactions as it may affect the reputation of the organization. Additionally, there should be a backup mechanism to take the data backups at regular intervals to deal with any unwanted situations like system failures, attacks by intruders etc., 2.3 Alignment with Federal Enterprise Architecture The proposed architecture strictly complies with federal Enterprise architecture, All the protocols being used, and the hardware interfaces used compiles with the industry standards as specified so as to ensure compatibility of the networks as well as the security in compliance with CMS Enterprise Architecture (EA) 3. Design considerations 3.1 Goals: The following are the desirable outcomes of the security infrastructure proposed to be implemented in the organization: · An external website permitting users to browse and purchase widgets securely. · An internal intranet website like that of a VPN for employees to use · Secure remote access for engineering employees · Reasonable, basic firewall rules · Wireless coverage in the office · Reasonably secure configurations for laptops · Privacy of the user data 3.2 Architectural Strategies For external website to perform purchase activity by customers: In order to provide a secure e-commerce transaction, the following are the primary which security goals include: · Protecting confidentiality of the data · Making sure that unauthorized persons or systems cannot
  • 5. access the information of users; · Making sure that the information accessed is genuine; · Making the data accessible and usable; · Logging the transactions for further reference and support activity · Verifying the authenticity of a person to perform a transaction. 1. For intranet website accessed by employees: Since the data is accessed by the company employees only it should be only available to company’s level of access making it private from other information being maintained on the infrastructure So,the following are the considerations in this case: · Making sure that the access is within their intranet by implementing a firewall mechanism · Specifying the authentication mechanism to access the website by the employees · Supervising the activities and user management on the website by an administrator 1. Secure remote access for engineering employees We can perform safe implementation of remote access control objectives based on the following security considerations: Device type: What device types require remote access? Role: What remote access is appropriate for that role given the device used? Location. Is access from a public location, another company site, internal wireless, etc.? Process and data: What processes and data are accessible given the first three access characteristics? Authentication method: Does the need for strong authentication increase based on the device used, where it is used, and what it is allowed to access? 1. Basic firewall rules to be implemented: Block by default – to block all incoming and outgoing connections Allow specific traffic – only allow specified IP addresses Allow Inbound-only allowing intranet users
  • 6. 1. Wireless coverage in the office Can be provided with an 802.11 WLAN adapter/router with PSK(pre-shared key) configuration or a login based limited access to company WIFI by the employees Security considerations: Should be Password protected and metered 1. V-LAN Configuration: VLAN network segmentation creates security zones that enables flexible and strong control of what a remote user can access. security zones separating incoming traffic from internal resources. Using dynamic VLAN assignments and access control lists, we can control user access based on the conditions 1. Laptop Security configuration: One of the most vulnerable parts of the infrastructure is the laptop computers that employees use. These devices can be responsible for bringing in viruses or malware or causing the organization to lose sensitive data. This can be checked using the techniques such as: · Encrypting the disks on the laptops · Ensuring Antimalware/Antivirus are up to date in regular intervals · White listing the devices on the network · Running a product such as System Center Configuration Manager, LANDesk, Altiris, or some other systems management platform 1. Application policy recommendations · Integrate secure coding principles in all software components of infrastructure. · Perform automated application security testing as part of the overall application testing process. · Development and testing environments should redact all sensitive data or use de-identified data. · Compliance with industry standard data policies and protocols 1. Security and privacy policy recommendations Explain How the organization Collects and Use Personal Information
  • 7. · Cookie Policy – Cookies are used to store user preferences or shopping cart contents. Clearly explain your cookie practice. · How organization will Share Customer Information – Customers need to know that their data will only be used to complete the transaction and that any further use of that data (including selling or distributing it) requires their consent. · Contact Information – Make it easy for your customers to contact you or file a complaint. Display Privacy Policy Make sure new customers or users have easy access to your policy mandatorily Publish Email Opt-Out Policies – Include opt-out options in your email marketing Get a Seal of Approval – Third party validation of your online privacy and security policy can enhance your credibility. And trust of security Intrusion detection or prevention for systems containing customer data As the demand for E-Commerce grows on the Internet so will the increasing potential for E-Commerce sites to be attacked. Implementing security methodologies pertaining to an E- Commerce environment is not a simple thing. It should consider various threats and anomalies that can cause an attack. This can be achieved though penetration testing and reverse engineering to detect by signature or by an anomaly. This can be achieved by a third-party IDS system readily available in the market Summary Thus, we can conclude the report of the security infrastructure of the organization has been assessed and recommendations were made as required for the proposed environment as specified Key assets being protected: Customer information, Company related information Key threats to protect against: Intrusion to website, Data Loss Key activities to protect against: Customer purchase of artifacts, payment transactions, employee
  • 8. data Relative ranking of fundamental security goals: This is an important exercise for every organization as part of the risk mitigation planning process. For this project, the ranking came out like this: Confidentiality: high Integrity: high Availability: medium Auditability: medium Nonrepudiation: N/A