You have been working at InfoTico Technologies as an IT manger. InfoTico Technologies wants to open a
Question:
- Twenty (20) HP I7 computers
- Four (2) Cisco 24 port switches
- Two (2) Hp ProLiant servers
- One (1) NBN connection
- Two (2) Wi fi Router
- One Wireless access point
- Two (2) Sharp MX-4111N all in one printers
- One (1) Biometric sensor
- One (1) server rack
- Sixty (60) patch cords (network cables)
Malware attack has been a critical issue for ABC Bank Last month a number of computer systems were out-of-order and caused significant financial damaged to the organisation.
Company officials want you to prepare a detailed report regarding the network security plans so that this report can be shared with company's risk analyst. After the approval of the risk analyst, the IT head can give you the go ahead for setting up the network design with the suggested changes.
Assessment task instructions
The purpose of this assessment task is to implement and manage security functions throughout a network. The assessment activities are mentioned within the assessment task.
The training organisation must ensure that the simulated assessment environment is in accordance with the requirements specified.
The training organisation will assign a supervisor to the student.
The training organisation will provide the resources required to complete the assessment task.
The student must use the templates provided to document their responses.
The student must follow the word-limits specified in the templates.
The trainer/assessor must assess the student using the performance checklist provided.
Task Environment:
This assessment task will be completed in a simulated environment prepared by Stanley College.
The simulated environment will provide you with all the required resources (such as the equipment and participants, etc.) to complete the assessment task. The simulated environment is very much like a learning environment where a student can practice, use and operate appropriate industrial equipment, techniques, and practices under realistic workplace conditions.
Your roles in this project will be as IT Manger.
Roles and responsibilities of trainer/supervisor are:
To provide a site where network installation may be conducted.
To provide small enterprise routers and switches.
To provide network's design documentation.
To provide equipment specifications.
To provide you hardware and software required to install and operate medium enterprise switches.
To provide end user device.
To provide policies and procedures pertaining to the installation and operation of a enterprise switches.
A) All three (3) phases of network security design | |||
| |||
1) Planning Phase, including the following: Note: You will need to briefly provide an input regarding each phase | |||
Most suitable network topology according to office layout | |||
The operating system for servers and workstations | |||
Antivirus requirements for servers and workstations | |||
Security measures for network components | |||
2) Building Phase of network security design, including the following: Note: You will need to briefly provide an input regarding each phase | |||
Risk assessment methods | |||
Determine attacker scenarios and threats according to network security design specifications | |||
Costing of network design | |||
3) Managing phase, including the following information: Note: You will need to briefly provide an input regarding each phase | |||
Design and document auditing and Incident reporting procedure | |||
Design and document security policies | |||
B) Risks assessment, including the following information: | |||
Determine major threat themes to network security | |||
Determine the potential origin of major threats according to network security design specifications | |||
Identify industry standard common network | |||
Design and document threat model according to network security design specifications | |||
C) Risk management strategy | |||
Determine required elements of risk management according to network security design specifications | |||
Identify organisational assets requiring protection | |||
Categorise and document assets and determine their value according to organisational requirements | |||
Determine and document risk management plan according to organisational requirements | |||
D) Plan control methods and countermeasures to manage the network security | |||
From the given scenario, evaluate the security information and use it to plan control methods and countermeasures to manage prescribed network security requirements |
Introduction to Management Science A Modeling and Cases Studies Approach with Spreadsheets
ISBN: 978-0078024061
5th edition
Authors: Frederick S. Hillier, Mark S. Hillier