You have been working at InfoTico Technologies as an IT manger. InfoTico Technologies wants to open a new branch in another city and for this they already purchased a double story building. It consists of one server room on its second floor, 2 management room on second floor and one board room on the 1st floor. The following IT infrastructure will be delivered to the new location according to requirement list raised by you. 

- Twenty (20) HP I7 computers

- Four (2) Cisco 24 port switches

- Two (2) Hp ProLiant servers

- One (1) NBN connection

- Two (2) Wi fi Router

- One Wireless access point

- Two (2) Sharp MX-4111N all in one printers

- One (1) Biometric sensor

- One (1) server rack

- Sixty (60) patch cords (network cables)

Malware attack has been a critical issue for ABC Bank Last month a number of computer systems were out-of-order and caused significant financial damaged to the organisation.

Company officials want you to prepare a detailed report regarding the network security plans so that this report can be shared with company's risk analyst. After the approval of the risk analyst, the IT head can give you the go ahead for setting up the network design with the suggested changes.

Assessment task instructions

The purpose of this assessment task is to implement and manage security functions throughout a network. The assessment activities are mentioned within the assessment task.

The training organisation must ensure that the simulated assessment environment is in accordance with the requirements specified.

The training organisation will assign a supervisor to the student.

The training organisation will provide the resources required to complete the assessment task.

The student must use the templates provided to document their responses.

The student must follow the word-limits specified in the templates.

The trainer/assessor must assess the student using the performance checklist provided.

Task Environment:

This assessment task will be completed in a simulated environment prepared by Stanley College.

The simulated environment will provide you with all the required resources (such as the equipment and participants, etc.) to complete the assessment task. The simulated environment is very much like a learning environment where a student can practice, use and operate appropriate industrial equipment, techniques, and practices under realistic workplace conditions.

Your roles in this project will be as IT Manger.

Roles and responsibilities of trainer/supervisor are:

To provide a site where network installation may be conducted.

To provide small enterprise routers and switches.

To provide network's design documentation.

To provide equipment specifications.

To provide you hardware and software required to install and operate medium enterprise switches.

To provide end user device.

To provide policies and procedures pertaining to the installation and operation of a enterprise switches.

A) All three (3) phases of network security design
Defining planning phase for network security design according to organisational requirements Defining building phase for network security design according to organisational requirements Defining managing phase for network security design according to organisational requirements
1) Planning Phase, including the following: Note: You will need to briefly provide an input regarding each phase
Most suitable network topology according to office layout
The operating system for servers and workstations
Antivirus requirements for servers and workstations
Security measures for network components
2) Building Phase of network security design, including the following: Note: You will need to briefly provide an input regarding each phase
Risk assessment methods
Determine attacker scenarios and threats according to network security design specifications
Costing of network design
3) Managing phase, including the following information: Note: You will need to briefly provide an input regarding each phase
Design and document auditing and Incident reporting procedure
Design and document security policies
B) Risks assessment, including the following information:
Determine major threat themes to network security
Determine the potential origin of major threats according to network security design specifications
Identify industry standard common network
Design and document threat model according to network security design specifications
C) Risk management strategy
Determine required elements of risk management according to network security design specifications
Identify organisational assets requiring protection
Categorise and document assets and determine their value according to organisational requirements
Determine and document risk management plan according to organisational requirements
D) Plan control methods and countermeasures to manage the network security
From the given scenario, evaluate the security information and use it to plan control methods and countermeasures to manage prescribed network security requirements