A manufacturing company requires the following features from its network: a public facing web presence,...

Transcribed Image Text:

A manufacturing company requires the following features from its network: • a public facing web presence, including an online web-shop for the sale of its products • many desktop machines for company employees • shared file serving for design files only accessible by company employees • an internal web server for training information only accessible by company employees • a sales database containing order information from the web-shop sales, this includes credit-card payment details from the purchasers • remote access for company employees working from home; these users only need to access the design files and training information. (a) Design a segmented network architecture that meets the specification above and is compliant with the Payment Card Industry Data Security Standard (PCI-DSS). Your answer should give high-level descriptions of the key network components and where they are connected in the network. (b) The manufacturing company, whose network you have designed in Part (a), is acquired by an organisation that uses a zero-trust security architecture based upon cloud services. All of the network and IT infrastructure of the company is to be transferred to this new architecture. Propose how this new security architecture will operate. Furthermore, comment on the use of the zero-trust architecture and PCI-DSS compliance. A manufacturing company requires the following features from its network: • a public facing web presence, including an online web-shop for the sale of its products • many desktop machines for company employees • shared file serving for design files only accessible by company employees • an internal web server for training information only accessible by company employees • a sales database containing order information from the web-shop sales, this includes credit-card payment details from the purchasers • remote access for company employees working from home; these users only need to access the design files and training information. (a) Design a segmented network architecture that meets the specification above and is compliant with the Payment Card Industry Data Security Standard (PCI-DSS). Your answer should give high-level descriptions of the key network components and where they are connected in the network. (b) The manufacturing company, whose network you have designed in Part (a), is acquired by an organisation that uses a zero-trust security architecture based upon cloud services. All of the network and IT infrastructure of the company is to be transferred to this new architecture. Propose how this new security architecture will operate. Furthermore, comment on the use of the zero-trust architecture and PCI-DSS compliance.

Answer rating: 100% (QA)

a Designing a Segmented Network Architecture for PCIDSS Compliance PublicFacing Web Presence This segment includes the public web servers and the onli... View the full answer