Overview: Now that youre super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets.

Assignment: In this project, youll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organizations requirements.

About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.

Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:

An external website permitting users to browse and purchase widgets

An internal intranet website for employees to use

Secure remote access for engineering employees

Reasonable, basic firewall rules

Wireless coverage in the office

Reasonably secure configurations for laptops

Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.

Engineers will require access to internal websites, along with remote, command line access to their workstations.

Submission: You should write your document using a text editor or word processor (e.g., Google Docs, Microsoft Word, OpenOffice, etc.). You should upload your document in PDF format (i.e., my_submission.pdf). Please do not upload your submission using proprietary software extensions, like .docx or .pptx.

Grading: This is a required assignment for the module. The assignment is peer reviewed, so after you submit your response, youll need to review and evaluate three submissions from other learners taking this course. To grade other submissions, make sure to follow the instructions and respond to the questions.

Review criterialess

Grading: This is a required assignment for the module. The assignment is peer reviewed, so after you submit your response, youll need to review and evaluate three submissions from other learners taking this course. To grade other submissions, make sure to follow the instructions and respond to the questions.

After submitting your assignment, youll evaluate three of your peers. Youll give a quantitative (multiple choice) assessment of the response to each question. Then, youll provide qualitative (open response) feedback for the assignment as a whole.

Step-By-Step Assignment Instructionsless

Youll create a security infrastructure design document for a fictional organization. Your plan will be evaluated according to how well you met the organization's requirements. Points will be awarded based on how well you met these requirements, considering the security implications of your choices.

The following elements should be incorporated into your plan:

Authentication system

External website security

Internal website security

Remote access solution

Firewall and basic rules recommendations

Wireless security

VLAN configuration recommendations

Laptop security configuration

Application policy recommendations

Security and privacy policy recommendations

Intrusion detection or prevention for systems containing customer data