Question 1. Secure Network Design Tips Modern networks have become complex systems that require a wide array of technologies and design decisions. These decisions are largely contextual in terms of the appropriate selection of technology and decisions as to how the technologies are integrated. There are, however, some standard design concepts that have been adopted by a variety of technology standards organizations. Discuss the security controls and design features that you consider foundational to any secure network, and provide support for your selections.

Question 2. Designing a Secure Network The executives of Tanya's Taco Seasoning Company have recently decided to divest into other food-related industries. They have purchased several factories in Mexico and Honduras that manufacture salsa, refried beans, and other Latin food products. This new purchase has tripled the size of the company and the number of its employees. Nick Nelson, the CIO, has called a meeting of the executive board. He has asked for the funding to bring in an expert in network design and architecture to figure out the most effective design for integrating the four local LANs that now make up the backbone of the information technology for the company. You have taken the job of evaluating and providing recommendations for integration of these four small local LANs into a comprehensive and integrated network. You refer to a number of resources and standard bodies for guidance as to the proper approach to take in this evaluation. Complete the Toolwire lab. When submitting your assignment, attach the two screen prints you were asked to capture as part of the lab to this assignment to document successful completion of the lab. Use the Toolwire lab and the study materials, and engage in any additional research needed to fill in knowledge gaps. Write a 23 page paper that covers the following topics: Identify the primary characteristics of a secure network architecture within an international organization. Evaluate the existing network architecture within an international organization. Recommend redesign opportunities to enhance the security of a network within an international organization. Explore the various information security standards that contain a secure network design and architecture component.

Question 3. Penetration Testing Tools and Approaches There are a variety of tools that are available to the security professional engaged in controls testing, also known as penetration testing. Selection of tools is a mixture of personal choice, corporate policy, and application, based on the technologies being tested. The activities related to controls testing can be performed by internal staff interested in evaluating the efficacy of a particular control, however more frequently it is a requirement regulated by federal and state governments. This activity is increasingly becoming a component of external financial audits that public companies conduct as a means of validating the accuracy of annual financial statements. Discuss the tools that are available for engaging in the work of penetration testing and the pros and cons of both internal and external penetration testing activities.

Question 4. Application of Penetration Testing International University is a publicly-traded university that has campuses and online offerings across the United States, Canada, and Europe and has recently added a campus in Nairobi, Kenya. The network that supports these campuses is a mix of local LANs connected to the headquarters in Mobile, Alabama. The local LANs are the responsibility of IT staff, who are hired and managed locally. The WAN aspects of the network are centrally managed, as are the account creation and management activities. The CIO of International University has some concerns about the skills of the local IT staff and has hired you to engage in controls testing to evaluate the security profile of the network and to determine whether there are any security vulnerabilities being created at the local LAN level. He has also asked that you include in your controls testing report your recommendations for what skills and roles would be appropriate to ensure proper governance of security is occurring at all levels of the organization. Discuss the following: Evaluate the methodologies of testing design with the objective of measuring the level of network security within an international organization. Recommend strategies for testing the efficacy of the existing network architecture within an international organization. Explore the specific skills, roles, and tasks involved in designing a secure network architecture within an international organization. Explore the concept of synergistic security in terms of the impact of combining security controls in enhancing the overall security posture of an organization.