Answered step by step
Verified Expert Solution
Question
1 Approved Answer
You've been hired as a network and information security officer for a private IT security firm that offers private and public clients security services
You've been hired as a network and information security officer for a private IT security firm that offers private and public clients security services and expertise. You've been given the task of providing network and information security to a company that deals with data communication and e-commerce. Because their business is rapidly expanding, they must develop effective network security strategies because: Security breaches can be extremely costly in terms of business disruption and potential financial losses. Increasing amounts of sensitive data are being exchanged over the internet or intranets that are connected to it. It was discovered that hackers were attempting to take advantage of the company's less technical employees. As a result, the organisation has asked you to supply a complete security solution. Available Assets: Information assets Databases: Contains information critical to your business. Data files: Information stored within file outside of a database. Software assets Application software: Implements business processes. System software: Operating Systems, Mobile OS', VOIP, Firewall etc. Physical assets Computer equipment: Desktops, laptops, phones, servers. Communication equipment: PBX, POP gateway, routers, switches. Storage media: Off/on site backup media, software inventory, etc. Technical equipment: UPS, server racks, wiring closet(s), etc. Security equipment: Firewall. Your company carried out the security risk assessment for the hazard identification, risk analysis, and risk evaluation based on the available assets. As a result, they identified several threats: 1) Database threats a. Credential threats b. Privilege Threats c. System Threats i. SQL injections ii. Cloud 2) Network Security Threats a. Network Ransomware Attacks b. Denial of Service Attacks c. Identity Spoofing d. SSL/TLS Attacks e. Penetration Testing f. Browser Attacks Based on the security risk assessment, your task is to create a report that includes the following information: Purpose of the Project (Background) > Based on your company's Risk assessment, justify and answer the following questions o Explain briefly about the identified threats (any two from each identified threats) o Based on the identified threats, explain the possible consequences of failing to manage threats. Propose Solution o Overview of Security Mechanism o Propose a solution, which employs a security mechanism including, cryptographic algorithms, network access control and other possible security solutions. Justify the selection of your security mechanism. o Explain how the company will maintain the security (security policies), considering the CIA triads. o The company has both software and hardware firewalls. Explain the purpose of having both firewalls. Conclusion
Step by Step Solution
★★★★★
3.38 Rating (154 Votes )
There are 3 Steps involved in it
Step: 1
Project Report Enhancing Network and Information Security Purpose of the Project Background The purpose of this project is to strengthen the network and information security of the client a rapidly ex...Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started