MediCare Solutions Security

During the implementation of the internal network infrastructure at MediCare Solutions, a security breach

occurred due to unauthorized access gained through a compromised user account in the Client Services

$($CS$)$ department. The attacker, using sophisticated social engineering tactics, acquired login credentials of

an employee with administrative privileges, breaching the CS network segment.

The attacker moved laterally across the LAN, exploiting vulnerabilities in network switches and weak access

controls between departmental segments, compromising sensitive data in the Medical Operations &

Radiology Services $($MORS$)$ and Patient Records Management $($PRM$)$ departments.

The network security team detected the intrusion using monitoring tools, initiating incident response

protocols. They isolated compromised segments, conducted forensic analysis, and enhanced access

controls to prevent future breaches.

You are tasked with Implementing the following on the network you designed in Question $1$ above

$3\mathrm{.}1$ Port Address Translation $($PAT$)$ and Access Control Lists $($ACLs$)$:

Implement PAT to translate private IP addresses to a single public IP for outbound internet access and

configure ACLs to control inbound$/$outbound traffic based on security policies.

$3\mathrm{.}2$ Switchport Security on Server Switch:

Configure switchport security to limit the number of MAC addresses allowed per switchport, preventing

unauthorized devices from connecting to the network.

$3\mathrm{.}3$ DHCP Snooping:

Enable DHCP snooping to mitigate rogue DHCP server attacks by monitoring and filtering DHCP messages,

allowing only authorized DHCP servers to allocate IP addresses.

$3\mathrm{.}4$ Dynamic ARP Inspection:

Implement Dynamic ARP Inspection to prevent ARP spoofing attacks by validating ARP packets and

discarding malicious or unauthorized ARP packets.