Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Overview: Now that you re super knowledgeable about security, let's put your newfound know - how to the test. You may find yourself in a
Overview: Now that youre super knowledgeable about security, let's put your newfound knowhow to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets.
Assignment: In this project, youll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organizations requirements.
About the organization: This fictional organization has a small, but growing, employee base, with employees in one small office. The company is an online retailer of the world's finest artisanal, handcrafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.
Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:
An external website permitting users to browse and purchase widgets
An internal intranet website for employees to use
Secure remote access for engineering employees
Reasonable, basic firewall rules
Wireless coverage in the office
Reasonably secure configurations for laptops
Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.
Engineers will require access to internal websites, along with remote, command line access to their workstations.
Grading: This is a required assignment for the module.
What you'll do: Youll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan:
Authentication system
External website security
Internal website security
Remote access solution
Firewall and basic rules recommendations
Wireless security
VLAN configuration recommendations
Laptop security configuration
Application policy recommendations
Security and privacy policy recommendations
Intrusion detection or prevention for systems containing customer data
This an outline not sure if I am in the right path help
Overview
Artisanal Widgets Inc. is an online retailer specializing in artisanal, handcrafted widgets. The company currently employs individuals operating out of a single office. The company needs a comprehensive security plan to safeguard its digital assets, ensure the privacy of customer data, and provide secure access for employees. This document outlines the proposed security infrastructure designed to meet these requirements.
Authentication System
Solution: Implement a centralized authentication system using Active Directory AD with MultiFactor Authentication MFA
Active Directory AD: Centrally manage user credentials and access controls.
MultiFactor Authentication MFA: Add an additional layer of security by requiring a second form of verification eg SMS codes, authentication apps
External Website Security
Solution: Secure the external ecommerce website using the following measures:
HTTPS: Ensure all data transmitted between users and the website is encrypted using TLSSSL certificates.
Web Application Firewall WAF: Protect against common web vulnerabilities such as SQL injection, XSS and DDoS attacks.
Content Security Policy CSP: Mitigate XSS attacks by controlling the resources the browser is allowed to load.
Regular Security Audits: Conduct periodic security assessments and vulnerability scans to identify and fix potential issues.
Internal Website Security
Solution: Secure the internal intranet website with the following strategies:
HTTPS: Encrypt all communications within the internal network.
RoleBased Access Control RBAC: Ensure employees can only access information necessary for their roles.
Internal WAF: Protect the intranet from internal threats and vulnerabilities.
Regular Patching and Updates: Keep the intranet system updated with the latest security patches.
Remote Access Solution
Solution: Implement a secure VPN solution combined with strong authentication:
VPN: Use OpenVPN or another reputable VPN service to provide encrypted remote access.
MFA: Require MFA for VPN access to ensure that only authorized employees can connect remotely.
SSH Key Authentication: Engineers accessing command line interfaces should use SSH keys rather than passwords.
Firewall and Basic Rules Recommendations
Solution: Configure firewalls with the following rules:
Inbound Rules:
Allow HTTPHTTPS traffic to the external website.
Allow VPN traffic.
Allow necessary inbound email traffic SMTPIMAP
Outbound Rules:
Allow out
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started