Overview: Now that you$$re super knowledgeable about security, let's put your newfound know$-$how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets.

Assignment: In this project, you$$ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization$$s requirements.

About the organization: This fictional organization has a small, but growing, employee base, with $50$ employees in one small office. The company is an online retailer of the world's finest artisanal, hand$-$crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.

Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:

An external website permitting users to browse and purchase widgets

An internal intranet website for employees to use

Secure remote access for engineering employees

Reasonable, basic firewall rules

Wireless coverage in the office

Reasonably secure configurations for laptops

Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.

Engineers will require access to internal websites, along with remote, command line access to their workstations.

Grading: This is a required assignment for the module.

What you'll do: You$$ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan:

Authentication system

External website security

Internal website security

Remote access solution

Firewall and basic rules recommendations

Wireless security

VLAN configuration recommendations

Laptop security configuration

Application policy recommendations

Security and privacy policy recommendations

Intrusion detection or prevention for systems containing customer data

This an outline not sure if I am in the right path help

Overview

Artisanal Widgets Inc. is an online retailer specializing in artisanal, hand$-$crafted widgets. The company currently employs $50$ individuals operating out of a single office. The company needs a comprehensive security plan to safeguard its digital assets, ensure the privacy of customer data, and provide secure access for employees. This document outlines the proposed security infrastructure designed to meet these requirements.

$1.$ Authentication System

Solution: Implement a centralized authentication system using Active Directory $($AD$)$ with Multi$-$Factor Authentication $($MFA$).$

Active Directory $($AD$)$: Centrally manage user credentials and access controls.

Multi$-$Factor Authentication $($MFA$)$: Add an additional layer of security by requiring a second form of verification $($e$.$g$.,$ SMS codes, authentication apps$).$

$2.$ External Website Security

Solution: Secure the external e$-$commerce website using the following measures:

HTTPS: Ensure all data transmitted between users and the website is encrypted using TLS$/$SSL certificates.

Web Application Firewall $($WAF$)$: Protect against common web vulnerabilities such as SQL injection, XSS$,$ and DDoS attacks.

Content Security Policy $($CSP$)$: Mitigate XSS attacks by controlling the resources the browser is allowed to load.

Regular Security Audits: Conduct periodic security assessments and vulnerability scans to identify and fix potential issues.

$3.$ Internal Website Security

Solution: Secure the internal intranet website with the following strategies:

HTTPS: Encrypt all communications within the internal network.

Role$-$Based Access Control $($RBAC$)$: Ensure employees can only access information necessary for their roles.

Internal WAF: Protect the intranet from internal threats and vulnerabilities.

Regular Patching and Updates: Keep the intranet system updated with the latest security patches.

$4.$ Remote Access Solution

Solution: Implement a secure VPN solution combined with strong authentication:

VPN: Use OpenVPN or another reputable VPN service to provide encrypted remote access.

MFA: Require MFA for VPN access to ensure that only authorized employees can connect remotely.

SSH Key Authentication: Engineers accessing command line interfaces should use SSH keys rather than passwords.

$5.$ Firewall and Basic Rules Recommendations

Solution: Configure firewalls with the following rules:

Inbound Rules:

Allow HTTP$/$HTTPS traffic to the external website.

Allow VPN traffic.

Allow necessary inbound email traffic $($SMTP$/$IMAP$).$

Outbound Rules:

Allow out