Comprehensive Network Security Plan for CQUniversity
VerifiedAdded on 2020/04/15
|27
|7506
|360
AI Summary
The report presents a comprehensive network security plan aimed at fortifying the network infrastructure of CQUniversity. It begins by emphasizing the importance of developing stringent security policies to protect network components from unauthorized access, thereby increasing network flexibility. The analysis delves into identifying potential errors and vulnerabilities within the existing network system. Furthermore, it outlines the necessity for improvement areas that would ensure network uptime and robust security measures against cyber threats. To address these challenges, the report documents various networking policies that could be implemented to enhance security. An integral part of this strategy is recognizing the associated risks in the development project and crafting a risk mitigation plan to eliminate or reduce them. The study concludes by asserting that with proper identification of vulnerabilities and formulation of appropriate security measures, the network can be safeguarded effectively against unauthorized access while maintaining operational flexibility.
Network Security Plan
Introduction
For the development of the network security plan an analysis is made on the current network
infrastructure of the First national university and the security measures that can be
imploemneted in the design is analyzed. The network security plan is important because it
enables to identify the different areas of risk associated with the network and configure the
network accordingly such that it meets all the requirement of the user. The network of the
camous is expanded over 10 metropoliton cities and 5 different regions. A wide area network
design should be created for covering the different parts of the campus. The user connected in
the network should be able to communicate with each other using the network. VPN, Firewall
and other security hardware or software can be used by the organization for increasing the
security of the University network solution. The servers must be configured with active
directory such that separate user account is needed for accessing the core resources of the
server installed in the network. The server must be secured against illegal access and it is
recommended to create a DMZ zone for installing the servers and secure it from physical
access. The slection of the security technology is important for increasing the security of the
network and elimination of the different vulnerabilities related with the dveelopment of the
First national university network infrastructure.
Scope
The development of the network solution would help First National university to open new
opportunities and develop the network frameework for aligning the curret buisness needs of
the organization. The scopes of the network security project are given below:
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Introduction
For the development of the network security plan an analysis is made on the current network
infrastructure of the First national university and the security measures that can be
imploemneted in the design is analyzed. The network security plan is important because it
enables to identify the different areas of risk associated with the network and configure the
network accordingly such that it meets all the requirement of the user. The network of the
camous is expanded over 10 metropoliton cities and 5 different regions. A wide area network
design should be created for covering the different parts of the campus. The user connected in
the network should be able to communicate with each other using the network. VPN, Firewall
and other security hardware or software can be used by the organization for increasing the
security of the University network solution. The servers must be configured with active
directory such that separate user account is needed for accessing the core resources of the
server installed in the network. The server must be secured against illegal access and it is
recommended to create a DMZ zone for installing the servers and secure it from physical
access. The slection of the security technology is important for increasing the security of the
network and elimination of the different vulnerabilities related with the dveelopment of the
First national university network infrastructure.
Scope
The development of the network solution would help First National university to open new
opportunities and develop the network frameework for aligning the curret buisness needs of
the organization. The scopes of the network security project are given below:
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
The facilities provided to the student and the staffs can be manage from a central
point with the development of the network infrastructure and increase the efficiency
of the network communication for the development of the network security.
Different innovative technologies can be applied in the network such that the different
activities of the network can be managed efficiently and the business process of the
organization can be re aligned for redesigning the network security and develop the
network security plan.
Different project activities can be included such that it helps in systematic
development of the network infrastructure and develop the security policy for
securing the network elements. For the successful implementation of the network
security it is important to develop a network security policy and analyse the future
needs for the users connected in the network.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
point with the development of the network infrastructure and increase the efficiency
of the network communication for the development of the network security.
Different innovative technologies can be applied in the network such that the different
activities of the network can be managed efficiently and the business process of the
organization can be re aligned for redesigning the network security and develop the
network security plan.
Different project activities can be included such that it helps in systematic
development of the network infrastructure and develop the security policy for
securing the network elements. For the successful implementation of the network
security it is important to develop a network security policy and analyse the future
needs for the users connected in the network.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Objectives
The network development project for the First National University is designed for the
imporvement of the security and efficiency of the current networo design of the university.
The following are the objectives identified for the development of the network framework
and the secuirty needs in the network redesign for improvement of the facilities of the
network.
To make the servers and the network available for the users 24 * 7 such that the user
does not feels any lag while using the university network solution.
To design the network according to the floor plan of the building of the university and
divide the network into different subnets such that it can be used for the creation of
different VLAN and make the management of the network easier.
To create a network security policy for the network the business rules of the
university should be analysed and the rules should be aligned with the security policy
for improvement of the security of the network.
To implement the network security policy for the development of the report it is
important to identify the requirement of the project and develop the project according
to the needs of the users.
To configure the network devices according to the requirement and develop user
group policy for the management of the network solution secure the servers from
illegal access.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The network development project for the First National University is designed for the
imporvement of the security and efficiency of the current networo design of the university.
The following are the objectives identified for the development of the network framework
and the secuirty needs in the network redesign for improvement of the facilities of the
network.
To make the servers and the network available for the users 24 * 7 such that the user
does not feels any lag while using the university network solution.
To design the network according to the floor plan of the building of the university and
divide the network into different subnets such that it can be used for the creation of
different VLAN and make the management of the network easier.
To create a network security policy for the network the business rules of the
university should be analysed and the rules should be aligned with the security policy
for improvement of the security of the network.
To implement the network security policy for the development of the report it is
important to identify the requirement of the project and develop the project according
to the needs of the users.
To configure the network devices according to the requirement and develop user
group policy for the management of the network solution secure the servers from
illegal access.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Assumptions
.....Different types of assumptions are made for the development of the security framework of
the network solution and they can be grouped into two types such as design assumptiona nd
the security assumption. The assumption helps in eliminating the barriers faced during the
development of the network project and divide the network assets for taking input from the
same level and take effective decision for the improvement of the competition policy. The
priorities and the responsibility of the project are also assumed regardless of the expected
outcomes from the network design plan and the enterprise network should be created
considering the innovation, quality and the creativity of the network solution. The risk
associated with the network should be shared with the different personnel such that the
network is designed according to the needs and the security of the network is retained.
Assumption for creation of the network design – For the development of the network design
it is assumed that the network development team have the sufficient knowledge about the
requirement of the users connected with the First national University Network. A prototype
of the network design should be created in any simulator software such that it can be
confirmed with the stakeholders associated with the development of the project.
Assumptions for the development of the network security plan – The network security
device, hardware and software that is essential for increasing the security of the network
should be identified and it is assumed that is the security device can counter measure the
different threats acting on the network. It is also assumed that the development team is able to
configure the firewall and the other security device used for securing the network and would
not face any difficulty while configuring the network security. The external factors like price,
legal factors would not hamper the current needs of the network and the network security
plan would meet all the objectives of the First national University.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
.....Different types of assumptions are made for the development of the security framework of
the network solution and they can be grouped into two types such as design assumptiona nd
the security assumption. The assumption helps in eliminating the barriers faced during the
development of the network project and divide the network assets for taking input from the
same level and take effective decision for the improvement of the competition policy. The
priorities and the responsibility of the project are also assumed regardless of the expected
outcomes from the network design plan and the enterprise network should be created
considering the innovation, quality and the creativity of the network solution. The risk
associated with the network should be shared with the different personnel such that the
network is designed according to the needs and the security of the network is retained.
Assumption for creation of the network design – For the development of the network design
it is assumed that the network development team have the sufficient knowledge about the
requirement of the users connected with the First national University Network. A prototype
of the network design should be created in any simulator software such that it can be
confirmed with the stakeholders associated with the development of the project.
Assumptions for the development of the network security plan – The network security
device, hardware and software that is essential for increasing the security of the network
should be identified and it is assumed that is the security device can counter measure the
different threats acting on the network. It is also assumed that the development team is able to
configure the firewall and the other security device used for securing the network and would
not face any difficulty while configuring the network security. The external factors like price,
legal factors would not hamper the current needs of the network and the network security
plan would meet all the objectives of the First national University.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Analysis
For the development of the network solution the risk is needed to be identified and it is
important to identify the security assets and the other network equipment that are vulnerable
to the network and should be secured from illegal access. The assets of the First national
university are divided into Physical and Non Physical assets and the different risk acting on it
are identified for the development of a secure network solution.
Asset Identification and Assessment
Physical Assets –
The main elements that falls on the category of physical assets are the different network
hardware devices that are needed to be deployed in different areas of the network for
enabling communication with the main campus, regional campus and the other department of
the university. There are different network devices such as 2000 PCs, headsets, webcams, 20
networked Laser Printers, 50 computer labs with 1200 Desktop PCs and 50 printers, VoIP
video phones for the main campus. For the metropolitan and the regional campus there are
250 Desktop PCs, 4 networked Laser Printers, 10 computer labs with 240 PCs and 10
printers. For the operation and the backup site there are 250 servers, 4 networked Laser
Printers, 10 computer labs with 240 PCs and 10 printers.
Non-Physical Assets –
The non-physical assets for the first national university consists of the operating system used
in the desktops and the servers of the university network and they are mainly Ubuntu,
Windows 10, Windows 7 and Windows Server 2012 R2. Network drive is also attached with
the university network that is used for backing up the local data into the cloud servers and
increase the redundancy of the data and create a recovery mechanism for the development of
the network solution. The routers (“Cisco 2811 Integrated Services Router”), Switches
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
For the development of the network solution the risk is needed to be identified and it is
important to identify the security assets and the other network equipment that are vulnerable
to the network and should be secured from illegal access. The assets of the First national
university are divided into Physical and Non Physical assets and the different risk acting on it
are identified for the development of a secure network solution.
Asset Identification and Assessment
Physical Assets –
The main elements that falls on the category of physical assets are the different network
hardware devices that are needed to be deployed in different areas of the network for
enabling communication with the main campus, regional campus and the other department of
the university. There are different network devices such as 2000 PCs, headsets, webcams, 20
networked Laser Printers, 50 computer labs with 1200 Desktop PCs and 50 printers, VoIP
video phones for the main campus. For the metropolitan and the regional campus there are
250 Desktop PCs, 4 networked Laser Printers, 10 computer labs with 240 PCs and 10
printers. For the operation and the backup site there are 250 servers, 4 networked Laser
Printers, 10 computer labs with 240 PCs and 10 printers.
Non-Physical Assets –
The non-physical assets for the first national university consists of the operating system used
in the desktops and the servers of the university network and they are mainly Ubuntu,
Windows 10, Windows 7 and Windows Server 2012 R2. Network drive is also attached with
the university network that is used for backing up the local data into the cloud servers and
increase the redundancy of the data and create a recovery mechanism for the development of
the network solution. The routers (“Cisco 2811 Integrated Services Router”), Switches
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
(“Cisco Catalyst 2960 Series Switches”) are used for the development of the local area
network of the different areas of the university. There are different software installed in the
servers such as network traffic analyser, file storage solution, antivirus that are also
considered as the non-physical assets. Load balancer can also be used for increasing the
security of the network and reducing the load on the physical server for getting the maximum
throughput from it.
Risks
Individual Asset Risk Analysis
The individual resource chance examination depends on the advancement of the compelling
danger appraisal for the system association activities of FNU. The individual hazard
investigation would be based for the arrangement of the exercises supporting the recognizable
proof of the hazard factors. The different hazard elements would be broke down in light of
the ramifications of the compelling advancement of the system plan and utilizing system
observing devices for shaping the major glitches in the system. The plausible hazard factors
for the system association arrangement at FNU are introduction of the key college
applications and administrations to outer people because of the cloud sending, wrong access
and utilization of assets, unapproved and malignant inner and outside system assaults, and
system excess. Every one of these issues would bring about framing the significant issues for
the execution of the system association for the FNU. The issues would bring about framing
the immediate and backhanded effect on the physical and nonphysical resources of FNU. The
hazard factor would frame the issues in administration of the correspondence for the FNU
and it would bring about shaping the real issues for the administration of the different areas
on a solitary system association.
Risk Summary
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
network of the different areas of the university. There are different software installed in the
servers such as network traffic analyser, file storage solution, antivirus that are also
considered as the non-physical assets. Load balancer can also be used for increasing the
security of the network and reducing the load on the physical server for getting the maximum
throughput from it.
Risks
Individual Asset Risk Analysis
The individual resource chance examination depends on the advancement of the compelling
danger appraisal for the system association activities of FNU. The individual hazard
investigation would be based for the arrangement of the exercises supporting the recognizable
proof of the hazard factors. The different hazard elements would be broke down in light of
the ramifications of the compelling advancement of the system plan and utilizing system
observing devices for shaping the major glitches in the system. The plausible hazard factors
for the system association arrangement at FNU are introduction of the key college
applications and administrations to outer people because of the cloud sending, wrong access
and utilization of assets, unapproved and malignant inner and outside system assaults, and
system excess. Every one of these issues would bring about framing the significant issues for
the execution of the system association for the FNU. The issues would bring about framing
the immediate and backhanded effect on the physical and nonphysical resources of FNU. The
hazard factor would frame the issues in administration of the correspondence for the FNU
and it would bring about shaping the real issues for the administration of the different areas
on a solitary system association.
Risk Summary
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The plausible dangers of the system execution are presentation of the key college applications
and administrations to outer people because of the cloud organization, improper access and
utilization of assets, unapproved and noxious inside and outside system assaults, and system
excess. The movement of the key applications and tasks would bring about making the
information and data accessible on the cloud stage that can be gotten to from any area
bringing about probability of information abuse and alteration. The likelihood of unapproved
and noxious inward and outside system assaults is another main consideration that would
frame the issue in the advancement of the compelling system. The assaults would bring about
making the framework unfit to work and process the inquiry. The assaults make the system
moderate and slow, as well as structures the issues of information capture attempt and phony.
Anybody would have the capacity to change the current information framing the issues in the
arrangement of the tasks for FNU. The DDoS assaults is a case for the assault on the system
that would bring about hurting the tasks of the exercises. System excess is identified with the
activity issues in the system that can be caused from think and incidental reasons.
Threats, Challenges and Vulnerabilities
Threats
There are different threats associated with the development of the network project and it
should be eliminated for the development of the network framework for the organization. The
source of the threat is important to be identified such that it can be blocked for mitigation of
the threats and increasing the security of the network. The threats acting on the security of the
network infrastructure of the First national university can be divided into external, internal,
structured and unstructured threats. The external threats are the threats that are acting on the
network from external agents such as unauthorised users that can compromise the security of
the university data.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
and administrations to outer people because of the cloud organization, improper access and
utilization of assets, unapproved and noxious inside and outside system assaults, and system
excess. The movement of the key applications and tasks would bring about making the
information and data accessible on the cloud stage that can be gotten to from any area
bringing about probability of information abuse and alteration. The likelihood of unapproved
and noxious inward and outside system assaults is another main consideration that would
frame the issue in the advancement of the compelling system. The assaults would bring about
making the framework unfit to work and process the inquiry. The assaults make the system
moderate and slow, as well as structures the issues of information capture attempt and phony.
Anybody would have the capacity to change the current information framing the issues in the
arrangement of the tasks for FNU. The DDoS assaults is a case for the assault on the system
that would bring about hurting the tasks of the exercises. System excess is identified with the
activity issues in the system that can be caused from think and incidental reasons.
Threats, Challenges and Vulnerabilities
Threats
There are different threats associated with the development of the network project and it
should be eliminated for the development of the network framework for the organization. The
source of the threat is important to be identified such that it can be blocked for mitigation of
the threats and increasing the security of the network. The threats acting on the security of the
network infrastructure of the First national university can be divided into external, internal,
structured and unstructured threats. The external threats are the threats that are acting on the
network from external agents such as unauthorised users that can compromise the security of
the university data.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
The threats in network connection can result in forming the issues in the deployment of the
network from external factors. The threats in network can be divided into four variants
namely external threat, internal threat, structured threat, and unstructured threat. The
unstructured threats to the network would include the inexperienced individuals using
password crackers and shell scripts. These two can be used for hacking into the easily
decrypted password protection and extract information. The structured threats involve the
inclusion of the threat of exploitation of the scripts and codes forming the major influence in
the development of the activities. The advanced hackers and cyber criminals would include
the use of advanced hacking methods for forming the major influence in the application
development. The external attacks would result in making the system unable to work and
process the query. The attacks not only make the network slow and sluggish, but it also forms
the issues of data interception and forgery. Anyone would be able to change the existing data
forming the issues in the alignment of the operations for FNU. The DDoS attacks is an
example for the attack on the network that would result in harming the operations of the
activities. The internal attacks are the person specific attacks caused by the person working in
the network gaining the authentication. The individuals might extract the information from
the network by gaining the access to the network and use it for personal use.
Challenges
The difficulties of the system are the different issues that would be created for the
organization of the system association. The usage had been confronting the issue of complex
ICT framework, huge fatigue of the assets, and the security issues. The likely hazard factors
for the system association organization at FNU are introduction of the key college
applications and administrations to outer people because of the cloud arrangement, wrong
access and utilization of assets, unapproved and vindictive inner and outside system assaults,
and system repetition. Every one of these issues would bring about shaping the significant
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
network from external factors. The threats in network can be divided into four variants
namely external threat, internal threat, structured threat, and unstructured threat. The
unstructured threats to the network would include the inexperienced individuals using
password crackers and shell scripts. These two can be used for hacking into the easily
decrypted password protection and extract information. The structured threats involve the
inclusion of the threat of exploitation of the scripts and codes forming the major influence in
the development of the activities. The advanced hackers and cyber criminals would include
the use of advanced hacking methods for forming the major influence in the application
development. The external attacks would result in making the system unable to work and
process the query. The attacks not only make the network slow and sluggish, but it also forms
the issues of data interception and forgery. Anyone would be able to change the existing data
forming the issues in the alignment of the operations for FNU. The DDoS attacks is an
example for the attack on the network that would result in harming the operations of the
activities. The internal attacks are the person specific attacks caused by the person working in
the network gaining the authentication. The individuals might extract the information from
the network by gaining the access to the network and use it for personal use.
Challenges
The difficulties of the system are the different issues that would be created for the
organization of the system association. The usage had been confronting the issue of complex
ICT framework, huge fatigue of the assets, and the security issues. The likely hazard factors
for the system association organization at FNU are introduction of the key college
applications and administrations to outer people because of the cloud arrangement, wrong
access and utilization of assets, unapproved and vindictive inner and outside system assaults,
and system repetition. Every one of these issues would bring about shaping the significant
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
issues for the execution of the system association for the FNU. The significant difficulties of
the task are Password assaults, Trust misuse, Port redirection, Man-in-the-center assaults,
Social designing, and Phishing.
Vulnerabilities
The vulnerabilities in the system association can be distinguished as the particular
'weaknesses' or interior shortcomings that can bring about the event of the system hazard
event. There are numerous reasons because of which the system issues can be raised and it
incorporates the likely factors of the plan or execution mistakes of FNU. The mechanical
vulnerabilities that may affect the system advancement security capacities are working
framework shortcomings, TCP/IP convention shortcomings, and system gear shortcomings.
The design that may affect the system improvement security capacities are utilization of
simple passwords that can be deciphered effortlessly, Unsecured client accounts, unsecured
default settings, and misconfigured web administrations. The security arrangement
shortcomings that may affect the system advancement security capacities are absence of
security strategy, absence of congruity, governmental issues, and absence of legitimate access
controls. These are the significant vulnerabilities order and vulnerabilities that can frame the
effect on the advancement of the system association for the FNU. The likelihood of
unapproved and pernicious inward and outer system assaults is another central point that
would shape the issue in the improvement of the powerful system.
Security Policies
Acceptable Use Policies
Email and Communications Policy
FNU First National University requires an email and communication policy for the
development of the network infrastructure and enabling secure communication within the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
the task are Password assaults, Trust misuse, Port redirection, Man-in-the-center assaults,
Social designing, and Phishing.
Vulnerabilities
The vulnerabilities in the system association can be distinguished as the particular
'weaknesses' or interior shortcomings that can bring about the event of the system hazard
event. There are numerous reasons because of which the system issues can be raised and it
incorporates the likely factors of the plan or execution mistakes of FNU. The mechanical
vulnerabilities that may affect the system advancement security capacities are working
framework shortcomings, TCP/IP convention shortcomings, and system gear shortcomings.
The design that may affect the system improvement security capacities are utilization of
simple passwords that can be deciphered effortlessly, Unsecured client accounts, unsecured
default settings, and misconfigured web administrations. The security arrangement
shortcomings that may affect the system advancement security capacities are absence of
security strategy, absence of congruity, governmental issues, and absence of legitimate access
controls. These are the significant vulnerabilities order and vulnerabilities that can frame the
effect on the advancement of the system association for the FNU. The likelihood of
unapproved and pernicious inward and outer system assaults is another central point that
would shape the issue in the improvement of the powerful system.
Security Policies
Acceptable Use Policies
Email and Communications Policy
FNU First National University requires an email and communication policy for the
development of the network infrastructure and enabling secure communication within the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
students and the staffs of the university. The new request coming from the different users and
should be managed and certificated should be used for verification of the authenticity of the
messages send and received for the different users connected in the network. The email
server should be configured with the user name and password such that it can be used for
sending and receiving emails between the different users. All the emails and the messages
should be transferred via the firewall connected in the network from securing the network
from spa emails and other vulnerable emails from the external email servers.
Internet and Network Access Policy
The access of the internet should not be allowed for the students connected in the labs
because it can increase the vulnerability of the lab computers. The users must be grouped by
configuring the windows servers’ active directory policy. The remote users i.e. the students
enrolled with the distance education learning program should be connected using a VPN link
via the radius server configured for the management of the activity of the remote users. The
access of the file server installed in the network should be restricted for most of the users
such that at the sensitive files of the university such as student records, staff records and the
other organizational data are kept secured.
Workstation Policy
The workstations deployed in the different areas of the network must be secured with the
application of the password management policy. The administrative functionality should not
be available for the normal users such that the user cannot install or remove any application
for performing mischievous activity on the workstation. Moreover the workstation should be
installed with antivirus such that it can be protected from spam emails and virus coming from
different sources. The work station should also be configured with DHCP connection such
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
should be managed and certificated should be used for verification of the authenticity of the
messages send and received for the different users connected in the network. The email
server should be configured with the user name and password such that it can be used for
sending and receiving emails between the different users. All the emails and the messages
should be transferred via the firewall connected in the network from securing the network
from spa emails and other vulnerable emails from the external email servers.
Internet and Network Access Policy
The access of the internet should not be allowed for the students connected in the labs
because it can increase the vulnerability of the lab computers. The users must be grouped by
configuring the windows servers’ active directory policy. The remote users i.e. the students
enrolled with the distance education learning program should be connected using a VPN link
via the radius server configured for the management of the activity of the remote users. The
access of the file server installed in the network should be restricted for most of the users
such that at the sensitive files of the university such as student records, staff records and the
other organizational data are kept secured.
Workstation Policy
The workstations deployed in the different areas of the network must be secured with the
application of the password management policy. The administrative functionality should not
be available for the normal users such that the user cannot install or remove any application
for performing mischievous activity on the workstation. Moreover the workstation should be
installed with antivirus such that it can be protected from spam emails and virus coming from
different sources. The work station should also be configured with DHCP connection such
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
that it can automatically receive the IP address from the DHCP server installed in the network
and enabling transfer of data packet in the network.
Network Security Policies
Antivirus Policy
The approach can be considered as an inside IT strategy which straightforwardly
characterizes the counter infection arrangement which is put on each PC which
fundamentally incorporate how regularly the sweep of the infection is done, what program
will be utilized as a part of the area of the discovery, expel of the malware program and
avoidance. The idea can be specifically identified with the part of what program would be
obstruct at the server and what kind of hostile to infection program would be keep running on
the server of the mail. It can be expressed that it can likewise be utilized to get an
unmistakable thought of the idea of what hostile to infection program will be open and keep
running on the server of the mail. The principle action which assume an exceptionally
fundamental part is the check of the records and what documents would be gotten to and what
are the courses by which the avoidance of the spread of the malware. The association in the
idea of the counter infection would utilize a specific against infection and the base necessity
identified with the counter infection are expressed beneath:
The library meaning of the antivirus ought to be refreshed no less than ones every
day.
The item which is identified with the antivirus ought to be worked in an ongoing way
on all the customer server and customer framework.
The idea which ought to be connected to the angle is the continuous security.
The check which is identified with the antivirus ought to be completed ones every
week and the principle thought which is contemplated would be founded on the part
of the server and the workstation.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
and enabling transfer of data packet in the network.
Network Security Policies
Antivirus Policy
The approach can be considered as an inside IT strategy which straightforwardly
characterizes the counter infection arrangement which is put on each PC which
fundamentally incorporate how regularly the sweep of the infection is done, what program
will be utilized as a part of the area of the discovery, expel of the malware program and
avoidance. The idea can be specifically identified with the part of what program would be
obstruct at the server and what kind of hostile to infection program would be keep running on
the server of the mail. It can be expressed that it can likewise be utilized to get an
unmistakable thought of the idea of what hostile to infection program will be open and keep
running on the server of the mail. The principle action which assume an exceptionally
fundamental part is the check of the records and what documents would be gotten to and what
are the courses by which the avoidance of the spread of the malware. The association in the
idea of the counter infection would utilize a specific against infection and the base necessity
identified with the counter infection are expressed beneath:
The library meaning of the antivirus ought to be refreshed no less than ones every
day.
The item which is identified with the antivirus ought to be worked in an ongoing way
on all the customer server and customer framework.
The idea which ought to be connected to the angle is the continuous security.
The check which is identified with the antivirus ought to be completed ones every
week and the principle thought which is contemplated would be founded on the part
of the server and the workstation.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
DMZ Policy
The fundamental strategy which is identified with the DMZ can be expressed as following:
• The hardware must be reported in the organization venture wide administration
framework. At the very least the accompanying angles ought to be thought about. The
primary purpose of accentuations would be on the area of area and host contacts, working
framework and equipment adaptation, fundamental capacity and the identifying with it the
application and the secret word which is identified with the advantaged gathering of
individuals.
• The interface which is identified with the system ought to have a fitting Domain
Name server (DNS).
• The gatherings of the secret key ought to be kept up utilizing the idea of the corporate
wide watchword procedure of administration framework.
• The changes which is identified with the part of the gear and the arrangement might
be identified with the new hardware and must take after a change administration strategies
and forms and the part of the corporate tutor.
Extranet Policy
All the new availability which is identified with the extranet ought to be gone through a
security audit which is connected with the data security division. The principle perspective
which is identified with the looking into is predominantly to guarantee that the coordinating
of the prerequisite of the most ideal way or approach of the arrangement is finished. Then
again another idea which ought to be thought about is the slightest access technique ought to
be taken after.
VPN and Remote Access (Work-at-home) Security Policy
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The fundamental strategy which is identified with the DMZ can be expressed as following:
• The hardware must be reported in the organization venture wide administration
framework. At the very least the accompanying angles ought to be thought about. The
primary purpose of accentuations would be on the area of area and host contacts, working
framework and equipment adaptation, fundamental capacity and the identifying with it the
application and the secret word which is identified with the advantaged gathering of
individuals.
• The interface which is identified with the system ought to have a fitting Domain
Name server (DNS).
• The gatherings of the secret key ought to be kept up utilizing the idea of the corporate
wide watchword procedure of administration framework.
• The changes which is identified with the part of the gear and the arrangement might
be identified with the new hardware and must take after a change administration strategies
and forms and the part of the corporate tutor.
Extranet Policy
All the new availability which is identified with the extranet ought to be gone through a
security audit which is connected with the data security division. The principle perspective
which is identified with the looking into is predominantly to guarantee that the coordinating
of the prerequisite of the most ideal way or approach of the arrangement is finished. Then
again another idea which ought to be thought about is the slightest access technique ought to
be taken after.
VPN and Remote Access (Work-at-home) Security Policy
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The Virtual private network should be configured in the router for allowing the remote user
to connect with the University network. The primary angle which is identified with the
remote access and the VPN that ought to be thought about is the idea which is identified with
the association of the VPN to the corporate system which can be thought to be particularly
shabby as identified with the idea of the processing. Then again if the thought of the electrical
cost and the membership of the VPN it can be expressed that it is especially taken a toll
agreeable approach.
The greater part of the association have a tendency to assign the angles which are identified
with the asset distribution of the BYOD. The association has specifically executed and built
up the BYOD methods, anyway it can be expressed it is especially inadequate with regards to
the angle which is identified with the help of the BYOD and the association claim gadget was
not actualized and this significantly brought about the part of the making of a negative
approach for the perspective of the client. These kind of association do exclude satisfactory
assets which are identified with the BYOD. The principle arrangement which can be
expressed here is clarified underneath:
The association and the BYOD representative can specifically share the duty which is
identified with the protection and the security of the data.
The impact of the approach would not impact the region of the responsibility for
association of the corporate data which is identified with the BYOD.
All the gadgets which are identified with the BYOD ought to have a screen bolt
connected to it which would upgrade the security which is identified with the
information which is put away in the gadget.
The antivirus programming ought to be introduced legitimately and the sweep of the
infection ought to be done occasionally which would influence the security of the
information and specifically would keep the information secured.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
to connect with the University network. The primary angle which is identified with the
remote access and the VPN that ought to be thought about is the idea which is identified with
the association of the VPN to the corporate system which can be thought to be particularly
shabby as identified with the idea of the processing. Then again if the thought of the electrical
cost and the membership of the VPN it can be expressed that it is especially taken a toll
agreeable approach.
The greater part of the association have a tendency to assign the angles which are identified
with the asset distribution of the BYOD. The association has specifically executed and built
up the BYOD methods, anyway it can be expressed it is especially inadequate with regards to
the angle which is identified with the help of the BYOD and the association claim gadget was
not actualized and this significantly brought about the part of the making of a negative
approach for the perspective of the client. These kind of association do exclude satisfactory
assets which are identified with the BYOD. The principle arrangement which can be
expressed here is clarified underneath:
The association and the BYOD representative can specifically share the duty which is
identified with the protection and the security of the data.
The impact of the approach would not impact the region of the responsibility for
association of the corporate data which is identified with the BYOD.
All the gadgets which are identified with the BYOD ought to have a screen bolt
connected to it which would upgrade the security which is identified with the
information which is put away in the gadget.
The antivirus programming ought to be introduced legitimately and the sweep of the
infection ought to be done occasionally which would influence the security of the
information and specifically would keep the information secured.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Wireless and BYOD Policy
The wireless access point should be installed in each of the floor of the building and should
be connected in the same VLAN such that a user connected with the wireless network could
not access the other network devices. The wireless access point should also be secured with
WPA PSK 2 password encryption from protecting the network from unauthorised users to
connect with the wireless network.
Firewall Policy
The primary perspective which can be expressed in setting of the firewall approach is that the
execution and the arranging of the engineering, programming and the strategies and different
parts which can be conveyed. It can be expressed here that the strategy which are identified
with the firewall can't be considered to dormant, this is because of the factor that as the
greater part of the diverse dangers factors are changing and as indicated by the dangers the
approach would change. The idea of the caution and logs ought to be thought about with a
specific end goal to recognize the diverse variables of the risk. This idea can be viewed as a
standout amongst the most indispensable variables which can be incorporated into the idea of
the security approach which is identified with the firewall.
Intrusion Detection Policy
The approach which can be incorporated into the part of the interruption discovery strategy
are expressed beneath:
• The recognition and the counteractive action which is identified with the information
which are viewed as particularly classified for the working of the association.
• Prevention of the uprightness which is identified with the hierarchical information
which is put away in the system.
• Keeping the system assets and the host accessible for the approved clients.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The wireless access point should be installed in each of the floor of the building and should
be connected in the same VLAN such that a user connected with the wireless network could
not access the other network devices. The wireless access point should also be secured with
WPA PSK 2 password encryption from protecting the network from unauthorised users to
connect with the wireless network.
Firewall Policy
The primary perspective which can be expressed in setting of the firewall approach is that the
execution and the arranging of the engineering, programming and the strategies and different
parts which can be conveyed. It can be expressed here that the strategy which are identified
with the firewall can't be considered to dormant, this is because of the factor that as the
greater part of the diverse dangers factors are changing and as indicated by the dangers the
approach would change. The idea of the caution and logs ought to be thought about with a
specific end goal to recognize the diverse variables of the risk. This idea can be viewed as a
standout amongst the most indispensable variables which can be incorporated into the idea of
the security approach which is identified with the firewall.
Intrusion Detection Policy
The approach which can be incorporated into the part of the interruption discovery strategy
are expressed beneath:
• The recognition and the counteractive action which is identified with the information
which are viewed as particularly classified for the working of the association.
• Prevention of the uprightness which is identified with the hierarchical information
which is put away in the system.
• Keeping the system assets and the host accessible for the approved clients.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Vulnerability Scanning Policy
In the idea of the powerlessness which is identified with the examining can be separated into
few part for instance the angle which is identified with the false positive. The primary
strategy which can be identified with the false positive is that the recognizable proof would
be done based on the messages or the corporate ticketing framework with the staff of the
security. The hazard which is identified with the adequate can be thought to be a standout
amongst the most essential segment which is identified with the arrangement of the change.
Internet Policy
The web arrangement can be straightforwardly be identified with the part of the entrance of
the highlights which are identified with the web. In the majority of the circumstances the
entrance to the element are made which specifically influence the usefulness of the
association. Then again it can be expressed that the security of the association can likewise be
endangered along these lines by methods for utilizing untrustworthy intends to accomplish
the coveted standard of working.
IP Address and Documentation Management Policy
The documentation arrangement that ought to be thought about masculine manages the
information of the association and the entrance of the information which assume a
commanding part which are specifically identified with the working of the association. The
documentation of the association can be viewed as a standout amongst the most indispensable
perspective as it can include the security of the association.
Physical Security Policies
External Protection
The outside security approaches are expressed beneath:
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
In the idea of the powerlessness which is identified with the examining can be separated into
few part for instance the angle which is identified with the false positive. The primary
strategy which can be identified with the false positive is that the recognizable proof would
be done based on the messages or the corporate ticketing framework with the staff of the
security. The hazard which is identified with the adequate can be thought to be a standout
amongst the most essential segment which is identified with the arrangement of the change.
Internet Policy
The web arrangement can be straightforwardly be identified with the part of the entrance of
the highlights which are identified with the web. In the majority of the circumstances the
entrance to the element are made which specifically influence the usefulness of the
association. Then again it can be expressed that the security of the association can likewise be
endangered along these lines by methods for utilizing untrustworthy intends to accomplish
the coveted standard of working.
IP Address and Documentation Management Policy
The documentation arrangement that ought to be thought about masculine manages the
information of the association and the entrance of the information which assume a
commanding part which are specifically identified with the working of the association. The
documentation of the association can be viewed as a standout amongst the most indispensable
perspective as it can include the security of the association.
Physical Security Policies
External Protection
The outside security approaches are expressed beneath:
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
The access to the server of the association ought to be constantly limited to the
approved individual of the association as it were.
Any sort of gear which is signed in and the evacuated ought to be kept in record
which would recognize the distinctive parts of the security.
The access ought to be arrangement of the association ought to include a security
check.
Internal Protection
The inner assurance can be considered as the approaches which are incorporated inside the
association essentially for the representative. The fundamental elements which can be thought
about are the accompanying viewpoints.
The association ought to know whether the distinctive sorts of action which is
performed in and around the association.
Keeping the PC framework safe from an unlawful action can be considered as one of
the essential strategy of the association.
The arrangement are straightforwardly identified with the part of the security of the
data which are arranged in understanding to the gear and the media transfer strategy.
Personnel Policies
Visitors Policy
The guest approach can be coordinated identified with the angle which is identified with the
entrance of the arrangement of the association which has put away information. On the off
chance that these information are gotten to by any third individual it can prompt a type of
significant issue for the client. There ought to be distinctive approaches which ought to be
joined to the perspective which would be security the information of the association.
Employee Hiring and Termination Policy
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
approved individual of the association as it were.
Any sort of gear which is signed in and the evacuated ought to be kept in record
which would recognize the distinctive parts of the security.
The access ought to be arrangement of the association ought to include a security
check.
Internal Protection
The inner assurance can be considered as the approaches which are incorporated inside the
association essentially for the representative. The fundamental elements which can be thought
about are the accompanying viewpoints.
The association ought to know whether the distinctive sorts of action which is
performed in and around the association.
Keeping the PC framework safe from an unlawful action can be considered as one of
the essential strategy of the association.
The arrangement are straightforwardly identified with the part of the security of the
data which are arranged in understanding to the gear and the media transfer strategy.
Personnel Policies
Visitors Policy
The guest approach can be coordinated identified with the angle which is identified with the
entrance of the arrangement of the association which has put away information. On the off
chance that these information are gotten to by any third individual it can prompt a type of
significant issue for the client. There ought to be distinctive approaches which ought to be
joined to the perspective which would be security the information of the association.
Employee Hiring and Termination Policy
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
The employing of the association would be founded on the part of the training and the
segment which would be specifically helping the association. In the event that any of the
worker enjoy into various kinds of untrustworthy angles into the working there ought to be
distinctive sorts of strategy which would be expressed.
User training Policy
The user should be trained for using the network securely and maintain the security policy for
the development of the network project. A trainer must be engaged for training and the latest
technology should be evaluated by the trainer for the development of the network solution for
First National University.
Data Policies
Information Classification and Sensitivity Policy
The sensitive information of the university should be encrypted and stored in the files server
such that if it is accessed by any illegal personnel it cannot be decrypted for getting the
original file. It adds two level of protection to the network and thus the sensitive information
can be kept secured.
Encryption Policy
Symmetric key encryption should be used for securing the organizational information and it
helps in securing the data that is backed up in the cloud servers. The encryption policy can
also negatively affect the security of the network because it takes more time to access the data
residing on the server.
Backup Policy
The data backup servers should be deployed using a demilitarized zone such that the access
of the backup server is restricted for the normal users connected in the network. The backup
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
segment which would be specifically helping the association. In the event that any of the
worker enjoy into various kinds of untrustworthy angles into the working there ought to be
distinctive sorts of strategy which would be expressed.
User training Policy
The user should be trained for using the network securely and maintain the security policy for
the development of the network project. A trainer must be engaged for training and the latest
technology should be evaluated by the trainer for the development of the network solution for
First National University.
Data Policies
Information Classification and Sensitivity Policy
The sensitive information of the university should be encrypted and stored in the files server
such that if it is accessed by any illegal personnel it cannot be decrypted for getting the
original file. It adds two level of protection to the network and thus the sensitive information
can be kept secured.
Encryption Policy
Symmetric key encryption should be used for securing the organizational information and it
helps in securing the data that is backed up in the cloud servers. The encryption policy can
also negatively affect the security of the network because it takes more time to access the data
residing on the server.
Backup Policy
The data backup servers should be deployed using a demilitarized zone such that the access
of the backup server is restricted for the normal users connected in the network. The backup
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
server should redundantly store the data such that no data is lost and the recovery time in case
of emergency condition is kept minimum.
Password Management and Complexity Policy
The minimum length of the password used for the network devices should be 12 characters
long and it should be a combination of numerical, alphabet and a special character and it can
be set through the windows server installed in the network. The short password can be easily
broken using brute force attacks and thus for increasing the security of the network password
management is important for the organization.
System and Hardware Policies
Hardware Lifecycle and Disposal Policy
The old hardware device that are needed to be replaced with the new ones should be updated
with the latest hardware components such that it can survive for a longer period of time as the
technology is changing. Updating the hardware with the latest technology helps in increasing
the performance of the network.
Workstation Policy
For the management of the workstations connected in the network it is important to create a
workstation policy and increase the security of the network. The workstations should be
protect with password management and its access should be restricted depending upon the
group management policy created for the network.
Switch and Router Policy
The switch and the router deployed for transmission of data packets in the network should be
configured with password such that the configuration cannot be modified by any third party
user by intruding into the organizational network. The router and the switch should also be
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
of emergency condition is kept minimum.
Password Management and Complexity Policy
The minimum length of the password used for the network devices should be 12 characters
long and it should be a combination of numerical, alphabet and a special character and it can
be set through the windows server installed in the network. The short password can be easily
broken using brute force attacks and thus for increasing the security of the network password
management is important for the organization.
System and Hardware Policies
Hardware Lifecycle and Disposal Policy
The old hardware device that are needed to be replaced with the new ones should be updated
with the latest hardware components such that it can survive for a longer period of time as the
technology is changing. Updating the hardware with the latest technology helps in increasing
the performance of the network.
Workstation Policy
For the management of the workstations connected in the network it is important to create a
workstation policy and increase the security of the network. The workstations should be
protect with password management and its access should be restricted depending upon the
group management policy created for the network.
Switch and Router Policy
The switch and the router deployed for transmission of data packets in the network should be
configured with password such that the configuration cannot be modified by any third party
user by intruding into the organizational network. The router and the switch should also be
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
configured with different VLAN such that the broadcasting of the packets is reduced in the
network and thus the congestion in the network is reduced.
Server Security Policy
The maintenance of the server is important for serving the different needs of the users
connected in the network. The physical access of the servers should also be restricted for the
users and maintaining the health of the server helps in increasing the efficiency of the
network and serve the query of the users.
Logging Policy
The authorised user should be able to use the workstations and the servers using the password
provided by the user and it is used for enforcing the security controls on the project. The user
needs to log in to the workstation according to the active directory configuration.
Disaster Recovery and Business Continuity
Business Impact Analysis – The potential risk should be analyzed for the
development of the secure network framework for the first national university and for
inimizing the impct of the risk. The building up of the recovery site helps in reducing
the risk and increase the redundancy of the data residing in the local server. It also
helps in maintaining a continuity in the current business of the organization. The
network plan is created for keeping the network up for all them time and make the
devices 99.9% available in the network for 24 * 7 hours. If the network is doeen this
could affect the performance of the buisness and cause a huge loss for the univeersity.
Insurance Consideration – Backup plan should be created and the network device
must be connected with redundant link such that if a link fails the the sender can use
the redundant link to send and receive the data packet in the network. The network
device are highly valuable asset for the organization and the damage of the device can
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
network and thus the congestion in the network is reduced.
Server Security Policy
The maintenance of the server is important for serving the different needs of the users
connected in the network. The physical access of the servers should also be restricted for the
users and maintaining the health of the server helps in increasing the efficiency of the
network and serve the query of the users.
Logging Policy
The authorised user should be able to use the workstations and the servers using the password
provided by the user and it is used for enforcing the security controls on the project. The user
needs to log in to the workstation according to the active directory configuration.
Disaster Recovery and Business Continuity
Business Impact Analysis – The potential risk should be analyzed for the
development of the secure network framework for the first national university and for
inimizing the impct of the risk. The building up of the recovery site helps in reducing
the risk and increase the redundancy of the data residing in the local server. It also
helps in maintaining a continuity in the current business of the organization. The
network plan is created for keeping the network up for all them time and make the
devices 99.9% available in the network for 24 * 7 hours. If the network is doeen this
could affect the performance of the buisness and cause a huge loss for the univeersity.
Insurance Consideration – Backup plan should be created and the network device
must be connected with redundant link such that if a link fails the the sender can use
the redundant link to send and receive the data packet in the network. The network
device are highly valuable asset for the organization and the damage of the device can
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
cause a huge loss for the organization. Considering the financial loss it should be
insured such that the loss can be handled.
Incident Response Team – the incident team is responsible to take appropriate action
for securing the network solution and responding against any incident that can hamper
the security of the network. The incident response is a basic action that is taken for
any illegal action acting on the network. An incident response team should be created
for monitoring the data traffic and the flow of data in the network. The illegal activity
shoud be marked and an error report should be generated for the development of the
network solution.
Physical Safeguards – This includes the development of the security policy and
procedures used for securing the first national university network solution. The
installation of te deveice in the secure location is also required for protecting them
from physical access and damage. The network device and the servers sgoud be kept
under survelliance such that proof can be gathered if any illegal attempt is made for
damaging the network componnets.
Prepared Items – It is used for ana;lyzing the state of the first national university for
its expansion. The new hardware devooce that are required for expansion of the
network shou;d be identified for protecting the network from external agents. The
level of security that should be implemented in the network should be identified for
maintaining it scontinuity in the busienss.
Incident Response Procedures – The activity that should be performed for increasing
the security of the network should be outlined and effective decsion should be taken
before its impllememtation in the current networ for the firs national university. The
company should face minim loss due to an incident and the recovery time of the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
insured such that the loss can be handled.
Incident Response Team – the incident team is responsible to take appropriate action
for securing the network solution and responding against any incident that can hamper
the security of the network. The incident response is a basic action that is taken for
any illegal action acting on the network. An incident response team should be created
for monitoring the data traffic and the flow of data in the network. The illegal activity
shoud be marked and an error report should be generated for the development of the
network solution.
Physical Safeguards – This includes the development of the security policy and
procedures used for securing the first national university network solution. The
installation of te deveice in the secure location is also required for protecting them
from physical access and damage. The network device and the servers sgoud be kept
under survelliance such that proof can be gathered if any illegal attempt is made for
damaging the network componnets.
Prepared Items – It is used for ana;lyzing the state of the first national university for
its expansion. The new hardware devooce that are required for expansion of the
network shou;d be identified for protecting the network from external agents. The
level of security that should be implemented in the network should be identified for
maintaining it scontinuity in the busienss.
Incident Response Procedures – The activity that should be performed for increasing
the security of the network should be outlined and effective decsion should be taken
before its impllememtation in the current networ for the firs national university. The
company should face minim loss due to an incident and the recovery time of the
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
network should be minimum shuch that more number of requests can be served at a
time.
Restoration Procedures – the redundancy of the data in the backup file server helps in
restoring the data at a faster speed. The data should be stored usingb a distributed
network architecture such that different network paths are created for connecting with
the database of the backup server. The cloud servers can also be used for backup and
restoration but its take more time than the backup server created in the remote
location.
Forensics Considerations – Different forenseic methodology can be applied for the
identification of the illegal attempt on the server. The use of penetration testing helps
in identification of the vulnerability of the network and different exploitation is made
for securing the network from illegal users to reach the core part of the network.
Maintaining the Plan – A maintainance plan should be created for regularly updating
the server and applicatoon of patch such that servers are protected from new threats
that can affect the perfromance of the network solution. A network security
maintainance plan is created and helps in mitigation of the different risk associated
with the development of the information system.
Security Strategies and Recommended Controls
Security Strategies – The security strategy that are required to be incorporated for the
development of the network security is the access control of the servers installed in
different areas of the network. This startegy is followed in most of the organization
such that the different threats action on the network is eliminated. The issues and the
threats associated with network should be mitigated for analyzing the needs in the
network. For reducing the chances of the network failure redundant links are used in
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
time.
Restoration Procedures – the redundancy of the data in the backup file server helps in
restoring the data at a faster speed. The data should be stored usingb a distributed
network architecture such that different network paths are created for connecting with
the database of the backup server. The cloud servers can also be used for backup and
restoration but its take more time than the backup server created in the remote
location.
Forensics Considerations – Different forenseic methodology can be applied for the
identification of the illegal attempt on the server. The use of penetration testing helps
in identification of the vulnerability of the network and different exploitation is made
for securing the network from illegal users to reach the core part of the network.
Maintaining the Plan – A maintainance plan should be created for regularly updating
the server and applicatoon of patch such that servers are protected from new threats
that can affect the perfromance of the network solution. A network security
maintainance plan is created and helps in mitigation of the different risk associated
with the development of the information system.
Security Strategies and Recommended Controls
Security Strategies – The security strategy that are required to be incorporated for the
development of the network security is the access control of the servers installed in
different areas of the network. This startegy is followed in most of the organization
such that the different threats action on the network is eliminated. The issues and the
threats associated with network should be mitigated for analyzing the needs in the
network. For reducing the chances of the network failure redundant links are used in
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
the network and two ISPs are selected such that the internet failure are handled. The
backup links shcould be created that should directly allow the admin to reach the
server for miantainnace of the server. The roles and responsibility of the users
connected in the network should be defined and different aspects should be
considered for the development of the network framework.
Specific recomended Controls to mitigate the risks uncovered – The risk rising from
different sources should be identified for the development of the secure netwrok
solution. The workstations and the accesspoint should be secured such that it cannot
be accessed by the illegal users for intruding into the network. The main focus should
be given on the security of the network and the connection of the netwok device
should be used using secure links and a penetration testing should be done on the
network designed for First national university for identification of the flaws in the
network. There are other different approaches that can also be implemented for the
identifiaction of the risk. The identification of the errors in the early stages of the
project development helps in delivering a successful network solution.
Residual Risks
List of Residual Risks – The residual risk depends on different factors such as the password
attacks and the exploitation of the trust. The man in thye middle attacks and the social
engineering attacks can cause different vulnerability and for elimination of the error the risk
must be eliminated. The residual risk can also affect the performance of the network can
cause delay by consuming the bandwidth of the network channel.
Residual Risk Management Plan –
WBS Task Name CQU project
Supervisor
Student 1 Student 2
1.1.1 Drafting project C R / A R / A
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
backup links shcould be created that should directly allow the admin to reach the
server for miantainnace of the server. The roles and responsibility of the users
connected in the network should be defined and different aspects should be
considered for the development of the network framework.
Specific recomended Controls to mitigate the risks uncovered – The risk rising from
different sources should be identified for the development of the secure netwrok
solution. The workstations and the accesspoint should be secured such that it cannot
be accessed by the illegal users for intruding into the network. The main focus should
be given on the security of the network and the connection of the netwok device
should be used using secure links and a penetration testing should be done on the
network designed for First national university for identification of the flaws in the
network. There are other different approaches that can also be implemented for the
identifiaction of the risk. The identification of the errors in the early stages of the
project development helps in delivering a successful network solution.
Residual Risks
List of Residual Risks – The residual risk depends on different factors such as the password
attacks and the exploitation of the trust. The man in thye middle attacks and the social
engineering attacks can cause different vulnerability and for elimination of the error the risk
must be eliminated. The residual risk can also affect the performance of the network can
cause delay by consuming the bandwidth of the network channel.
Residual Risk Management Plan –
WBS Task Name CQU project
Supervisor
Student 1 Student 2
1.1.1 Drafting project C R / A R / A
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
proposal
1.1.2 Analysing Resource
requirements
- R / A R / A
1.1.3 Areas identifying C R / A C
1.1.4.1 Business analysis - I R / A
1.1.4.2 Technical Goals
identification
C R / A C
1.1.4.3 Determining project
constraints
C R C
1.1.4.4 Network assets analysis I R / A C
1.2.1 Logical network I C / I R / A
1.2.2.1 Developing network
design
C / I R R
1.2.2.2 Wireless connectivity C / I R / A C
1.2.2.3 DMX router installation C / I C R
1.2.3.1 Identifying routers and
switches requirement
C / I I R
1.2.3.2 Sub netting I I R
1.2.3.3 IP address allocation C / I I R
1.2.3.4 Network Deployment I R / A C
1.2.3.5 Security Policies C R / A C
1.2.3.6 Risk analysis C / I C R / A
1.2.3.7 Business Continuity
proposal
C I R / A
1.2.3.8 Network security
Policies Review
C C R / A
1.2.3.9 Information Security C R / A C
1.2.3.10 creating security
policies
I R / A C
1.2.3.11 Risk Mitigation C C R
1.3.1 Designing C / I R / A I
1.3.2 implementing
authorization
C / I R / A C
1.3.3 Configuring and testing I C / I R / A
1.4.1 evaluating IPD and IPS C R C
1.4.2 Installation and
configuration
C I R
1.4.3 WEB testing I R / A I
1.4.4 DNS server testing C / I R R
1.5.1 Contract release I I R / A
1.5.2 Documentation Sign-off C / I R R
1.5.3 project Report I C / R R
1.5.4 Resources release I R C / R
Severity Negligible Minor Moderate Major Extreme
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
1.1.2 Analysing Resource
requirements
- R / A R / A
1.1.3 Areas identifying C R / A C
1.1.4.1 Business analysis - I R / A
1.1.4.2 Technical Goals
identification
C R / A C
1.1.4.3 Determining project
constraints
C R C
1.1.4.4 Network assets analysis I R / A C
1.2.1 Logical network I C / I R / A
1.2.2.1 Developing network
design
C / I R R
1.2.2.2 Wireless connectivity C / I R / A C
1.2.2.3 DMX router installation C / I C R
1.2.3.1 Identifying routers and
switches requirement
C / I I R
1.2.3.2 Sub netting I I R
1.2.3.3 IP address allocation C / I I R
1.2.3.4 Network Deployment I R / A C
1.2.3.5 Security Policies C R / A C
1.2.3.6 Risk analysis C / I C R / A
1.2.3.7 Business Continuity
proposal
C I R / A
1.2.3.8 Network security
Policies Review
C C R / A
1.2.3.9 Information Security C R / A C
1.2.3.10 creating security
policies
I R / A C
1.2.3.11 Risk Mitigation C C R
1.3.1 Designing C / I R / A I
1.3.2 implementing
authorization
C / I R / A C
1.3.3 Configuring and testing I C / I R / A
1.4.1 evaluating IPD and IPS C R C
1.4.2 Installation and
configuration
C I R
1.4.3 WEB testing I R / A I
1.4.4 DNS server testing C / I R R
1.5.1 Contract release I I R / A
1.5.2 Documentation Sign-off C / I R R
1.5.3 project Report I C / R R
1.5.4 Resources release I R C / R
Severity Negligible Minor Moderate Major Extreme
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Probability
Rare Social
Engineering
Attack
Unlikely Port
Redirection
Possible Trust
Exploitation
Likely Man-In-
The-Middle
Attacks
Password
Attacks
Almost
Certain
Resources
The main resource identified for the development of the network solution is the router,
switch, network cables, servers and the network administrators. The resources should be
connected with each other for development of a successful network solution. A list of
resources should be maintained for the main campus, regional campus and the other sites of
the First national University for planning the cost and schedule for the development of the
network. The material resources such as tangible and non-tangible resources should be
identified for the development of the network platform. The testing tools can also be
considered as the resources because it helps in designing the network solution and
identification of the errors. The audit group and the network engineers are considered as the
resources for the development of the network solution.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Rare Social
Engineering
Attack
Unlikely Port
Redirection
Possible Trust
Exploitation
Likely Man-In-
The-Middle
Attacks
Password
Attacks
Almost
Certain
Resources
The main resource identified for the development of the network solution is the router,
switch, network cables, servers and the network administrators. The resources should be
connected with each other for development of a successful network solution. A list of
resources should be maintained for the main campus, regional campus and the other sites of
the First national University for planning the cost and schedule for the development of the
network. The material resources such as tangible and non-tangible resources should be
identified for the development of the network platform. The testing tools can also be
considered as the resources because it helps in designing the network solution and
identification of the errors. The audit group and the network engineers are considered as the
resources for the development of the network solution.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Conclusion
From the report of comprehensive network security plan it can be concluded that with the
development of the network security policy report the errors and vulnerabilities in the
network should be identified. The security policy should be developed for securing the
network components and identification of the areas that should be developed in the network.
The different networking policy that can be implemented for securing the network is
documented in the report. The areas of improvement of the current network for enabling the
up time of the network should be identified for securing the network unauthorised access and
increasing the flexibility of the network. The risk associated with the network should be
identified and a risk mitigation plan is created for eliminating the risk associated with the
development of the project.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
From the report of comprehensive network security plan it can be concluded that with the
development of the network security policy report the errors and vulnerabilities in the
network should be identified. The security policy should be developed for securing the
network components and identification of the areas that should be developed in the network.
The different networking policy that can be implemented for securing the network is
documented in the report. The areas of improvement of the current network for enabling the
up time of the network should be identified for securing the network unauthorised access and
increasing the flexibility of the network. The risk associated with the network should be
identified and a risk mitigation plan is created for eliminating the risk associated with the
development of the project.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
References
Bowerman, S.K., 2017. Cybersecurity Threats and Technology Applications in Homeland
Security. Homeland Security Technologies for the 21st Century, p.135.
DeLoach, S.A., Ou, X., Zhuang, R. and Zhang, S., 2014. Model-driven, moving-target
defense for enterprise network security. In Models@ run. time (pp. 137-161). Springer,
Cham.
Fedorchenko, A., Kotenko, I.V. and Chechulin, A., 2015. Integrated Repository of Security
Information for Network Security Evaluation. JoWUA, 6(2), pp.41-57.
Jeszeck, C., Granger, K., Gregory, J., Bowman, M.F. and Sen, A., 2016. Retirement Security:
Better Information on Income Replacement Rates Needed to Help Workers Plan for
Retirement.
Ji, Y.Y., Yu, C.L. and Wang, B., 2015. Security System Research in the Government
Network.
Khyavi, M.H. and Rahimi, M., 2016, March. Conceptual model for security in next
generation network. In Advanced Information Networking and Applications Workshops
(WAINA), 2016 30th International Conference on (pp. 591-595). IEEE.
Kizza, J.M., 2017. Guide to computer network security. Springer.
Knapp, E.D. and Langill, J.T., 2014. Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
Kutscher, D., Eum, S., Pentikousis, K., Psaras, I., Corujo, D., Saucez, D., Schmidt, T. and
Waehlisch, M., 2014. ICN research challenges. Work in progress.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Bowerman, S.K., 2017. Cybersecurity Threats and Technology Applications in Homeland
Security. Homeland Security Technologies for the 21st Century, p.135.
DeLoach, S.A., Ou, X., Zhuang, R. and Zhang, S., 2014. Model-driven, moving-target
defense for enterprise network security. In Models@ run. time (pp. 137-161). Springer,
Cham.
Fedorchenko, A., Kotenko, I.V. and Chechulin, A., 2015. Integrated Repository of Security
Information for Network Security Evaluation. JoWUA, 6(2), pp.41-57.
Jeszeck, C., Granger, K., Gregory, J., Bowman, M.F. and Sen, A., 2016. Retirement Security:
Better Information on Income Replacement Rates Needed to Help Workers Plan for
Retirement.
Ji, Y.Y., Yu, C.L. and Wang, B., 2015. Security System Research in the Government
Network.
Khyavi, M.H. and Rahimi, M., 2016, March. Conceptual model for security in next
generation network. In Advanced Information Networking and Applications Workshops
(WAINA), 2016 30th International Conference on (pp. 591-595). IEEE.
Kizza, J.M., 2017. Guide to computer network security. Springer.
Knapp, E.D. and Langill, J.T., 2014. Industrial Network Security: Securing critical
infrastructure networks for smart grid, SCADA, and other Industrial Control Systems.
Syngress.
Kutscher, D., Eum, S., Pentikousis, K., Psaras, I., Corujo, D., Saucez, D., Schmidt, T. and
Waehlisch, M., 2014. ICN research challenges. Work in progress.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
Macklin, T. and Mathews, J., 2017, May. Big data, little security: Addressing security issues
in your platform. In Next-Generation Analyst V (Vol. 10207, p. 102070G). International
Society for Optics and Photonics.
Riabov, A., Sohrabi, S., Udrea, O. and Hassanzadeh, O., 2016. Efficient high quality plan
exploration for network security. In International Scheduling and Planning Applications
woRKshop (SPARK).
Rullo, A., Serra, E., Bertino, E. and Lobo, J., 2017, June. Shortfall-Based Optimal Security
Provisioning for Internet of Things. In Distributed Computing Systems (ICDCS), 2017 IEEE
37th International Conference on (pp. 2585-2586). IEEE.
Wang, Y., Chau, P. and Chen, F., 2015, August. A framework for security-aware virtual
network embedding. In Computer Communication and Networks (ICCCN), 2015 24th
International Conference on (pp. 1-7). IEEE.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
in your platform. In Next-Generation Analyst V (Vol. 10207, p. 102070G). International
Society for Optics and Photonics.
Riabov, A., Sohrabi, S., Udrea, O. and Hassanzadeh, O., 2016. Efficient high quality plan
exploration for network security. In International Scheduling and Planning Applications
woRKshop (SPARK).
Rullo, A., Serra, E., Bertino, E. and Lobo, J., 2017, June. Shortfall-Based Optimal Security
Provisioning for Internet of Things. In Distributed Computing Systems (ICDCS), 2017 IEEE
37th International Conference on (pp. 2585-2586). IEEE.
Wang, Y., Chau, P. and Chen, F., 2015, August. A framework for security-aware virtual
network embedding. In Computer Communication and Networks (ICCCN), 2015 24th
International Conference on (pp. 1-7). IEEE.
*Networks and Information Security Case study - Copyright © Edilson Arenas - CQUniversity
1 out of 27
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.