Network security proposal part 2

Network Security Proposal Template

Network Security Proposal

Prepared by:

Student Name

I. Analysis and Planning

A. Vulnerability Assessment

Requirements

In the requirements section, students will make explicit UMUC’s requirements for a vulnerability assessment. Use the information provided in the TestOut LabSim and the scenario to explain the requirements for UMUC need to a vulnerability assessment. If you need more information, feel free to ask your instructor or make some assumptions. If you make assumptions, be sure to list them. This section should be used to describe the vulnerability assessment requirements of the task at hand. That is, you will be making explicit the requirements as you understand them, which will lead to the next section (your proposed solution). See below for an example. Given this section requires information related to vulnerability assessments, students should review TestOut LabSim section 11 (Assessments and Audits), and use additional resources as necessary.

Example ( Note: The paragraph that follows is an example. It is expected that students will use this as a reference only. Do not copy and paste into your network security proposal. Remember to include references and cite your work per the IEEE standard.)

Secure Network Contractors believes that students, faculty, and staff health, well­being, and morale have a significant impact on the learning experience and productivity of the academic institution. The university wants to ensure a secure operating environment for the students, faculty and staff. In order to achieve that desire, a current understanding of any vulnerabilities that may exist is necessary. Therefore, a requirement for the university is to perform a vulnerability assessment on the existing configuration. Below we make explicit how we will successfully achieve this requirement. That is, we propose what can be done to achieve the requirement of the vulnerability assessment. Then, we justify why this is a necessary requirement for the Network Security Proposal. Etc… (Students should continue to explain the technical requirements).

Proposed Solution

In the proposed solution section, students will provide details of the proposed solution, based on the technical requirements and assumptions. Student should be specific and use additional resources as necessary. For example, if the solution is to perform a vulnerability assessment with a vulnerability scanner, research the types of vulnerability scanners currently available. Select one and describe it to the reader. Given this section requires us to understand vulnerability assessments, students should review TestOut LabSim section 11 (Assessments and Audits), and use additional resources as necessary.

Example ( Note: The paragraph that follows is an example. It is expected that students will use this as a reference only. Do not copy and paste into your network security proposal. Remember to include references and cite your work per the IEEE standard.)

Secure Network Contractors has researched the available vulnerabilities scanners that will allow us to meet the requirement of performing a vulnerability assessment on the UMUC network. A vulnerability scanner is a software program that passively searches an application, computer, or network for weaknesses. [1] Weaknesses in the context of a vulnerability assessment relate to vulnerabilities such as open ports, active IP addresses, running application or services, missing critical patches, default user accounts that have not been disabled, default or blank passwords, misconfiguration, and missing security controls. [1] The solutions available include freely available scanners, and those that can be purchased. The differences between these two types of vulnerability scanners are based on their functionality and outputs. For example, some vulnerability scanners that are free offer a command line tool to perform the scan. Some of the paid vulnerability scanners offer an intuitive, Graphical User Interface (GUI) that allows for a point-and-click solution. The output provided by the scanners range from a list of vulnerabilities to a graphical depiction of the network. Secure Network Contractors recommends an initial vulnerability scan with a freely available tool called Open Vulnerability Assessment System (OpenVAS), so that we can understand the existing network security posture. After we perform the necessary patches and network security implementation described in the remainder of the proposal, we suggest performing a second vulnerability assessment with a second vulnerability scanner tool. This will enable us to initially identify vulnerabilities, fix them to the best of our ability, implement additional security mechanisms, and then rescan the network a second time with another vulnerability scanner to see how well we did. The process is repeatable and should be used continuously to provide situational awareness of our network security posture. Etc… (Students should continue to explain the technical requirements).

Justification

This section should be used to justify your proposed solution based on the requirement(s). That is, you are explaining why you proposed the solution in the aforementioned paragraph, based on the requirement you made explicit in aforementioned paragraph. Each section should allow the reader to proceed from requirement, to solution, to justification. Given this section requires us to understand vulnerability assessments, students should review TestOut LabSim section 11 (Assessments and Audits), and use additional resources as necessary.

Example ( Note: The paragraph that follows is an example. It is expected that students will use this as a reference only. Do not copy and paste into your network security proposal. Remember to include references and cite your work per the IEEE standard.)

Secure Network Contractors believes that Open Vulnerability Assessment System (OpenVAS) is the best solution based on the requirements described by the University of Maryland University College (UMUC). Specifically, the requirement that we perform a vulnerability assessment. This initial assessment will be one of many we propose are performed. We proposed OpenVAS because it is free, with most components licensed under the GNU General Public License (GNU GPL). OpenVAS requires an initial configuration on a Linux-based host, but provides an intuitive and easy to manage backend to determine network and host-based vulnerabilities. Etc… (Students should continue to explain their justification).

B. Security Policy

Requirements

In the requirements section, students will make explicit UMUC’s requirements for a security policy. Given this section requires information related to security policies, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Proposed Solution

In the proposed solution section, students will provide details of the proposed solution, based on the technical requirements and assumptions. Student should be specific and use additional resources as necessary. Given this section requires us to understand security policies, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Justification

This section should be used to justify your proposed solution based on the requirement(s). That is, you are explaining why you proposed the solution in the aforementioned paragraph, based on the requirement you made explicit in aforementioned paragraph. Each section should allow the reader to proceed from requirement, to solution, to justification. Given this section requires us to understand security policies, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

C. Risk Management

Requirements

In the requirements section, students will make explicit UMUC’s requirements for a security policy. Given this section requires information related to risk management, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Proposed Solutions

In the proposed solution section, students will provide details of the proposed solution, based on the technical requirements and assumptions. Student should be specific and use additional resources as necessary. Given this section requires us to understand risk management, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Justification

This section should be used to justify your proposed solution based on the requirement(s). That is, you are explaining why you proposed the solution in the aforementioned paragraph, based on the requirement you made explicit in aforementioned paragraph. Each section should allow the reader to proceed from requirement, to solution, to justification. Given this section requires us to understand risk management, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

D. Business Continuity Plan

Requirements

In the requirements section, students will make explicit UMUC’s requirements for a business continuity plan. Given this section requires information related to a business continuity plan, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Proposed Solutions

In the proposed solution section, students will provide details of the proposed solution, based on the technical requirements and assumptions. Student should be specific and use additional resources as necessary. Given this section requires us to understand business continuity plan, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

Justification

This section should be used to justify your proposed solution based on the requirement(s). That is, you are explaining why you proposed the solution in the aforementioned paragraph, based on the requirement you made explicit in aforementioned paragraph. Each section should allow the reader to proceed from requirement, to solution, to justification. Given this section requires us to understand business continuity planning, students should review TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additional resources as necessary.

E. Access Controls

Requirements

In the requirements section, students will make explicit UMUC’s requirements for a access controls. Given this section requires information related to access controls, students should review TestOut LabSim section 2 (Access Controls and Identity Management), and use additional resources as necessary.

Proposed Solutions

In the proposed solution section, students will provide details of the proposed solution, based on the technical requirements and assumptions. Student should be specific and use additional resources as necessary. Given this section requires us to understand access controls, students should review TestOut LabSim section 2 (Access Controls and Identity Management), and use additional resources as necessary.

Justification

This section should be used to justify your proposed solution based on the requirement(s). That is, you are explaining why you proposed the solution in the aforementioned paragraph, based on the requirement you made explicit in aforementioned paragraph. Each section should allow the reader to proceed from requirement, to solution, to justification. Given this section requires us to understand access controls, students should review TestOut LabSim section 2 (Access Controls and Identity Management), and use additional resources as necessary.