Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Security infrastructure design document example

25/12/2020 Client: saad24vbs Deadline: 3 days

Scenario:


Overview: Now that you’re super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets.


Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements.


About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you on as a security consultant to help bring their operations into better shape.


Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:


· An external website permitting users to browse and purchase widgets


· An internal intranet website for employees to use


· Secure remote access for engineering employees


· Reasonable, basic firewall rules


· Wireless coverage in the office


· Reasonably secure configurations for laptops


Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices.


Engineers will require access to internal websites, along with remote, command line access to their workstations.


Grading: This is a required assignment for the module.


What you'll do: You’ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements and the following elements should be incorporated into your plan:


· Authentication system


· External website security


· Internal website security


· Remote access solution


· Firewall and basic rules recommendations


· Wireless security


· VLAN configuration recommendations


· Laptop security configuration


· Application policy recommendations


· Security and privacy policy recommendations


· Intrusion detection or prevention for systems containing customer data


**** This is an example*** I found same assignment on Chegg.com****


Introduction


This document describes how the functional and nonfunctional requirements recorded in the Requirements Document and the preliminary user-oriented functional design based on the design specifications.


Furthermore, it describes the design goals in accordance with the requirements, by providing a high-level overview of the system architecture, and describes the data design associated with the system, as well as the human-machine scenarios in terms of interaction and operation. The high-level system design is further decomposed into low-level detailed design specifications including hardware, software, data storage and retrieval mechanisms and external interfaces.


Purpose of the Security Infrastructure Design Document


The Security Infrastructure Design Document helps to document and track the necessary information required to effectively define architecture and system design in order to give the guidance on the security architecture of the IT environment that is going to be established.


2. General Overview and Design Approach


2.1 General Overview


The client requires an IT infrastructure to perform their business activities that involve e-commerce applications and internal VPN access for their customers as well as employees with a high priority on the security and privacy of customer information and of the client’s as well


2.2 Assumptions/Constraints/Risks


Assumptions


It has been assumed that the employees are increased by 5% every year thereby reflecting the usage of the network bandwidth and increase of the devices that are connected to the enterprise network infrastructure.


Constraints


The following are the key considerations associated with the security of the infrastructure:


· Authentication system


· External website security


· Internal website security


· Remote access solution


· Firewall and basic rules recommendations


· Wireless security


· VLAN configuration recommendations


· Laptop security configuration


· Application policy recommendations


· Security and privacy policy recommendations


· Intrusion detection or prevention for systems containing customer data


Risks


Since the infrastructure is meant to carry out the e-commerce related transactions that may involve third party merchant authorizations and financial related issues, a strict security mechanism needs to be enforced so as to ensure that there is no such issue related in customers transactions as it may affect the reputation of the organization.


Additionally, there should be a backup mechanism to take the data backups at regular intervals to deal with any unwanted situations like system failures, attacks by intruders etc.,


2.3 Alignment with Federal Enterprise Architecture


The proposed architecture strictly complies with federal Enterprise architecture, All the protocols being used, and the hardware interfaces used compiles with the industry standards as specified so as to ensure compatibility of the networks as well as the security in compliance with CMS Enterprise Architecture (EA)


3. Design considerations


3.1 Goals:


The following are the desirable outcomes of the security infrastructure proposed to be implemented in the organization:


· An external website permitting users to browse and purchase widgets securely.


· An internal intranet website like that of a VPN for employees to use


· Secure remote access for engineering employees


· Reasonable, basic firewall rules


· Wireless coverage in the office


· Reasonably secure configurations for laptops


· Privacy of the user data


3.2 Architectural Strategies


For external website to perform purchase activity by customers:


In order to provide a secure e-commerce transaction, the following are the primary which security goals include:


· Protecting confidentiality of the data


· Making sure that unauthorized persons or systems cannot access the information of users;


· Making sure that the information accessed is genuine;


· Making the data accessible and usable;


· Logging the transactions for further reference and support activity


· Verifying the authenticity of a person to perform a transaction.


1. For intranet website accessed by employees:


Since the data is accessed by the company employees only it should be only available to company’s level of access making it private from other information being maintained on the infrastructure So,the following are the considerations in this case:


· Making sure that the access is within their intranet by implementing a firewall mechanism


· Specifying the authentication mechanism to access the website by the employees


· Supervising the activities and user management on the website by an administrator


1. Secure remote access for engineering employees


We can perform safe implementation of remote access control objectives based on the following security considerations:


Device type: What device types require remote access?


Role: What remote access is appropriate for that role given the device used?


Location. Is access from a public location, another company site, internal wireless, etc.?


Process and data: What processes and data are accessible given the first three access characteristics?


Authentication method: Does the need for strong authentication increase based on the device used, where it is used, and what it is allowed to access?


1. Basic firewall rules to be implemented:


Block by default – to block all incoming and outgoing connections


Allow specific traffic – only allow specified IP addresses


Allow Inbound-only allowing intranet users


1. Wireless coverage in the office


Can be provided with an 802.11 WLAN adapter/router with PSK(pre-shared key) configuration or a login based limited access to company WIFI by the employees


Security considerations: Should be Password protected and metered


1. V-LAN Configuration:


VLAN network segmentation creates security zones that enables flexible and strong control of what a remote user can access. security zones separating incoming traffic from internal resources. Using dynamic VLAN assignments and access control lists, we can control user access based on the conditions


1. Laptop Security configuration:


One of the most vulnerable parts of the infrastructure is the laptop computers that employees use. These devices can be responsible for bringing in viruses or malware or causing the organization to lose sensitive data. This can be checked using the techniques such as:


· Encrypting the disks on the laptops


· Ensuring Antimalware/Antivirus are up to date in regular intervals


· White listing the devices on the network


· Running a product such as System Center Configuration Manager, LANDesk, Altiris, or some other systems management platform


1. Application policy recommendations


· Integrate secure coding principles in all software components of infrastructure.


· Perform automated application security testing as part of the overall application testing process.


· Development and testing environments should redact all sensitive data or use de-identified data.


· Compliance with industry standard data policies and protocols


1. Security and privacy policy recommendations


Explain How the organization Collects and Use Personal Information


· Cookie Policy – Cookies are used to store user preferences or shopping cart contents. Clearly explain your cookie practice.


· How organization will Share Customer Information – Customers need to know that their data will only be used to complete the transaction and that any further use of that data (including selling or distributing it) requires their consent.


· Contact Information – Make it easy for your customers to contact you or file a complaint.


Display Privacy Policy Make sure new customers or users have easy access to your policy mandatorily


Publish Email Opt-Out Policies – Include opt-out options in your email marketing


Get a Seal of Approval – Third party validation of your online privacy and security policy can enhance your credibility. And trust of security


Intrusion detection or prevention for systems containing customer data


As the demand for E-Commerce grows on the Internet so will the increasing potential for E-Commerce sites to be attacked. Implementing security methodologies pertaining to an E-Commerce environment is not a simple thing. It should consider various threats and anomalies that can cause an attack. This can be achieved though penetration testing and reverse engineering to detect by signature or by an anomaly. This can be achieved by a third-party IDS system readily available in the market


Summary


Thus, we can conclude the report of the security infrastructure of the organization has been assessed and recommendations were made as required for the proposed environment as specified


Key assets being protected:


Customer information, Company related information


Key threats to protect against:


Intrusion to website, Data Loss


Key activities to protect against:


Customer purchase of artifacts, payment transactions, employee data


Relative ranking of fundamental security goals:


This is an important exercise for every organization as part of the risk mitigation planning process. For this project, the ranking came out like this:


Confidentiality: high


Integrity: high


Availability: medium


Auditability: medium


Nonrepudiation: N/A


Applied Sciences

Architecture and Design

Biology

Business & Finance

Chemistry

Computer Science

Geography

Geology

Education

Engineering

English

Environmental science

Spanish

Government

History

Human Resource Management

Information Systems

Law

Literature

Mathematics

Nursing

Physics

Political Science

Psychology

Reading

Science

Social Science

Home

Blog

Archive

Contact

google+twitterfacebook

Copyright © 2019 HomeworkMarket.com

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Helping Hand
Homework Guru
Top Essay Tutor
University Coursework Help
Best Coursework Help
Writer Writer Name Offer Chat
Helping Hand

ONLINE

Helping Hand

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$110 Chat With Writer
Homework Guru

ONLINE

Homework Guru

Hi dear, I am ready to do your homework in a reasonable price and in a timely manner.

$112 Chat With Writer
Top Essay Tutor

ONLINE

Top Essay Tutor

I have more than 12 years of experience in managing online classes, exams, and quizzes on different websites like; Connect, McGraw-Hill, and Blackboard. I always provide a guarantee to my clients for their grades.

$115 Chat With Writer
University Coursework Help

ONLINE

University Coursework Help

Hi dear, I am ready to do your homework in a reasonable price.

$112 Chat With Writer
Best Coursework Help

ONLINE

Best Coursework Help

I am an Academic writer with 10 years of experience. As an Academic writer, my aim is to generate unique content without Plagiarism as per the client’s requirements.

$110 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Prompt 2: Literary Service Announcement (LSA) Assignment - Nursing presentation - HBO Max Blocked Outside US - Sales organization structure and sales force deployment - Endocrinoloy Assignment - Use the given minimum and maximum data entries - Guided reading strategies 21.4 the napoleonic era - Vtac exam timetable 2020 - Robinia pseudoacacia frisia problems - Australian society for biochemistry and molecular biology - Is euglena a plant or an animal - Dfd diagram for online food ordering system - X-Ray Spectroscopy of Supernova Remnants - Cisco systems inc implementing erp - Balmain new ferry co v robertson - Average amount spent on child's birthday - Ap60 cruise control review - Zones of regulation free printables - Business and Society.03 - Effect of stress on performance ppt - Scaling report 2013 vce - Individual & dual movement HW - All summer in a day theme - CCIS - Princ of Mngmnt Assignment 3 (Twice) - Tony hsieh leadership style and philosophy - A birthday present sylvia plath analysis - Free body diagram notes - Dawn house women's shelter - L oreal expansion in china - Primergy tx1310 m1 raid controller - Week 6 Reflection - What belief does this japanese folding screen reflect - 140 englefield road oxley - English essay "plot, character, or theme analysis essay" - Vengeance quotes in the tempest - The stepped shaft shown must transmit - Supply Chain management - Ifac qualified line manager - Car wash marketing plan pdf - Retails at lower price crossword clue - Volume and surface area of shapes - Fe2o3 systematic name - Fortune 1000 companies in charlotte nc - Discussion 5 - A good deed never goes unrewarded short story - What does sheldon's soundwave shirt say - I wanna be in america west side story lyrics - Develop a resource schedule in the loading chart - First years gumdrop pacifier recall - The following information is from the records of armadillo camera shop: - Concept analysis paper on clinical manifestations amount adolescent and young adults that can be predicted by the increased use of synthetic drugs over time - Nclex medications study guide - Full capacity sales formula - The violence viewing effect - Ammonium hydroxide and silver nitrate chemical equation - How to date a browngirl by junot diaz analysis - Explain the stepwise approach to asthma treatment and management - Disaster managment - Dimensions involved in the development of expertise - Power and Energy Management - God creates the sun and planets sistine chapel - Rusm health assessment form - Positive response due 08/07/20 at 3Pm - Cambridge lms org main - CMGT - Nih open access policy - Doc n loc dover - How to critique a journal article nursing - First national bank charges 10.1 percent compounded monthly - Mod dii spoc contact number - American justice susan smith - Iboard allied university - Link https research stlouisfed org fred2 - Sample bank comfort letter - Marketing - Freezing point of salt water - Limits and fits chart - Selection methods in hrm ppt - Lds sunday school lessons - Strategic Marketing 2 - Graphing a heating curve for water lab answers - 8109 sloughhouse rd elk grove ca 95624 - Music the hope raiser paragraph - Ethical issues relating to computer application - Creswell and creswell research design pdf - Why is sodium acetate used in hot packs - Crossfit body weight workouts - Texas instruments scientific calculator ti-30xb multiview - Psychology case study report example - A time series trend equation is 25.3 - They say i say across disciplines 4th edition pdf - X 6y 12 solve for y - Experiment 1 heart valves and pumps - Vcaa 2012 biology exam - Theory of reasoned action psychology - How to write a critical summary - How to write a paragraph esl - Comprehensive problem 3 chapter 11 answers - What clinical findings correlate with mk s chronic bronchitis - Symbolic actions of eucharist