User Account

All Pages

Draw a network security diagram to show an network

Assignment Help Other Subject
Reference no: EM131186128

Read the scenario below, and complete the tasks at the end of the scenario.  You should consult your learning topic Implementing a Network Security Plan and Security Workbook.

Scenario-

You have been asked to design a network security plan for a small e-commerce web site run by the Buy This Shoe Company.  The website will be hosted on the company's internal network (as the site needs to access internal databases for prices etc).  The company is a bit nervous about hackers, but it also wants a cost effective solution, so you need to come up with a plan that is both effective and economical.

Interviewing the owners of the business, you have uncovered the following facts:

The company will be taking credit card payments, so needs to comply with any relevant legislation

The company is most worried about hackers who may want to gain the credit card details of its customers.  They want to ensure that the database server that will be storing the credit card details is on the most secure part of the network.  

The company is also worried about 'for play' hackers who may want to compromise their website for 'fun', so your network security needs to cater for this.

The company has employed an information auditor as a consultant, who has prepared the following table showing the asset, threat, single loss occurrence, and annual rate of occurrence

Asset

 

Threat

SLO

ARO

1.

Network server

Fun hackers

400

5

2.

Credit card details on database server

For profit hackers

20,000

.5

3.

Router

Fun hackers

1000

.25

4.

Web server

both

2000

3

5.

Malware/trojans

both

1000

15

The company wants to allow web site traffic (HTTP and HTTPS), email traffic (SMTP), remote desktop traffic (RDP), and network support (via SSH) into its network from the internet.  The only traffic it wants to allow out of the network is HTTP/HTTPS and SMTP.

The company is also very concerned that, if any security breach does occur, that they are notified immediately.  They are suggesting that every Friday the owner of the company meet with the IT manager to review any security breaches that have occurred, and what has been done in response to those breaches.

Answer the following questions.

1. What is the name of the security standard that applies to Buy This Shoe because they want to take credit card payments from customers?

2. The owner of Buy That Shoe is nervous about customers sending their credit card details across the Internet.  What is the name of the protocol that can secure these details in transit?

3. Classify the following countermeasures as to whether they represent risk acceptance, risk avoidance, risk mitigation or risk transferrance

a. The company wants to take out insurance against hackers

b. The company wants to deploy a state of the art firewall

c. The company does not want to deploy countermeasures against State-sponsored hackers

d. The company does not plan to store credit card details for returning customers, i.e. customers will need to re-enter their credit card details for every new purchase

4. Use the information provided by the information auditor to calculate the ALE (Annual Loss Expectancy) for each of the five threats. (your answer should list the five threats, and the ALE for each)

5. Based on these ALE figures, which is the bigger threat: for fun hackers, or for profit hackers?

6. Based on these ALE figures, what is the maximum amount of money you would advise Buy This Shoe to spend each year defending their website against 'for fun' hackers?  Give a brief reason for your advice.

7. Use the information about the required incoming/outgoing network traffic to make a table showing all the traffic allowed into/out of the company's network e.g.

Traffic description 

Type 

Port

HTTP

In

80

etc

Note: You should complete this table with all the required details for your answer

8. How could you implement these traffic rules in your network (i.e. what device(s) would you configure)?

9. Draw a network security diagram to show an example network for Buy This Shoe. Make sure your network design has the following features

- Clearly shows network zones (trusted, untrusted, DMZ)

- Has both perimeter firewall and internal firewall 

- Only web server is in DMZ

- Application and database server are on trusted network

- One server shown running incident detection/prevention software

- Mail server also shown on trusted network

(Note: you need to print out your network security diagram and submit it as part of your assessment)

10. List five pieces of information you should capture in every incident response report for Buy This Shoe.

Reference no: EM131186128

Questions Cloud

Analyse success or failure of applied project management : Analyse the success or failure of the applied project management framework, principles, processes and / or practices.
Against the idea of perfect competition : 1. The fast food industry is extremely competitive and in some cases close to perfect competition. Identify 2 fast food chains which you feel have almost identical products and pricing and identify the almost identical products that they both sell..
Individual unique lived experiences : How can governments effectively make choices to maximize public welfare given each individual's unique lived experiences?
What is the profit maximizing price and output : Your firm, a monopolist has been given the following demand and cost functions: P = 100 - 2Q and C(Q) = 50 + Q2. a. What is the profit maximizing price and output for this monopolist?
Draw a network security diagram to show an network : Draw a network security diagram to show an example network for Buy This Shoe. Make sure your network design has the following features, Clearly shows network zones (trusted, untrusted, DMZ) and Has both perimeter firewall and internal firewall
Create a new product that would appeal to your market : Develop at least one question for each characteristic of the target market (demographic, geographic, psychographic, and behavioral) that will be important for you as you determine the marketing strategy for this new product.
What is the firms profit-maximizing output : What is the firm's profit-maximizing output, Q∗? Mark it on the horizontal axison the graph. What price will the firm charge? Mark it on the vertical axis on the graph.
Find the acute angles between the curves at their points : (The angle between two curves is the angle between their tangent lines at the point of intersection. Give your answers in degrees, rounding to one decimal place. Enter your answers as a comma-separated list.)y = 7x2, y = 7x3
Evaluate the impact of technology on business : Compose risk assessments, and discuss techniques for monitoring and controlling risks. Evaluate the impact of technology on business.

Reviews

Write a Review

Other Subject Questions & Answers

  Discuss probation and intermediate sanctions

In a 1-2 page well constructed essay discuss probation and intermediate sanctions and the effectiveness of each of them? Cite your sources this is for criminology

  Characteristics of effective teams

Based on your knowledge from a past or present job, explain the difference between a group and a team. Would you say you were a part of a group or a team while working in that job?

  Develop a thesis statement in the opening paragraph

Develop a thesis statement in the opening paragraph. The thesis statement should indicate the subject and the assertion to be made about the subject in the composition

  Total quality management is a organization philosophy thus

total quality management is a organization philosophy thus as we had seen at the beginning of the module leadership

  Commit to two specific learning goals to improve

For this course, you are being asked to commit to two specific learning goals to improve your awareness, knowledge, and skill in managing cultural diversity. Describe those goals here, and discuss why you feel they are important for you.

  How does the artist use the elements of art

How does the artist use the elements of art (line, value, color, shape, texture)? How does the artist organize the elements of art to create artwork that you respond to (positive or negative!)?

  This activity is an opportunity for you to closely examine

this activity is an opportunity for you to closely examine a contemporary policy issue facing the state of texas. over

  Related educational improvement plan

How would you develop a school or related educational improvement plan that reflects the principles and practices of internal accountability?

  Instead of setting up a business to market her own products

Instead of setting up a business to market her own products, Krissy considers entering into a distributorship franchise with Little Breweries Corporation. This involves the transfer of

  Write research about lungs cancer

Write 7 pages research about Lungs cancer. On the cover page, put the name of the disease. Next, write about the historical perspective

  Formal process of amending the constitution

The formal process of amending the Constitution is cumbersome and slow. While this fact explains why relatively few amendments have been adopted, it does not discourage advocates of constitutional change from proposing them.

  List the services provided and populations served

Describe case management models applied within the case manager's role as a human service worker. Describe his or her role in linking clients to community resources.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd