User Account

All Pages

Evaluate student ability to research and evaluate security

Assignment Help Basic Computer Science
Reference no: EM13677004

The purpose of this project is to evaluate the student's ability to research and evaluate security testing software and present a proposal for review by executive team members. By completing the document the student will also gain practical knowledge of the security evaluation documentation and proposal writing process. The project will enable the student to identify and understand the required standards in practice, as well as the details that should be covered within a proposal.

Project Deliverable

Using the Case Study presented in this document, to complete an executive proposal.

Provide a three to five page proposal summarizing purpose and benefit of chosen security software to the executive management team.

The student will evaluate and test security testing software for purposes of testing corporate network security. The purpose of the software is to measure the security posture of the organization by identifying vulnerabilities and help prevent future attacks and deter any real-time unknown threats.

The proposal should effectively describe the software in a manner that will allow the executive team members to understand the purpose and benefits of the software to approve purchase.

Guidelines

Evaluate and select a security tool for recommendation that you learned about in the iLabs modules or the EC-Council text books.

The proposal document must be 3 to 5 pages long, conforming to APA standards. See "Writing Guideline" in WebTycho where you'll find help on writing for research projects.

At least three authoritative, outside references are required (anonymous authors or web pages are not acceptable). These should be listed on the last page titled "References."

Appropriate citations are required. See the syllabus regarding plagiarism policies.

This will be graded on quality of research topic, quality of paper information, use of citations, grammar and sentence structure, and creativity.

The paper is due during Week 7 of this course.

Project Description

The purpose of project is to write an executive proposal for a fictitious company called Advanced Research. The goal of the proposal is to persuade the executive management team to approve purchase of security testing software that can benefit the company's corporate network security by testing and identifying vulnerabilities before they are exploited by hackers. The proposal must include a detailed description of the software, its purpose and benefits.

Suggested Approach

Research a security testing software tool that you practiced using in the EC-Council iLabs or from the textbook.

Determine whether the tool would be beneficial in testing the security of a corporate network.

Use the vendor's website to collect necessary information about the tool to be able to explain its purpose and benefit.

Include 3rd party endorsements and case studies about the tool.

Integrate the information from your own experience with the tool into your proposal. This may include results from the iLab exercises or your own test lab.

Company Description

Advanced Research Corporation

Advanced Research is a startup medical research and development company. After five years of extraordinary success in the development of innovative medical and pharmaceutical products, Advanced Research is on its way to becoming a major player in the medical research and development industry. However, due to its success, Advanced Research has also become a major target of cybercriminals. Advanced Research has been the victim of cybercriminal attempts to steal intellectual property and sell it to Advanced Research's competitors. It is suspected that the corporate network has been infiltrated from unauthorized sources more than once. In 2011, Advanced Research was falsely accused of unethical research and development practices. The false allegations resulted in the defacement of Advanced Research's public website and several Denial of Service attacks at different times over a 9 month period that brought the corporate network to its knees. These attacks had a major impact on Advanced Research's ability to conduct business and resulted in undesirable publicity for the company.

Regardless of its security problems, Advanced Research has continued to grow as a company. Its research and development departments have grown over the years, due to the expansion of the company, in proportion to the increase in its business making up over 40% of the human resources. Advanced Research's innovative research and development information is paramount to its continued success as a company. Although, no known attacks have occurred in last 18 months, the security of its network and intellectual property is still a major concern for the company. Because Advanced Research is a still fairly young company, management has been hesitant to budget for expensive security projects. However, this point of view is beginning to change. Particularly, because one of Advanced Research's competitors, a major player in the medical research and development industry for over 40 years, experienced a loss of hundreds of millions of dollars in research data that was stolen from its corporate network by cyber thieves.

Background and your role

You are the IT Manager hired in 2012 to manage the physical and operational security of Advanced Research's corporate information system. You understand information security issues better than anyone else in the company. You also know that the network is vulnerable to outside threats because it has experienced attacks in the past and because you haven't had the resources to properly test the corporate information system to identify the vulnerabilities that might exist and take action prevent possible attacks. You have a responsibility to bring these concerns to the attention of the executive team and ask for approval to purchase the necessary testing software.

Your education and training have introduced you to variety of security tools for testing computer and network security. The majority of these tools you either only read about or have practiced using in lab environment. You have decided to research some of these tools and test them out in your own lab environment and choose one for recommendation to executive team.

You will need to present information that proves the chosen tool will be beneficial to the security of corporate information system. To accomplish this you will need to research the product, if possible, test the product in a virtual lab environment. If the tool is part of your iLab exercise, it is recommended that you practice using and testing the tool beyond the scope of the lab exercise. Based on your research and analysis, you will include this information in your proposal in way that the executive staff can understand and allowing them to make an informed decision to approve purchase of the product.

The executive management team of Advanced Research:

The proposal should include:

Detailed description of the software and benefits.

Include reviews, case studies and customer recommendations

Include your own hands-on experience with the tool and test results

Cost of product. Include additional costs such as training or hardware software that might be needed in order to properly deploy manage and maintain the software.

How will the software impact the production environment? For example, the software may test for Denial of Service attacks. You need to explain any interruptions the test may have on business operations. You need to justify the need for such a test. Also explain how to you plan to minimize or prevent possible production outages.

The software should test for one or more of the following types of attacks:

Denial of Service (DoS)

Cross Site Scripting (XSS)

Authentication Bypass

Directory Traversal

Session Management

SQL injection

Database Attacks

Password Attacks

Firewall/Router Attacks

Operating System Attacks

Corporate Office Network Topology

The Advanced Research main research and development facility is located in Reston Virginia. You have concerns about the sensitive information that is stored at this location as well as data that transmitted over the WAN to Advanced Research's New York City headquarters location, business partners and clients. The Reston facility is also where the Advanced Research data center is located. The data center is where Advanced Research's public website, email, databases and corporate intranet are hosted. The environment contains a mix of Microsoft and *NIX technologies.

45 Windows 2008 Servers

13 Windows 2003 Servers

15 UNIX Servers

2200 Windows XP and 7 Desktops

Web Servers: Apache and IIS

Services: FTP, SMTP, DNS, DHCP, VPN

Database: SQL, Oracle and MySQL

Network: Cisco Routers and Firewalls


Appropriate APA citations/referenced sources and formats

Reference no: EM13677004

Questions Cloud

How much extra transmission delay will the segments : a) How much extra transmission delay will the segments experience?
Transitive-closure : Transitive-Closure
The variable accounttwo being set : What is being called by line 20 of Listing 2? How is the balance value of the object referenced by the variable accountTwo being set?
Global data distribution : Global Data Distribution
Evaluate student ability to research and evaluate security : Evaluate the student  ability to research and evaluate security testing software and present a proposal for review by executive team members
Java how to program 10th edition : Java How To Program 10th Edition
Network security & how do they work together : 1. In reference to firewalls, proxies, Intrusion Prevention Systems and Intrusion Detection Systems. Why are they important for network security & how do they work together?
Discuss sampling and sampling errors : Discuss sampling and sampling errors, as well as forms of validity and reliability and why they are important to the foundations of any statistics based study.
Hiring and keeping quality employees is one : Hiring and keeping quality employees is one of the most urgent concerns for today's organizations.( )

Reviews

Write a Review

Basic Computer Science Questions & Answers

  How to add validation to a web application

How to add validation to a web application

  Find the type of grammar

S - > a ? b | b ? c | aB S-> ? S|b

  Explain and identify and explore contemporary challenges

Identify and explore contemporary challenges and opportunities in information systems and to formulate an opinion or judgement and offer possible solutions.

  Write java code for your hello/loop

Write java code for your hello/loop

  Create a 64mb encrypted file system

Write an instruction sheet for the user so that she can make the modi cations to her home machine so that she can access the le on the ash drive containing the encrypted le system.

  Make the circles have a thickness of 5 pixels,

Make the circles have a thickness of 5 pixels, except for the circle that didn't open at Sochi; make that one a solid disk.

  Create flowchart and psuedo code for math program

Create flowchart and psuedo code for math program which permits the user to enter two separate numbers and choose one of four mathematical operations (add, subtract, mutiply, divide).

  Outline the purpose of the presentation and its contents

7205ICT –ADVANCED DATABASES. A few slides longer that outline the purpose of the presentation and its contents focusing on the Background, Related Work and Methodology.

  Simplify the functional expressions using boolean algebra

The Apostrophes represent a line over the letter that it is after. The last set of parenthesis has a line over it as well as the x and y in them.

  Decimal ascii number with an implied decimal point

Write a procedure named WriteScaled that outputs a decimal ASCII number with an implied decimal point.

  Describe how hazard curve is formed

What remains today... And analyzing hundreds of miles of river banks... Large earthquakes in 1450 and 900 A.D. What is meant by a Hazard Curve? Ground Motion Hazard = Rate times.

  Write a few lines of code to create a timer in java

Write a few lines of code to create a timer in Java which fires an ActionEvent every 150 msec. Assume the existence of a TimerEventHandler class which needs to respond to timer events.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd