Topic:-Guidance to Obtain CompTIA Security and certificate.
You have been recently hired as a network security analyst for a small accounting firm. The firm
realizes that it needs help to secure its network and customers’ data. With your background and
skills, the firm is looking to you to provide guidance. In addition to helping the firm secure its
network, the firm requires that you obtain your CompTIA Security+ certification within 60 days of
being hired.
In addition to the owner, who serves as the overall business manager, there are about 20 people on
staff:
? 10 accountants
? 3 administrative support specialists
? 1 vice president
? 1 financial manager
? 2 interns
There is also one IT support technician on staff, who has basic computer hardware and networking
knowledge. He has requested that the firm create a website, hosted internally, so that new
customers can get information about the firm. This will be important to remember as you complete
your final project.
The firm has a simple network. There are 20 computers and two multipurpose printers. All computers
and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a
Motorola SB3100 cable modem. Staff email accounts are set up through the company’s Internet
provider. Employees use a combination of Microsoft Outlook and standard web browsers to access
their e-mail. The owner uses his personal iPad during work hours to check and respond to email
messages.
Prior to your hiring, the firm hired a network cabling contractor to run Cat 6 cables from the
central wiring closet to all offices and cubicles. The firm wants to move away from using wireless
as the primary network connection, but wants to keep wireless access for customers coming to the
building. The technician who did the wiring mentioned to your supervisor that he should look into
setting up a Windows Server domain to manage user access, instead of the current peer-to-peer
network. He also recommended that the firm invest in a managed switch and a firewall, and look into
having some backups. The internal IT support technician agreed with these recommendations but needs
your help to implement them.
You’ve been asked to assess the current vulnerabilities and provide a recommendation to the firm’s
owner on how to better secure the network infrastructure. Now that you are aware of the firm’s
history, your assessment and recommendation should provide specifics about the network security
settings that must be implemented and the equipment that must be procured, installed, and
configured. The firm’s owner has a basic understanding of computing, so it is important that you
explain the technical issues in layman’s terms.
Overview
–
You will provide a detailed vulnerabilities assessment document, along with some specific
recommendations to implement to address the vulnerabilities you have described. This document
should be based on the scenario provided. Use LabSim as a guide in your analysis and
recommendations.
Your proposal will be submitted in three major parts:
1. Vulnerabilities Assessment
2. Network System Security Recommendations
3. Application/End-User Security Recommendations
It should be written using the IEEE citation style. To learn how you will be assessed on this
assignment, please take a moment to review the rubric.
Use this template as a guide while creating your Vulnerabilities Assessment and Recommendation
Document (Parts 1-3).
________________________________________
Vulnerabilities Assessment
–
This section should include areas where network security could pose security problems. Explain why
these vulnerabilities could be exploited and what the implications are if they are not addressed.
In this section, you do not need to provide specific recommendations on how to mitigate these
issues.
________________________________________
Network System Security Recommendations
–
This section should include specific recommendations based on the vulnerabilities identified in the
previous section. These would include procuring new equipment or systems, and you should explain
why these systems or equipment are needed. Cognizant that the firm only has a NETGEAR wireless
router, you should determine what else is needed. The firm has Cat 6 cable running from each work
area to the central wiring closet. But those cables are just hanging from the ceiling now. The
technician has recommended implementing a managed switch, a firewall, and a Windows domain, as well
as setting up some backups (note: this could mean many things). Research appropriate equipment and
provide guidance on the setup as appropriate for the business.
Include any configuration information for the equipment. For example, if you are getting a
firewall, what setting(s) from a firewall should be in place for this firm?
________________________________________
Application/End-User Security Recommendations
–
This should include end-user specific recommendations such as the need for a specific application
on the end-user’s computer or a specific training or best practice that the user must employ.
Again, explain why these are necessary and provide the specific configuration information as
needed.
Student Name
I. Vulnerability Assessments
Use this section to describe any network security vulnerabilities. Use the scenario along with
industry standards and best practices to identify the vulnerabilities. Describe why it is
vulnerable and what the implication is if it is not mitigated.
The example below is of the physical security of a warehouse. (In your submission, you will have
several vulnerabilities identified and mitigated.)
At the Alpha Warehouse, we discovered one key vulnerability to the physical security. This was the
use of a Master Lock combination lock to secure the back entrance. While the use of a combination
lock can limit the number of people who can enter to those given the combination, vulnerabilityin
the design of these locks was recently exposed. By using “a process that requires less than two
minutes and a minimal amount of skill to carry out” [1], would-be thieves can access the warehouse
through a single entrance. While the thief will need to also have access to an online calculator
that helps stream the process, the prevalence of smartphones makes this a small hurdle to jump,
allowing any interested parties quick access to the Alpha Warehouse.
II. Network/System Security Recommendations
This section will provide network/system security recommendations on how to address the
vulnerabilities identified in Section I. Provide specific courses of action along with any
pertinent information about the recommendations. In this section, you will cover recommendations
only to network infrastructure or network devices. Don’t cover software recommendations here.
Example
In order to resolve the vulnerability created by using a Master Lock combination lock, it is
recommended that it be replaced by a more secure deadbolt door lock—specifically, a Falcon D241.
This lock is rated as the top standard lock by Consumer Reports [2]. The magazine rates its
resistance to kicking, prying, wrenching, and hammering as excellent, and the resistance to picking
and sawing as very good. The only thing that was considered poor was its resistance to drilling,
but no standard lock was anything other than poor. Only the high-security locks had higher ratings
for drilling, and only one of those, the Medeco Macum 11WC60L, was rated higher than the Falcon
[3]. Given its price of almost three times as much as the Falcon, the cost does not seem worth the
benefit. However, it is a more secure option that the warehouse administration may want to
consider.
III. Application/End-User Security Recommendations
This section will provide application/end-user security recommendations. Provide specific courses
of action along with any pertinent information about the recommendations. This section will include
any network protocol or software as well as actions that the end-user must do.
Example
In addition to installing a new lock on the back door of the warehouse, there are policy
recommendations that warehouse administration should implement. The most important policy
recommendation is that the number of keys to the back entrance of the warehouse should be limited
to only those that need it and in most cases only when they need it. As this is a secondary
entrance, it is not necessary that all employees have a permanent key. The warehouse manager should
have one key that he keeps at all times. Additionally, he should have access to a secondary key in
the warehouse office that only he can access. This secondary key can be given on a temporary basis
to employees who need to access the back entrance. Also, this secondary key should be given on a
sign-out basis. Employees who are given the key should have their name noted in a log book. When
they return it, another notation is made indicating such. This tracks who is responsible for the
key at any given time, and should it go missing, will serve as a paper trail for who had the key
last.
Bibliography
[1] Goodin, D. (2015). How to crack many Master Lock combinations in eight tries or less [Online].
Available: HYPERLINK “http://www.arstechnica.com/security/2015/04/how-to-crack-any-master-lock-
combination-in-8-tries-or-less/”http://www.arstechnica.com/security/2015/04/how-to-crack-any-
master-lock-combination-in-8-tries-or-less/
[2] Centre for the Protection of National Infrastructure. (2013). Door security: A guide to
security doorsets and associated locking hardware. [Online].Available: HYPERLINK
“http://www.cpni.gov.uk/documents/publications/2013/2013012-
security_doorsets_locking_hardware.pdf”http://www.cpni.gov.uk/documents/publications/2013/2013012-
security_doorsets_locking_hardware.pdf
[3] ConsumerReports.org. (2013). Falcon D241 Door Lock Review. [Online]. Available: HYPERLINK
“http://www.consumerreports.org/cro/home-garden/home-improvement/door-locks/door-lock-
ratings/models/overview/falcon-d241-99041055.htm”http://www.consumerreports.org/cro/home-
garden/home-improvement/door-locks/door-lock-ratings/models/overview/falcon-d241-99041055.htm
Rubric Name: Vulnerabilities Assessment and Recommendation Document Part 1
Competencies Section 1 Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Develop a vulnerability assessment based on the scenario provided This includes:
Analyzing business needs in regards to network security
Identifying current vulnerabilities
Providing scholarly references to the vulnerabilities
Articulating the vulnerabilities
Follow proper procedures and protocols in completing IT-related tasks. This includes:
Performing vulnerability assessment based on the scenario
Demonstrating the ability to make network administration or Cybersecurity decisions based on best
practices and/or standard procedures/protocols
Competencies Overall Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Satisfy standards of writing style and grammatical correctness. This includes:
Using IEEE citation style
Using credible reasoning, appropriate research, and supporting evidence in communication
Synthesizing sources appropriately using paraphrase, summary, and quotation
Satisfying standards of writing style and grammatical correctness, including the use of industry-
standard terminology and vocabulary
Overall Score Level 3: 90-100% Level 2: 80-89% Level 1: Minimally Proficient 70 – 79% Not
Proficient
….
Rubric Name: Vulnerabilities Assessment and Recommendation Document Part 2
Competencies Section 2 Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Assess the need for network security devices to support the business or organization. This
includes:
Selecting/identifying the appropriate type of network security devices to use
Providing justifications for the selected devices
Assess the need for network services to support the business or organization. This includes:
Selecting/identifying the network services to implement
Providing justifications for the selected services
Follow proper procedures and protocols in completing IT-related tasks. This includes:
Demonstrating the ability to make network administration or Cybersecurity decisions based on best
practices and/or standard procedures/protocols
Competencies Overall Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Satisfy standards of writing style and grammatical correctness. This includes:
Using IEEE citation style
Using credible reasoning, appropriate research, and supporting evidence in communication
Synthesizing sources appropriately using paraphrase, summary, and quotation
Satisfying standards of writing style and grammatical correctness, including the use of industry-
standard terminology and vocabulary
Overall Score Level 3: 90-100% Level 2: 80-89% Level 1: Minimally Proficient 70 – 79% Not
Proficient
…
Rubric Name: Vulnerabilities Assessment and Recommendation Document Part 3
Competencies Section 3 Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Apply and implement appropriate security measures on a network to support the business or
organization. This includes:
Identifying network security measures needed (should include preventative and maintenance measures)
Providing justifications for the measures
Apply proper ethical principles in dealing with sensitive customer information. This includes:
Using appropriate techniques and procedures to secure sensitive customer information
Using proper documentation to track sensitive activities
Follow proper procedures and protocols in completing IT-related tasks. This includes:
Identifying and applying appropriate software licensing model(s) for the software used in the
proposal
Demonstrating the ability to make network administration or Cybersecurity decisions based on best
practices and/or standard procedures/protocols
Competencies Overall Level 3: 90 – 100% Level 2: 80 – 89% Level 1: Minimally
Proficient 70 – 79% Not Proficient
Satisfy standards of writing style and grammatical correctness. This includes:
Using IEEE citation style
Using credible reasoning, appropriate research, and supporting evidence in communication
Synthesizing sources appropriately using paraphrase, summary, and quotation
Satisfying standards of writing style and grammatical correctness, including the use of industry-
standard terminology and vocabulary
Overall Score Level 3: 90-100% Level 2: 80-89% Level 1: Minimally Proficient 70 – 79% Not
Proficient