You have been recently hired as a network security analyst for a small accountin

Question

You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer’s data. With your background and skills, they are looking to you to provide guidance. In addition to helping them secure their network, they require that you obtain your CompTIA Security+ certification within 60 days of being hired.

In addition to the owner, who serves as the overall business manager, there are about 20 people on staff:

10 accountants
3 administrative support specialists
1 vice president
1 financial manager
2 interns

There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project.

The firm has a simple network. There are currently 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff e mail accounts are set up through the company’s Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner is known to use his personal iPad during work hours to check and respond to e mail messages.

Prior to your hiring, they hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. They want to move away from using wireless as the primary network connection, but want to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them.

You’ve been asked to assess the current vulnerabilities and provide a recommendation to the firm’s owner on how to better secure the network infrastructure. Now that you are aware of the firm’s history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm’s owner has a basic understanding of computing, so it is important that you explain the technical issues in layman's terms.

Explanation / Answer

Document Part 1
Part 1

This includes:Analyzing business needs in regards to network security. Develop a vulnerability
assessment based on the scenario provided Identifying current vulnerabilities Providing scholarly
references to the vulnerabilities Articulating the vulnerabilities This includes: Performing vulnerability
assessment based on the scenario Follow proper procedures and protocols in completing IT-related
tasks. Demonstrating the ability to make network administration or Cybersecuritydecisions based on
best practices and/or standard procedures/proto this includes: Using IEEE citation style
Using credible reasoning, appropriate research, and supporting evidence in communication
Synthesizing sources appropriately using paraphrase, summary, and quotation Develop a
vulnerability This includes: assessme Analyzing business needs in regards to network security
nt based on the Identifying current vulnerabilities scenario provided Providing scholarly references to the vulnerabilities Articulating the vulnerabilities This includes:Assess the need for network security devices to support the business or organization. Selecting/identifying the appropriate type of network security devices to use
Providing justifications for the selected devices This includes: Selecting/identifying Assess the need for network
the network services services to support the business or to implement organization. Providing justifications for the
selected services Apply and implement appropriate security measures on a network to support the business
or organization. This includes: Identifying network security measures needed (should include preventative
and maintenance measures) Providing justifications for the measures This includes: Apply proper
ethical principles in dealing with sensitive customer information. Using appropriate techniques and
procedures to secure sensitive customer information Using proper documentation to track sensitive
activities This includes: Follow proper procedures and protocols in completing IT-related tasks.

Identifying and applying appropriate software licensing model(s) for the software used in the
proposal Demonstrating the ability to make network administration or Cybersecurity decisions based on
best practices and/or standard procedures/protocols

Vulnerabilities Assessment and Recommendation
Document Part 2
Part 2

This includes: Selecting/identifying Assess the need for the appropriate type network security devices to of network security support the business or devices to use organization.Providing justifications for the selected devices This includes: Assess the need for network services to support the business or organization. Selecting/identifying
the network services to implement Providing justifications for the selected services This includes: Follow proper procedures and protocols in completing IT-related tasks. Demonstrating the ability to make network
administration or Cybersecurity decisions based on best practices and/or standard procedures/protocols This includes: Using IEEE citation style Using credible reasoning, appropriate research, and supporting evidence in communication Synthesizing sources appropriately using paraphrase, summary, and quotation Satisfying standards of writing style and grammatical correctness, including the use of industry-standard
terminology and vocabulary. Vulnerabilities Assessment and Recommendation Document Part 3
Part 3 This includes: Apply and implement appropriate security measures on a network to support the business or
organization. Identifying network security measures needed (should include preventative and maintenance
measures) Providing justifications for the measures This includes: Apply proper ethical principles in dealing with
sensitive customer information. Using appropriate techniques and procedures to secure sensitive customer
information Using proper documentation to track sensitive activities Follow proper procedures and protocols in
completing IT-related tasks. This includes:Identifying and applying appropriate software licensing model(s) for the
software used in the proposal Demonstrating the ability to make network administration or Cybersecurity
decisions based on best practices and/or standard procedures/protocols This includes: Using IEEE citation
style Using credible reasoning, appropriate research, and supporting evidence in communication Satisfy standards of writing style and grammatical correctness. Synthesizing sources appropriately using paraphrase,
summary, and quotation Satisfying standards of writing style and grammatical correctness, including the use of
industry-standard terminology and vocabulary

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.