Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

would you help me with :1 . Create a Wireless Policy Complete the following: You

ID: 3876380 • Letter: W

Question

would you help me with :1

. Create a Wireless Policy Complete the following: You are the systems administrator for the Bafwell Company. Develop and recommend a wireless policy, and present to the management of the Bafwell Company. Be sure to address the following:

1.Identify specific encryption and authentication protocols, Media Access control (MAC) addresses, and interference that is required

2. Address existing policies if any

3. Research some wireless policies that organizations use, and describe the wireless security policy that you would recommend.

Explanation / Answer

Answer- 1. Wireless Policy for Bafwell Company:

1.0 Purpose
    This policy prohibits access to networks via unsecured wireless communication mechanisms. Only wireless systems that meet the criteria of this policy are approved for connectivity to networks.

2.0 Scope
    This policy covers all wireless data communication devices (e.g., personal computers, cellular phones, PDAs, etc.) connected to any of internal networks. This includes any form of wireless communication device capable of transmitting packet data. Wireless devices and/or networks without any connectivity to networks do not fall under the purview of this policy.

3.0 Policy

3.1 Register Access Points and Cards
    All wireless Access Points / Base Stations connected to the corporate network must be registered and approved by the company. These Access Points / Base Stations are subject to periodic penetration tests and audits. All wireless Network Interface Cards (i.e., PC cards) used in corporate laptop or desktop computers must be registered.

3.2 Approved Technology
    All wireless LAN access must use corporate-approved vendor products and security configurations.

3.3 VPN Encryption and Authentication

All computers with wireless LAN devices must utilize a corporate-approved Virtual Private Network (VPN) configured to drop all unauthenticated and unencrypted traffic. To comply with this policy, wireless implementations must maintain point to point hardware encryption of at least 56 bits. All implementations must support a hardware address that can be registered and tracked, i.e., a MAC address. All implementations must support and employ strong user authentication which checks against an external database such as TACACS+, RADIUS or something similar.

3.4 Setting the SSID

    The SSID shall be configured so that it does not contain any identifying information about the organization, such as the company name, division title, employee name, or product identifier.

4.0 Enforcement
    Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

5.0 Definitions Terms  
    User Authentication: A method by which the user of a wireless system can be verified as a legitimate user independent of the computer or operating system being used.

Answer-3. Recommended Wireless Security Policy for Bafwell Company-

Utilize 802.1x-based authentication to control access to your network. There are several flavors of 802.1x port-based authentication systems. Choose one that meets the security requirements for Bafwell company. For example, EAP-TLS may be a wise choice if you have Microsoft servers.

Establish the wireless network on a separate VLAN.

A firewall can then help keep hackers located on the VLAN associated with the wireless network from having easy access to corporate servers located on different, more secured VLANs (i.e., not accessible from the wireless network). In this manner, the wireless network is similar to a public network, except you can apply encryption and authentication mechanisms to the wireless users.

Ensure firmware is up-to-date in client cards and access points.

Disable access points during non-usage periods. If possible, shut down the access points when users don’t need them. This limits the window of opportunity for a hacker to use an access point to their advantage as a weak interface to the rest of the network. To accomplish this, you can simply pull the power plug on each access point; however, you can also deploy power-over-Ethernet (PoE) equipment that provides this feature in a more practical manner via centralized operational support tools.

Assign “strong” passwords to access points. Don’t use default passwords for access points because they are also well known, making it easy for someone to change configuration parameters on the access point to their advantage. Be sure to alter these passwords periodically. Ensure passwords are encrypted before being sent over the network.

Don’t broadcast SSIDs. If this feature is available, you can avoid having user devices automatically sniff the SSID in use by the access point.

Reduce propagation of radio waves outside the facility. Through the use of directional antennas and RF shielding, you can direct the propagation of radio waves inside the facility and reduce the “spillage” outside the perimeter. This not only optimizes coverage, it also minimizes the ability for a hacker located outside the controlled portion of the company to eavesdrop on user signal transmissions and interface with the corporate network through an access point.

Implement personal firewalls. If a hacker is able to associate with an access point, which is extremely probable if there is no encryption or authentication configured, the hacker can easily access (via the Windows operating system) files on other users’ devices that are associated with an access point on the same wireless network. As a result, it’s crucial that all users disable file sharing for all folders and utilize personal firewalls.

Control the deployment of wireless LANs. Ensure that all employees and organizations within the company coordinate the installation of wireless LANs with the appropriate information systems group. Forbid the use of unauthorized access points. Mandate the use of approved vendor products that you’ve had a chance to verify appropriate security safeguards.

Related Questions

workers? A. At the age of 40 to 70, workers can not beretired by force B. At the
Question #1254325
workflow in its cross-dock warehouse in Singapore. This project is forecast to p
Question #2806957
working adults aged 40-70 to determine their level of educati ts were as fol 9)
Question #3054877
working in matlab, i have a 5x4 matrix. each number in the matrix represents a c
Question #3717892
working on Chapter 7, PE 6...this is what I have so far... #include Ofstream() /
Question #3627620
working on a floppy music design project, and we intend to use 32 floppies for t
Question #3597014
working on a floppy music design project, and we intend to use 32 floppies for t
Question #3597016
working on a floppy music design project, and we intend to use 32 floppies for t
Question #3599991

Navigate

Previous
would you help me solve the problems ? (marked questions may be wrong , I am wai
Next
would you like answer those 3 question please 1. A wire 2.0 m long is suspended

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.