Creating a Company Culture for Security – Design Document >> IT Security: Defense against the digital dark arts
Overview: Now that you’re super knowledgeable about security, let’s put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets.
Assignment: In this project, you’ll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization’s requirements.
About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world’s finest artisanal, hand-crafted widgets. They’ve hired you on as a security consultant to help bring their operations into better shape.
Organization requirements: As the security consultant, the company needs you to add security measures to the following systems:
- An external website permitting users to browse and purchase widgets
- An internal intranet website for employees to use
- Secure remote access for engineering employees
- Reasonable, basic firewall rules
- Wireless coverage in the office
- Reasonably secure configurations for laptops
Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don’t want customer information falling into the hands of an attacker due to malware infections or lost devices.
Engineers will require access to internal websites, along with remote, command line access to their workstations.
Grading: This is a required assignment for the module.
What you’ll do: You’ll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization’s requirements and the following elements should be incorporated into your plan:
- Authentication system
- External website security
- Internal website security
- Remote access solution
- Firewall and basic rules recommendations
- Wireless security
- VLAN configuration recommendations
- Laptop security configuration
- Application policy recommendations
- Security and privacy policy recommendations
- Intrusion detection or prevention for systems containing customer data
Related Questions & Answers:
- Understanding Security Threats Understanding Security Threats >> IT Security: Defense against the digital dark arts Question 1 Phishing, baiting, and tailgating are examples ... Read more...
- AAA Security (Not Roadside Assistance) AAA Security (Not Roadside Assistance) >> IT Security: Defense against the digital dark arts Question 1 Authentication is concerned with ... Read more...
- Defense in Depth Defense in Depth >> IT Security: Defense against the digital dark arts Question 1 How are attack vectors and attack ... Read more...
- Creating a Company Culture for Security Creating a Company Culture for Security >> IT Security: Defense against the digital dark arts Question 1 What characteristics are ... Read more...
- Module Quiz-1 Module Quiz >> Ask Questions to Make Data-Driven Decisions 1.Which of the following does not allow you to interact with ... Read more...
- If you cannot meet Google’s peering requirements, which network connection service should you choose to connect to Google Workspace and YouTube? 3. If you cannot meet Google’s peering requirements, which network connection service should you choose to connect to Google Workspace ... Read more...