The process of implementing security frequently opens one’s eyes to other forms of security not previously considered. In this two-part assignment, you should experience just that. This assignment focuses on a model of implementing security in layers, which, in many cases, requires a network that is designed accordingly.
The specific course learning outcome associated with this assignment is:
Recommend best security practices to achieve business objectives based on risk assumptions.
Design a network that incorporates the following:
One corporate site (Chicago).
All servers exist here (web server, file server, print server, mail server, FTP server).
Connection to the Internet (50 MBps).
300 employees who only need access to local corporate resources and the Internet.
One remote site (8 miles away).
20 employees who need access to all resources at corporate, plus the Internet.
Connection to the Internet (3 MBps).
Use Microsoft Visio or an open-source alternative, such as Dia Diagram Editor, to:
Create a network diagram with defense in depth in mind, citing specific, credible sources that support the design and depicting at least four-fifths of the following:
All necessary network devices (routers, switches and/or hubs, firewalls, VPNs, proxies, and others).
The interconnections between network devices.
Connections to end-user (client) devices (desktops, laptops).
Connections from the Internet cloud to the network input.
Write a 6–10 page paper in which you:
Describe the flow of data through the network, citing specific, credible sources.
Assume data begins at the remote site.
Data flow may be monitored by an IDS.
Explain all three elements of the CIA triad and how isolating by network functions helps deliver a layered approach, citing specific, credible sources that support your assertions and conclusions.
Support your main points, assertions, arguments, or conclusions with at least four specific and credible academic sources synthesized into a coherent analysis of the evidence.
Introduction The process of implementing security frequently opens one’s eyes to