A) Your CISO asks you to review the seven domains of the typical IT infrastructure, and describe how you will 1) reduce the attack surface with what hardening steps and network security management best practices, 2) ensure secure authentication, authorization, and accounting, and 3) prevent or respond to intrusions.
B) Your CISO was very happy with the recommendations that you made above. They have accepted your recommendations as valid, but have requested additional information on the firewall solution. The CISO is now asking for 1) firewall best practices that you will implement to ensure confidentiality, integrity, and availability, 2) the best firewall to support his requirement for detailed logging, 3) the firewall type, and 4) your plan for managing it.
C) Two more weeks have passed and your CISO is excited about implementing the new controls and solutions that you've recommended above. Your detailed analysis of the operational environment and alignment of security solutions to the business mission and goals was spot on! You have gained confidence in the CISO and board of directors, and they've identified additional funding that may be applied towards security. You have asked to implement VPNs year over year, and the CISO proudly tells you that it is now possible with the additional funding. He asks you to describe the best practiA.) Your CISO asks you to review the seven domains of the typical IT infrastructure, and describe how you will 1) reduce the attack surface with what hardening steps and network security management best practices, 2) ensure secure authentication, authorization, and accounting, and 3) prevent or respond to intrusions.
1. Describe VPN "best practices"
2. Describe the issues involved with deployment, placement, and implementation of a VPN.
3. Describe the threats and attacks against VPNs.
4. Contrast hardware and software VPN solutions.
5. Describe VPN protocols, their uses, features, and problems.
6. Describe methods to manage firewall performance.
7. Define what would go in a firewall policy.
8. Describe various firewall security strategies.
9. Define the pros and cons of reverse proxy and port forwarding.ces that you will use to implement the VPN solution, threats and exploits, and the technology that you recommend implementing.