Your report should detail the following section and points below commensurate with the marks allocated and be addressed primarily to the management of CCA Pty Ltd who are not security or IT experts. Some issues may require the acquisition of new software and hardware; you should identify suitable products that could be used to resolve the issues. Your proposal should adhere to industry security best practise and produce a secure and functional network installation for CCA Pty Ltd.
Addressing Identified Issues
- Vulnerabilities should be ranked based on a simple risk assessment methodology
- Consider any necessary changes you think appropriate to the network design
- Consider any necessary changes you think to the server and client deployment
- Identify appropriate remediation for each identified issue and explain fully in language appropriate for the customer
Implicit/Unidentified Issues
- Vulnerabilities should be ranked based on a simple risk assessment methodology
- Consider any necessary changes you think appropriate to the network design
- Consider any necessary changes you think to the server and client deployment
- Identify appropriate remediation for each identified issue and explain fully in language appropriate for the customer
Policy Development
Develop basic polices need to better secure the network; as a minimum the following should be considered:
- Password Policy
- Acceptable Network Usage Policy
- Acceptable Internet Usage Policy
- Acceptable Email Usage Policy
Network Design
- Provide a detailed network diagram showing your proposal
- You may want to consider multiple diagrams to separate physical & logical components
Presentation
- Grammar & spelling
- Report format
- Overall presentation
- Appropriate referencing for a customer report
CCA Pty Ltd Case Study Information
CCA Pty Ltd are suppliers and publishers of printed media primarily for the enterprise IT training industry. Products include course manuals, test booklets and IT technology reference books.
All of their sales are currently done via e-mail or direct contact with customers.
CCA Pty Ltd has recently upgraded their Internet connection to ADSL2+ on a 250GB pcm plan in order to cater for the future possibility of having an online store.
You have been hired as a network security consultant to advise on security issues as a result of the recent re-structuring of the network. The customer would also like to investigate the option of publishing their product online and be able to receive orders via a web application. They don't need specific recommendations with respect to products but they would like some generic ideas on how to accomplish these goals.
You should have more than enough information in this brief to build a very solid set of recommendations for the customer. I would advise you to keep things as simple and easy as possible rather than trying to go into infinite detail on any one specific security issue that you discover.
In a nutshell you must deliver a set of risks that you have discovered, some remediation mechanisms for those risks, some design suggestions (both descriptively AND diagrammatically) and some policy examples and suggestions. There are quite a number of issues with this scenario that cover both technical and non-technical issues of security - you are expected to cover both in some part at least.
Pay attention to the marking breakdown detailed at the start of this brief to get an idea on how important each section is.
You may present your report in whatever way you think most appropriate but remember to keep it very professional and appropriate for dissemination to the customer.
Report Length 5000-7500 words (20-30 pages)
Attachment:- Assessment - Case Study.rar