Computer Science Homework Help

Network
Security for a Small Accounting Firm

In
addition to the owner, who serves as the overall business manager, there are
about 20 people on staff:

➢ 10 accountants

➢ 3 administrative support specialists

➢ 1 vice president

➢ 1 financial manager

➢ 2 interns

There
is also one IT support technician on staff, who has basic computer hardware and
networking knowledge. He has requested that the firm create a website, hosted
internally, so that new customers can get information about the firm. This will
be important to remember as you complete your final project.

The
firm has a simple network. There are currently 20 computers and two
multipurpose printers. All computers and printers are connected wirelessly to a
NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable
modem. Staff e mail accounts are set up through the company’s Internet
provider. Employees use a combination of Microsoft Outlook and standard web
browsers to access their e-mail. The owner is known to use his personal iPad
during work hours to check and respond to e mail messages.

Prior
to your hiring, they hired a network cabling contractor to run Cat 6 cables
from the central wiring closet to all offices and cubicles. They want to move
away from using wireless as the primary network connection, but want to keep
wireless access for customers coming to the building. The technician who did
the wiring mentioned to your supervisor that he should look into setting up a
Windows Server domain to manage user access, instead of the current
peer-to-peer network. He also recommended that the firm invest in a managed
switch and a firewall, and look into having some backups. The internal IT
support technician agreed with these recommendations but needs your help to
implement them.

You’ve
been asked to assess the current vulnerabilities and provide a recommendation
to the firm’s owner on how to better secure the network infrastructure. Now
that you are aware of the firm’s history, your assessment and recommendation
should provide specifics about the network security settings that must be
implemented and the equipment that must be procured, installed, and configured.
The firm’s owner has a basic understanding of computing, so it is important
that you explain the technical issues in layman’s terms.

To get
started, follow the steps below.

Vulnerabilities
Assessment and Recommendation Document (Parts 1-3)

Overview

You will provide a detailed
vulnerabilities assessment document, along with some specific recommendations
to implement to address the vulnerabilities you have described.

Your proposal will be submitted
in three major parts:

1.  Vulnerabilities
Assessment

2.  Network
System Security Recommendations

3.  Application/End-User
Security Recommendations

It should be written using theIEEE
citation style. To learn how you will be assessed on this assignment,
please take a moment to review therubric.

Use this as a guide while creating your
Vulnerabilities Assessment and Recommendation Document (Parts 1-3).

1. Vulnerabilities
Assessment

This section should include areas
where network security could pose security problems. Explain why these
vulnerabilities could be exploited and what the implications are if they are
not addressed. In this section, you do not need to provide specific
recommendations on how to mitigate these issues.

2. Network
System Security Recommendations

This section should include specific recommendations based on the
vulnerabilities identified in previous section. These would include procuring
new equipment or systems, and you should explain why these systems or
equipment are needed. Cognizant that the firm only has a NETGEAR wireless
router, determine what else is needed. They have Cat 6 cable running from each
work area to the central wiring closet. But those cables are just hanging from
the ceiling right now. The technician has recommended implementing a managed
switch, a firewall, and a Windows domain, as well as setting up some backups
(note: this could mean many things). Research appropriate equipment and provide
guidance on their setup as appropriate for the business.Include any
configuration information for the equipment. For example, if you are getting a
firewall, what setting(s) from a firewall should be in place for this firm?

3. Application/End-User
Security Recommendations

This
should include end-user specific recommendations such as the need for a
specific application on the end-user’s computer or a specific training or
best-practice that the user must employ. Again, explain why these are necessary
and provide the specific configuration information as needed