The security posture of the information systems infrastructure of an organization should be regularly monitored and assessed (including software, hardware, firmware components, governance policies, and implementation of security controls).

The monitoring and assessment of the infrastructure and its components, policies, and processes should also account for changes and new procurements in order to stay in step with ever-changing information system technologies.

The data breach at the US Office of Personnel Management (OPM) was one of the largest in US government history. It provides a series of lessons learned for other organizations in industry and the public sector. Some failures of security practices, such as lack of diligence with security controls and management of changes to the information systems infrastructure, were cited as contributors to the massive data breach in the OPM Office of the Inspector General’s (OIG) Final Audit Report, which can be found in open-source searches.

Some of the findings in the report include:your network design.

Step 1: Enterprise Network Diagram

STEP 2 Enterprise Threats

Step 3: Scan the Network

Step 4: Identify Security Issues

Step 5: Firewalls and Encryption

Step 6: Threat Identification

Step 7: Risk and Remediation

Step 8: Creating the SAR and RAR

The last part is to analyze the laps. I will provide the screenshots for the lapwork