IT Audits and planning

Topic: The purpose of this homework assignment is to learn how to audit the LAN-to-WAN domain. You will identify common risks, threats, and vulnerabilities found in the LAN-to-WAN domain. You will assess common risks, threats, vulnerabilities found in the LAN-to-WAN domain, and you will identify network and security policies needed to properly secure the LAN-to-WAN portion of the network infrastructure. You will audit and assess implementation of security controls within the LAN-to-WAN domain, and you will recommend LAN-to-WAN domain hardening solutions by implementing proper security controls at the Internet ingress/egress point within an IT infrastructure. You will use a text document to develop your homework assignment by completing the sections listed below: Lab 6.1a Review the following scenario: You are a security consultant for an information systems security firm and have a new healthcare provider client under HIPAA compliance. Your new client wants to know the requirements and business drivers for securing the LAN-to-WAN domain in its healthcare environment, which requires compliance with HIPAA. Similarly, your firm has a U.S. government DoD client who also wants you to perform a LAN-to-WAN domain compliance audit per the DoD LAN and network hardening guidelines and baseline requirements. Both organizations want you to focus on the LAN-to-WAN domain only, and you are to use the DoD-provided frameworks and STIGs previously found to summarize a network infrastructure hardening strategy. Launch your Web browser. Navigate to the following website https://public.cyber.mil/stigs/ View_and_Download_STIGs.png Review the Security Technical Implementation Guides (STIGs) available and the proper implementation of security based on DoD’s workstation/desktop hardening guidelines, i.e., Windows 10, Server 2012, Apple IOS. In your homework assignment, discuss three STIGs and the DoD’s workstation/desktop hardening guidelines. Lab 6.1b Launch your Web browser and navigate to the following website: https://www.sans.org/reading-room/whitepapers/bestprac/network-security-smb-1542 Open the .pdf file and identify the risks, threats, and vulnerabilities commonly found in the LAN-to-WAN domain. List these in your homework assignment. Using the information you learned in the homework assignment you submitted in Unit II and Internet resources, identify and review the documents available for hardening network infrastructure and the LAN-to-WAN domain as per DoD standards. List these in your homework assignment. Lab 6.1c Launch your Web browser and type in the web address https://public.cyber.mil/stigs/. View_and_Download_STIGs.png Find the STIGs for the routers and switches, network policy, firewalls and IDS/IPS, and other network devices. Use the following search criteria to find these devices: Routers Cisco_IOS_Router_STIG.png Switches Cisco_IOS_Switch_Draft_STIG_Ver1Rel0-1.png Network Policy Netwrok_Infrastructure_PolicySTIG_Ver9Rel10.png Firewall FirewallSRG_Ver1Rel4.png ISD/IPS IntrusionDetectionandPreventionSystemTechnology_SRG_Ver2Rel5.PNG Download these files from the list in the previous step. Review the following concepts from this overarching DoD standards document for network infrastructure: Enclave perimeter enclave protection mechanisms network infrastructure diagram external connections leased lines approved gateway/internet service provider connectivity backdoor connections IPv4 address privacy Firewall packet filters bastion host stateful inspection firewalls with application awareness deep packet inspection application-proxy gateway hybrid firewall technologies dedicated proxy layered firewall architecture content filtering perimeter protection tunnels Briefly discuss in these in your homework assignment. Lab 6.1d Extract the Switch Cisco Manual XML file from the Network L2 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco switches: non-registered or unauthorized IP addresses, in-band Mgt not configured to timeout in 10 min, exclusive use of privileged and non-privileged, assign lowest privilege level to user accounts, and log all in-band management access attempts. Briefly discuss these in your homework assignment. Lab 6.1e Extract the Perimeter Router Cisco XML file from the Network Perimeter Router L3 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco routers: A log or syslog statement does not follow all deny statements. DNS servers must be defined for client resolver. Running and startup configurations are not synchronized. Briefly discuss these in your homework assignment. Lab 6.1f Extract the Firewall Cisco PIX ASA XML file from the Network Firewall ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening Cisco firewalls as performed previously for switches and routers. Discuss these in your homework assignment. Lab 6.1g Extract the IDS-IPS Manual XML file from the Network IDS-IPS ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening IDS/IPS devices as performed previously for switches and routers. Discuss these in your homework assignment. Lab 6.1h Extract the Network Policy Manual XML file from the Network Policy ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening network policy as performed previously for switches and routers. Discuss these in your homework assignment. Lab 6.2 Write an executive summary on the top LAN-to-WAN domain risks, threats, and vulnerabilities, and include a description of the risk mitigation tactics you would perform to audit the LAN-to-WAN domain for compliance. Use the U.S. DoD LAN-to-WAN hardening guidelines as your example for a baseline definition for compliance. Submit the document to your instructor as a deliverable for this homework assignment. NOTE: When you submit your homework assignment, you can combine the assignments into one document for grading. Please clearly mark the answers for Lab 6.1a, Lab 6.1b, Lab 6.1c, Lab 6.1d, Lab 6.1e, Lab 6.1f, Lab 6.1g, Lab 6.1h, and Lab 6.2 within your submission by labeling those sections within your assignment.

Calculate Price


Price (USD)
$