Assignment Content
- Assume you are part of a corporate level security team and your organization has just acquired a new company. The new company will have its own information technology team reporting up through the corporate team. The company being acquired is not security savvy, so a thorough assessment will be required.
The current environment you are asked to assess includes:
- The wireless network running WEP employees often bring in their own access points because the reception is poor with the company access points.
- No security monitoring or review of security logs
- The data center has about 100 Windows servers that are patched using Microsoft Automatic Updates.
- The firewall is a Cisco PIX
- The backup strategy uses Windows built-in backup application. The backup is then sent to a main server every Friday night.
- The disaster recovery plan is to restore the server from the main backup server.
- There are no security policies or standards.
- Employees often bring in their own laptops to use for work because the company hardware running Windows 98 is outdated.
- Write a 3- to 5-page analysis for the security posture of the newly purchased company and recommendations for upgrading security procedures and measures. Complete the following in your analysis:
- Summarize the risks in the current environment, the framework used, and key risk indicators.
- Evaluate and recommend improvements for the following:
- Wireless environment
- Backup and disaster recovery strategies
- Bringing your own access point and laptop policy
- Vulnerability assessment strategy
- Security and network monitoring
- Recommend hardware and software improvements.
- Recommend security policies and standards that should be written and put into place.
- Recommend an incident response plan that would escalate up through the corporate security team.
- Format your assignment according to APA guidelines.
