After transitioning out of the military, you were contracted by a medium-sized s

Question

After transitioning out of the military, you were contracted by a medium-sized start-up company that processes credit card transactions on a daily basis. The Chief Executive Officer (CEO) and other business staff have no knowledge of network security or the threats they face. They have an open position for a Chief Information Security Officer (CISO), but have yet to fill it. Thus, they hire you for your expertise in network security, firewalls, and VPN solutions. This is a short term engagement that lasts 30 days. As the company's subject matter expert/consultant, the CEO wants a 4-6 page report at the end of your assignment. The CEO tells you they will have remote users, so firewall and VPN technologies are needed. They provide you with the following report outline to use: 1.0 Introduction 2.0 Overview of network security fundamentals, security threats, and issues (discuss from a company wide standpoint). 3.0 Detailed network security recommendations 4.0 Summary

This is a short term engagement that lasts 30 days. As the company's subject matter expert/consultant, the CEO wants a 4-6 page report at the end of your assignment. The CEO tells you they will have remote users, so firewall and VPN technologies are needed. They provide you with the following report outline to use:

Explanation / Answer

Network security fundamentals ..
(i) Maintain patches and always takes updates. Always takes operating systems and web browsers
latest updates. This will help to gain on security threats. Most likely OS, Adobe flash players and
java updates.

(ii) Always try to maintain strong passwords.
Dont use any dictionary words, nick names, family members names. Always include case sensitive
letters with combinatio of alphanumeric characters.

(iii) Keep tight security for VPN. To secure VPN data encryptiona nd indentity authentication
necessry. Maximum try to use cloud base technologies since they give advanced security.
Use best anti-virus softwares.

(iv) Always keep note on managing user access privileges.
As per user, the privileges must set. Daily check for the correct privileges among all users.

(v) Remove inactive accounts if any.

--------------------------------------------------------------------------------------------
Coming to threats and issues .. some of the major are:
(i) Attacking by worms, viruses, malwares, trojans etc ... So dailly anti virus scan must
schedule to remove any malicious programs.
(ii) Some attacks like zero hour and zero day attacks.
(iii) Attacks by hacker team..
(iv) Denial of service attacks .. this is caused by using simple key istead of strong key.
(v) Snatching the data .. so one must ensure.. password must set their system and do not share
with any one.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects