More and more users are using the Ken 7 Windows network

QUESTION

COM520 Written Assignment 5Assignment: Network Security ControlsAssignment RequirementsSecuring Windows networks requires recognizing potential vulnerabilities and selecting the best control toaddress that vulnerability. You as a network administrator working for Ken 7 Windows Limited have beengiven the task of reviewing the current network security policy and recommending the best networksecurity control to satisfy the policy. You can select from a short list of network security controls.For each policy statement, select the best control to ensure Ken 7 Windows Limited fulfills the statedrequirements and provide a rationale.Required ResourcesCase Scenario for Rationale: Importance of Windows Access Control and Authentication (seebelow)Worksheet: Network Security Requirements Policy (see below)Submission RequirementsFormat: Microsoft WordFont: Arial, Size 12, Double-SpaceCitation Style: APALength: 1–2 pagesSelf-Assessment ChecklistI have selected appropriate network security controls for each domain of the Ken 7 ITenvironment.I have provided rationale for my choices by explaining how each control makes the environmentmore secure.I have followed the submission requirements.COM520 Written Assignment 5Case Scenario for Rationale: Importance of Windows Access Control and AuthenticationKen 7 Windows Limited is a manufacturer of Windows for residential and commercial builders. Ken 7Windows Limited carries a variety of Windows and related products. It supplies builders with all of thetools and supplies to install finished Windows in any type of building.Ken 7 Windows Limited has just purchased a new enterprise resource planning (ERP) software packageto help control costs and increase both quality and customer responsiveness. The ERP software collectsand stores information including:• Raw material costs•Labor costs•Materials and labor requirements for products•Purchasing requirementsKen 7 Windows Limited has identified six basic roles for users in the new ERP software:• Administrators—maintain ERP data and system operation.•Planners—run planning software and generate requirements reports.•Shop Floor users —enter operational data (receiving, shipping, and product progress duringmanufacturing).•Managers—manage department personnel.•Purchasing users—generate purchasing documents based on planning requirements.•Accounting users—maintain cost and accounting data.Access controls limit what users or roles can do with different types of data. For example, consider thefollowing types of data:• Cost information—raw materials and labor costs, including the cost of finished goods.•Manufacturing details—cost, amount of labor, and time required to produce finished goods.•Purchasing requirements—rules for determining when raw materials, components, or suppliesshould be purchased.Through access control:• Cost information can be viewed only by Accounting users.•Manufacturing details can be viewed only by Shop Floor users.•Purchasing requirement can be viewed only by Purchasing users.During the analysis phase of the ERP implementation, Ken 7 Windows Limited raised concerns aboutusers being able to access restricted data.• Accounting users are able to login to shop floor computers.•Purchasing users are able to access human resource (HR) applications and data.The ERP implementation team suggested the following access control measures to protect restricteddata.• Create an organizational unit (OU) in Active Directory for shop floor computers.•Deploy Group Policy Objects (GPOs) to restrict shop floor users to the shop floor OU.•Define data access controls in the ERP software to deny access for all non-HR users to restricteddata.Implementation of several access control measures helped Ken 7 Windows Limited to restrict the dataaccess. Hence access control and authentication is important, as it helped Ken 7 Windows Limited inreducing costs and increasing profits.COM520 Written Assignment 5Worksheet: Network Security Requirements PolicySecuring Windows networks requires recognizing potential vulnerabilities and selecting the best control toaddress that vulnerability. You as a network administrator working for Ken 7 Windows Limited have beengiven the task of reviewing the current network security policy and recommending the best networksecurity control to satisfy the policy. You can select from a short list of network security controls.For each policy statement, select the best control to ensure Ken 7 Windows Limited fulfills the statedrequirements and also provide a rationale at the end of the table.Select from these security controls:a. Place a firewall between the Internet and your Web server.b. Place a firewall between your Web server and your internal network.c.Enforce password complexity.d. Implement Kerberos authentication for all internal servers.e. Require encryption for all traffic flowing into and out from the Ken 7 Windows environment.f.Separate wired and wireless network entry points into separate logical networks.g. Require all personnel attend a lunch and learn session on updated network security policies.Security policy statements:1. More and more users are using the Ken 7 Windows network to access social media sitesduring business hours, causing the network to slow down. Users should not use Ken 7network resources for social media access.2. Most Ken 7 personnel own mobile phones and PDAs that can connect to the Internet. Ken7 network administrators are concerned that personal device access may pose a securitythreat to Ken 7 network resources. Personal devices must not be allowed to connect tothe Ken 7 Windows network.3. Anonymous users of Ken 7 Web application should only be able to access servers locatedin the demilitarized zone (DMZ). No anonymous Web application users should be able toaccess any protected resources in the Ken 7 infrastructure.4. Users who print confidential reports must not be allowed to send reports to unsecuredprinters.5. Passwords should not be words found in the dictionary.

ANSWER:

REQUEST HELP FROM A TUTOR