Objective:
ABC Invitation Design and XYZ Invitation Printing have decided to merge into one company, A2Z Invitations. ABC is a virtual company with a proprietary website that allows customers to do some preliminary work on invitations and then consult with a designer for the final product. XYZ is a traditional company with a system that allows customers to submit designs and track their orders. It also has a contact management and invoicing system. ABC will be moving its application into the XYZ data center and will be using all of XYZ’s back end systems.
Both companies have experienced data breaches in the past and do not want to have them in the future. A2Z has hired you to do a security analysis of its new network and to recommend how it can be set up in a secure manner. It has budgeted for a capital expenditure (outside of man hours) of $250,000 for hardware and software and $25,000 every year for additional security measures.
The Statement of Work objectives are:
Perform online reconnaissance on XYZ to see what information is available to an attacker. No social engineering of employees is allowed. Use the Week 1 You Decide as the data for this section.
Perform an analysis of the current XYZ network, using the current network diagram and nmap report Diagram; NMAP and files are below.
Check the user’s password strength. Use the Week 3 You Decide as the data for this section.
Redesign of network. Current network below.
System hardening procedures for both IIS and Apache (even if they only use IIS).
Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section.
Template for future security policies.
Your paper must conform to all requirements listed below.
Requirements
Papers must be at least 5–10 pages in length, double-spaced.
Papers must include at least three references outside of the text.
Paper and references must conform to APA style, including:
cover page;
header with student’s name and page number; and
sections including Introduction, Body, and Conclusion/Summary.
Milestones
Each You Decide and other write-ups should be used as the raw material for this report. This report is the analysis of that data.
Week 1 You Decide
Week 3 You Decide
Week 5 writing assignment
NMAP Scan:
Above is the official network diagram of XYZ (pre-merger with ABC). All servers are supposed to be Windows 2003. XYZ uses a private IP internally of 192.168.x.x. Below are the results of the NMAP scan done as part of the consulting agreement with infosecwizards.
Starting Nmap 5.00 (http://nmap.org) at 2009-MM-DD 23:12 UTC Interesting ports on XYZDomainController at (192.168.0.1): Not shown: 997 filtered ports
Port
State
Service
Product
Version
Extra info
135
tcp
open
msrpc
139
tcp
open
netbios-ssn
427
tcp
open
svrloc
445
tcp
open
microsoft-ds
Service Info: OS: Microsoft Windows 2003 Server or XP SP2Interesting ports on XYZInviteDesign at (192.168.0.2):Not shown: 997 filtered ports
Port
State
Service
Product
Version
Extra info
135
tcp
open
msrpc
139
tcp
open
netbios-ssn
427
tcp
open
svrloc
445
tcp
open
microsoft-ds
Service Info: OS: Microsoft Windows 2003 Server or XP SP2Interesting ports on XYZAcct at (192.168.0.3):Not shown: 997 filtered ports
Port
State
Service
Product
Version
Extra info
135
tcp
open
msrpc
139
tcp
open
netbios-ssn
427
tcp
open
svrloc
445
tcp
open
microsoft-ds
Service Info: OS: Microsoft Windows 2003 Server or XP SP2Interesting ports on XYZprinting at (192.168.0.4):Not shown: 997 filtered ports
Port
State
Service
Product
Version
Extra info
135
tcp
open
msrpc
139
tcp
open
netbios-ssn
427
tcp
open
svrloc
Service Info: OS: Microsoft Windows 2003 Server or XP SP2Interesting ports on XYZwebsrv at (192.168.0.5):Not shown: 997 filtered ports
Port
State
Service
Product
Version
Extra info
135
tcp
open
msrpc
139
tcp
open
netbios-ssn
427
tcp
open
svrloc
1025
tcp
open
NFS-or-IIS
Service Info: OS: Microsoft Windows 2003 Server or XP SP2(The 1656 ports scanned but not shown below are in state: closed)Interesting ports on XYZChat at (192.168.0.6):
Port
State
Service
Product
Version
Extra info
22
tcp
open
ssh
80
tcp
open
Apache
111
tcp
open
rpcbind
6000
tcp
open
X11
32771
tcp
open
sometimes-rpc5
Service info: OS: Linux 2.5.25 – 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7)Service detection performed. Please report any incorrect results at http://nmap.org/submit/.Nmap done: 6 IP address (6 hosts up) scanned in 64.27 seconds
The official network diagram is the network configuration XYZ printing thinks it has for its network. It shows logical groupings of network gear, servers and workstations. Currently it has a single firewall directly connected to the main company router. All the different departments, business development, administration and invitation consulting, are connected to that router. All IT systems including those that run the printing system, accounting and invitation designs are also connected through that central router. No security systems such as IDS or VPN systems are installed on the network. As part of the project you should analyze the network diagram for strengths and vulnerabilities and report your findings back to management.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more