Details of this Paper

week7

Description

solution


Question

Course Project: Security Analysis and Redesign of a Network;Objectives | Guidelines | Grading Rubrics | Best Practices | Official XYZ Network Diagram | Results of NMAP Scan;Objectives Back to Top;ABC Invitation Design and XYZ Invitation Printing have decided to merge into one company, A2Z Invitations. ABC is a virtual company with a proprietary website that allows customers to do some preliminary work on invitations and then consult with a designer for the final product. XYZ is a traditional company with a system that allows customers to submit designs and track their orders. It also has a contact management and invoicing system. ABC will be moving its application into the XYZ data center and will be using all of XYZ's back end systems.;Both companies have experienced data breaches in the past and do not want to have them in the future. A2Z has hired you to do a security analysis of its new network and to recommend how it can be set up in a secure manner. It has budgeted for a capital expenditure (outside of man hours) of $250,000 for hardware and software and $25,000 every year for additional security measures.;Guidelines Back to Top;The Statement of Work objectives are;Perform online reconnaissance on XYZ to see what information is available to an attacker. No social engineering of employees is allowed. Use the Week 1 You Decide as the data for this section.;Perform an analysis of the current XYZ network, using the current network diagram and nmap report Diagram, NMAP and files are below.;Check the user's password strength. Use the Week 3 You Decide as the data for this section.;Redesign of network. Current network below.;System hardening procedures for both IIS and Apache (even if they only use IIS).;Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section.;Template for future security policies.;Your paper must conform to all requirements listed below.;Requirements;Papers must be at least 5?10 pages in length, double-spaced.;Papers must include at least three references outside of the text.;Paper and references must conform to APA style, including;cover page;header with student?s name and page number, and;sections including Introduction, Body, and Conclusion/Summary.;Milestones;Each You Decide and other write-ups should be used as the raw material for this report. This report is the analysis of that data.;Week 1 You Decide;Week 3 You Decide;Week 5 writing assignment;Grading Rubrics Back to Top;Category Points;Recon Report;IP Addresses;Mail Servers;WHOIS;CNAME 20;Current Network Diagram Analysis 20;Quantitative Analysis Ranking of Assets 20;NMAP Analysis 20;Password Cracking Report 20;Redesigned Network Diagram 20;Web Server Hardening Procedure IIS 20;Web Server Hardening Procedure Apache 20;Security Policy Template 20;Three Complete Policies 20;Three Outside References 10;Spelling, Grammar, and APA Formatting 10;Total 220;Best Practices Back to Top;Official XYZ Network Diagram Back to Top;Image Description;Results of NMAP Scan Back to Top;Above is the official network diagram of XYZ (pre-merger with ABC). All servers are supposed to be Windows 2003. XYZ uses a private IP internally of 192.168.x.x. Below are the results of the NMAP scan done as part of the consulting agreement with infosecwizards.;Starting Nmap 5.00 (http://nmap.org) at 2009-MM-DD 23:12 UTC;Interesting ports on XYZDomainController at (192.168.0.1);Not shown: 997 filtered ports;Port State Service Product Version Extra info;135 tcp open msrpc;139 tcp open netbios-ssn;427 tcp open svrloc;445 tcp open microsoft-ds;Service Info: OS: Microsoft Windows 2003 Server or XP SP2;Interesting ports on XYZInviteDesign at (192.168.0.2);Not shown: 997 filtered ports;Port State Service Product Version Extra info;135 tcp open msrpc;139 tcp open netbios-ssn;427 tcp open svrloc;445 tcp open microsoft-ds;Service Info: OS: Microsoft Windows 2003 Server or XP SP2;Interesting ports on XYZAcct at (192.168.0.3);Not shown: 997 filtered ports;Port State Service Product Version Extra info;135 tcp open msrpc;139 tcp open netbios-ssn;427 tcp open svrloc;445 tcp open microsoft-ds;Service Info: OS: Microsoft Windows 2003 Server or XP SP2;Interesting ports on XYZprinting at (192.168.0.4);Not shown: 997 filtered ports;Port State Service Product Version Extra info;135 tcp open msrpc;139 tcp open netbios-ssn;427 tcp open svrloc;Service Info: OS: Microsoft Windows 2003 Server or XP SP2;Interesting ports on XYZwebsrv at (192.168.0.5);Not shown: 997 filtered ports;Port State Service Product Version Extra info;135 tcp open msrpc;139 tcp open netbios-ssn;427 tcp open svrloc;1025 tcp open NFS-or-IIS;Service Info: OS: Microsoft Windows 2003 Server or XP SP2;(The 1656 ports scanned but not shown below are in state: closed);Interesting ports on XYZChat at (192.168.0.6);Port State Service Product Version Extra info;22 tcp open ssh;80 tcp open Apache;111 tcp open rpcbind;6000 tcp open X11;32771 tcp open sometimes-rpc5;Service info: OS: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7);Service detection performed. Please report any incorrect results at http://nmap.org/submit/.;Nmap done: 6 IP address (6 hosts up) scanned in 64.27 seconds;Back to Top

 

Paper#70138 | Written in 18-Jul-2015

Price : $27
SiteLock