You may perhaps well well perhaps also very well be the cybersecurity legit for Company A and are accountable for preserving the guidelines of the company. Your roles encompass managing the company’s cybersecurity capabilities and instruments, conducting vulnerability management, and assessing grief to sensitive files. Company A has honest not too lengthy ago purchased Company B and desires to merge every networks.
Executives of Company A take into accout tasked you with making grief-essentially based choices on integrating Company B’s community with Company A’s existing community. Company B has provided its most modern vulnerability scans, community diagrams, and existing cybersecurity capabilities and instruments. As a deliverable to the executives, you are going to submit your concepts for a gradual community make that merges the 2 networks and enables distant entry for staff of every companies in the operate of a merger and implementation plot.
For this project, you are going to exhaust the given grief and the next supporting paperwork to total your community merger and implementation plot:
• “Company A Community Blueprint”
• “Company A Threat Prognosis”
• “Company B Community Blueprint”
• “Company B Vulnerability Portray and Cybersecurity Tools”
Scenario Company A is a world company essentially based in the US that operates in the monetary trade. Company A serves its customers with monetary products, a lot like checking accounts, bank playing cards, and funding products. Company A has honest not too lengthy ago purchased Company B and wants to combine with or rob away identical capabilities and instruments from Company B. Company B is smaller in size, has no dedicated cybersecurity legit position, and makes use of third-occasion make stronger for infrastructure needs. Company B supplies essentially honest correct instrument to scientific suppliers and accepts credit playing cards as a fee possibility. The executives of the newly merged company take into accout expressed passion in integrating the exhaust of the cloud to permit for scalability and redundancy. Because the safety legit of the merged networks, you are tasked with rising a gradual community make that entails the exhaust of zero belief suggestions and that makes use of every on-premises and cloud infrastructure. You also were tasked with guaranteeing compliance with all regulatory necessities of the merged company, along with utilizing cloud-essentially based technologies to fabricate security capabilities. Company executives take into accout provided a funds of $50,000 in the indispensable year to operate a gradual community make to operate the most of cloud-essentially based services and products. Necessities Your submission may perhaps well well take into accout to be your long-established work.
. A. Picture two present community security complications and two present infrastructure complications for every company, in step with trade necessities given in the grief.
B. Analyze the given community plot and vulnerability scan for every companies by doing the next: 1. Picture two existing vulnerabilities for every company. 2. Exhibit the affect, grief, and likelihood linked with every described vulnerability from allotment B1 as it pertains to every company.
C. Make a community topology plot with crucial suggestions of the proposed merged community necessities.
D. Identify the layer for all parts in the topology plot referencing the layers of the OSI mannequin and TCP/IP protocol stack.
E. Exhibit the reason for including, deleting, or repurposing community parts in the newly merged community topology plot, including crucial suggestions of how every element addresses budgetary constraints. F. Exhibit two steady community make suggestions which will be ragged in the proposed community topology plot.
G. Exhibit how the proposed merged community topology plot addresses two regulatory compliance necessities which will be relevant to the newly merged company, including the next in your clarification: • the name of the regulatory compliance requirement • why the regulatory requirement is relevant to the newly merged company • how the proposed merged community topology plot meets the regulatory requirement
H. Picture two emerging threats which will be applicable to the merged organization, including the next in the outline: • seemingly community security risks of enforcing the topology • seemingly performance impacts on the merged community after implementation of the proposed make • administer the identified seemingly security risks
I. Summarize your concepts for implementation of this proposed merged community in step with the grief and budgetary necessities, including the next in the summary: • a worth-earnings prognosis for on-premises and cloud infrastructure solutions • a justification to your concepts to implement the proposed steady merged community make
J. Acknowledge sources, the exhaust of in-textual dispute material citations and references, for dispute material that’s quoted, paraphrased, or summarized.
Okay. Demonstrate legit dialog in the dispute material and presentation of your submission.
Apply this rubric : A:BUSINESS REQUIREMENTS:The submission precisely describes 2 or extra present community security complications and at 2 or extra present infrastructure complications for every company and is aligned with the trade necessities given in the grief.
B1:VULNERABILITIES : The submission precisely describes 2 or extra existing vulnerabilities for every company. The vulnerabilities described are in alignment with the given community plot and vulnerability scan.
B2:IMPACT, RISK, LIKELIHOOD: The submission explains the affect, grief, and likelihood linked with every described vulnerability from allotment B1 as it pertains to every company. The clarification is total and in alignment with the given community plot and vulnerability scan.
C:TOPOLOGY DIAGRAM: The community topology plot with the crucial suggestions of the proposed merged community necessities is equipped. The plot is total and meets the wishes provided in the grief. MAke a desk beneath the topology for prices that encompass the entirety that we added and reveal that it stays beneath the 50k funds
D:TOPOLOGY COMPONENTS: The submission as it’ll be identifies the layer for all parts in the topology plot referencing the layers of the OSI and TCP/IP protocol stack
E:RATIONALE : The submission explains the reason for including, deleting, or repurposing community parts in the newly merged community topology plot and entails the crucial suggestions of how every element addresses budgetary constraints. The clarification is in alignment with the given grief. F:SECURE NETWORK DESIGN PRINCIPLES : The submission explains 2 or extra steady community make suggestions which will be ragged in the proposed community topology plot. The clarification clearly names the steady community make suggestions being ragged and how every principle aligns with the proposed community topology plot.
G:REGULATORY COMPLIANCE : The submission precisely explains how the proposed merged community topology plot addresses 2 or extra regulatory compliance necessities and entails the total listed parts. The regulatory compliance necessities are relevant to the newly merged company.
H:EMERGING THREATS : The submission precisely describes 2 or extra emerging threats which will be applicable to the newly merged organization and entails the total given suggestions.
I:SUMMARY RECOMMENDATIONS: The submission summarizes the concepts for implementation of the proposed merged community. The summary is logical and in alignment with the grief and budgetary necessities and entails all listed specs.
-
CompanyARiskAnalysis1.docx
-
CompanyBVulnerabilityReportandCybersecurityTools1.docx
-
CompanyANetworkDiagram.docx
-
CompanyBNetworkDiagram.docx
D482: Actual Community Originate
DHN1: Actual Community Originate Company A Threat Prognosis
PAGE 1
PAGE 2
Company A Threat Prognosis
Company A performed an interior grief prognosis in anticipation of machine integration with Company B. This grief prognosis turned into performed in step with NIST SP 800-30 Rev 1 to identify the next:
• vulnerabilities
• grief likelihood
Desk A. Threat Classifications
|
Threat Stage |
Description |
|
High |
The lack of confidentiality, integrity, or availability will be expected to take into accout a extreme or catastrophic negative enact on organizational operations, organizational resources, or folks. |
|
Moderate |
The lack of confidentiality, integrity, or availability will be expected to take into accout a valuable negative enact on organizational operations, organizational resources, or folks. |
|
Low |
The lack of confidentiality, integrity, or availability will be expected to take into accout a cramped negative enact on organizational operations, organizational resources, or folks. |
Desk B. Data Sensitivity
|
Originate of Data |
Sensitivity |
||
|
Confidentiality |
Integrity |
Availability |
|
|
Buyer PII (e.g., Account Numbers, Social Security Numbers, and Phone Numbers) |
High |
High |
Moderate |
|
Worker PII (e.g., Social Security Numbers and Worker Identification Numbers) |
High |
High |
Moderate |
|
Company intellectual property (e.g., credit scoring calculations) |
High |
High |
Moderate |
|
Marketing and advertising |
Moderate |
Moderate |
Low |
Desk C. Gadget Inventory
|
Gadget Parts |
|
|
Servers |
Home windows server 2019; position: interior SharePoint server Home windows server 2019; position: Replace server Home windows server 2012; position: Software program server Home windows server 2012R2; File server DMZ Home windows server 2012; position: FTP and external Web Server |
|
Workstations |
75 – Home windows 10 Respectable 20 – configured for distant desktop entry |
|
Switches |
4 – Cisco 3750X |
|
Firewall |
Fortinet’s Fortigate 800D NGFW |
|
Border router |
Cisco 7600 |
|
Laptops |
14 – Home windows 7 6 – Home windows 11 |
|
Wi-fi Access Points |
2 – Meraki MR28 |
|
Cable plant |
Cat5e |
Desk D. Threat Identification
|
Threat # |
Vulnerability |
Threat Likelihood |
|
1 |
Initiate ports 21-90, 3389 |
High |
|
2 |
All customers exhaust eight-character passwords |
High |
|
3 |
Particular person accounts not required are not removed |
Moderate |
|
4 |
All customers take into accout native administrative privileges |
Moderate |
|
5 |
Original password adjustments are not enforced |
Moderate |
|
6 |
Pause-of-Life Equipment in exhaust |
Low |
image1.jpeg
,
D482 – Actual Community Originate
DHN1: Actual Community Originate
PAGE 1
PAGE 2
Company B Vulnerability Portray
Company B performed this vulnerability evaluation in anticipation of machine integration with Company A. This evaluation turned into performed by a qualified third-occasion assessor, and this myth has been generated with the outcomes. This evaluation turned into performed in step with a methodology described in NIST 800-30 Rev 1 to identify the next:
· Vulnerabilities the exhaust of the CVSS mannequin
· Severity
· Likelihood of prevalence
Desk A. Threat Classifications
|
Threat Stage |
Description |
|
High |
The lack of confidentiality, integrity, or availability will be expected to take into accout a extreme or catastrophic negative enact on organizational operations, organizational resources, or folks. |
|
Moderate |
The lack of confidentiality, integrity, or availability will be expected to take into accout a valuable negative enact on organizational operations, organizational resources, or folks. |
|
Low |
The lack of confidentiality, integrity, or availability will be expected to take into accout a cramped negative enact on organizational operations, organizational resources, or folks. |
Desk B. Severity
|
Severity Stage (CVSS Model) |
Description |
|
Necessary |
· Exploitation of the vulnerability doubtless finally ends up in root-level compromise of servers or infrastructure devices. · Exploitation is steadily easy in the sense that the attacker would not need any special authentication credentials or info about particular particular person victims and would not settle on to lead a target consumer, to illustrate, via social engineering, to operate any special functions. |
|
High |
· The vulnerability will not be easy to exhaust. · Exploitation may perhaps well well perhaps cease in elevated privileges. · Exploitation may perhaps well well perhaps cease in valuable files loss or downtime. |
|
Medium |
· Vulnerabilities that require the attacker to manage particular particular person victims via social engineering ways. · Denial of service vulnerabilities which will be not easy to plot up. · Exploits that require an attacker to live to mutter the tale the identical native community because the victim. · Vulnerabilities the attach exploitation provides easiest very cramped entry. · Vulnerabilities that require consumer privileges for a hit exploitation. |
|
Low |
Exploitation of such vulnerabilities customarily requires native or bodily machine entry and would take into accout minute affect on the organization. |
Desk C. Stage of Effort
|
Stage of Effort |
Description |
|
High |
This requires a high level of dedicated effort from one or extra groups on serious programs, including patching, a pair of configuration adjustments, or extremely technical adjustments that grief bringing services and products down. |
|
Moderate |
Right here is a medium-level effort that requires substantial dedication from a partial or total group. This might perhaps well perhaps affect services and products or plot off a partial outage. |
|
Low |
These are particular particular person or miniature group efforts on the total requiring a minimal time dedication and require working an update or remedial reveal or series of commands that’s not going to affect production services and products. |
Desk D. Gadget Inventory
|
Gadget Parts |
|
|
Servers |
Virtualized farm working on Hyper-V (2 hosts). Home windows Server 2019 and Ubuntu Linux. Approximately 20 virtualized servers (all the plan in which via the 2 hosts), including the next roles: · (Ubuntu Linux) FTP server for EDI Incoming Operations · 3x Area Controllers (1 ragged for M365 identification sync) · 1x File Storage/Server · 1x Ruby On Rails server · 3x ElasticSearch servers (cluster) · 5x web application servers (Ubuntu Linux cluster, 1x PostGRESQL, 1x MariaDB SQL, 3x working nginX Plus wreverse caching proxy, 1x working Apache Tomcat, PHP 8, web hosting SSL/TLS certificates) · 4x Distant Desktop Servers for interior shared/purposes · 2x legacy Replace servers (submit-migration) |
|
75 Workstations |
Home windows XP, 7, 10/11 Respectable, Ubuntu Linux, MacOS |
|
Switches |
HPE JL262A Aruba 2930F 48G PoE+ |
|
Firewall |
2x Sophos XG firewalls |
|
Border router |
Verizon FIOS router (CR1000A) |
|
Laptops |
Home windows 10, 11, Ubuntu 22.04 LTS, MacOS (Ventura, Monterey, Mountainous Sur) |
|
Wi-fi Access Points |
10x HPE JZ337A Aruba AP-535 |
|
Cable plant |
Cat6a |
Desk E. Threat Identification
|
Threat # |
Vulnerability (NVT Name) |
NVT OID |
Severity |
Threat |
Stage of Effort |
|
1 |
Allotted Ruby (dRuby/DRb) More than one Distant Code Execution Vulnerabilities |
1.3.6.1.4.1.25623.1.0.108010 |
Necessary |
High |
High |
|
2 |
MFA not enforced all the plan in which via all customers |
High |
High |
High |
|
|
3 |
Rexec service is working |
1.3.6.1.4.1.25623.1.0.100111 |
High |
High |
Low |
|
4 |
All customers take into accout native administrative privileges |
Medium |
Moderate |
High |
|
|
5 |
Java RMI Server Skittish Default Configuration Distant Code Execution Vulnerability on publicly-coping with server |
1.3.6.1.4.1.25623.1.0.140051 |
Necessary |
High |
Moderate |
|
6 |
Working Gadget (OS) Pause of Life (EOL) Detection |
1.3.6.1.4.1.25623.1.0.103674 |
Necessary |
High |
Low |
|
7 |
rlogin Passwordless Login |
1.3.6.1.4.1.25623.1.0.113766 |
High |
Moderate |
Low |
|
8 |
Apache Tomcat AJP RCE Vulnerability (Ghostcat) |
1.3.6.1.4.1.25623.1.0.143545 |
Necessary |
High |
Moderate |
|
9 |
PostgreSQL dilapidated password |
1.3.6.1.4.1.25623.1.0.103552 |
High |
High |
Low |
|
10 |
PostgreSQL admin is reachable from web |
Necessary |
High |
Low |
|
|
11 |
VNC Brute Force Login |
1.3.6.1.4.1.25623.1.0.106056 |
High |
High |
Low |
|
12 |
FTP Brute Force Logins Reporting |
1.3.6.1.4.1.25623.1.0.108718 |
High |
High |
Low |
|
13 |
phpinfo() output Reporting |
1.3.6.1.4.1.25623.1.0.11229 |
High |
Moderate |
Low |
|
14 |
vsftpd Compromised Offer Functions Backdoor Vulnerability |
1.3.6.1.4.1.25623.1.0.103185 |
High |
High |
Moderate |
|
15 |
rsh Unencrypted Cleartext Login |
1.3.6.1.4.1.25623.1.0.100080 |
High |
Moderate |
Moderate |
QUALITY: 100% ORIGINAL PAPER – NO ChatGPT.NO PLAGIARISM – CUSTOM PAPER  Looking for unparalleled custom paper writing services? Our team of experienced professionals at AcademicWritersBay.com is here to provide you with top-notch assistance that caters to your unique needs. We understand the importance of producing original, high-quality papers that reflect your personal voice and meet the rigorous standards of academia. That’s why we assure you that our work is completely plagiarism-free—we craft bespoke solutions tailored exclusively for you. Why Choose AcademicWritersBay.com?
Our Process: Getting started with us is as simple as can be. Here’s how to do it:
AcademicWritersBay.com is dedicated to expediting the writing process without compromising on quality. Our roster of writers boasts individuals with advanced degrees—Masters and PhDs—in a myriad of disciplines, ensuring that no matter the complexity or field of your assignment, we have the expertise to tackle it with finesse. Our quick turnover doesn’t mean rushed work; it means efficiency and priority handling, ensuring your deadlines are met with the excellence your academics demand.  |