Vulnerabilities Assessment and Recommendation Document Part 1 + Part 2

You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer’s data. With your background and skills, they are looking to you to provide guidance. In addition to helping them secure their network, they require that you obtain your CompTIA Security+ certification within 60 days of being hired.

In addition to the owner, who serves as the overall business manager, there are about 20 people on staff:

➢ 10 accountants
➢ 3 administrative support specialists
➢ 1 vice president
➢ 1 financial manager
➢ 2 interns

There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project.

The firm has a simple network. There are currently 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff e mail accounts are set up through the company’s Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner is known to use his personal iPad during work hours to check and respond to e mail messages.

Prior to your hiring, they hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. They want to move away from using wireless as the primary network connection, but want to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them.

You’ve been asked to assess the current vulnerabilities and provide a recommendation to the firm’s owner on how to better secure the network infrastructure. Now that you are aware of the firm’s history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm’s owner has a basic understanding of computing, so it is important that you explain the technical issues in layman’s terms.

In this learning demonstration, you will use the TestOut Security Pro to help you understand how to identify and assess network infrastructure and pass the CompTIA Security+ certification. In order to identify your strengths and weaknesses, you will first complete the practice exams that will prepare you for the certification. The practice exam is designed to assess your preparedness for the CompTIA Security+ certification exam.

The learning materials within LabSim will help you understand the different types of vulnerabilities within a network and how to address them. As you step through each set of activities, you will submit a Vulnerabilities Assessment and Recommendation Document in three separate parts.  Use the results of the certification practice exam you took at the beginning of the class to help guide you on which areas within LabSim you should pay closer attention to. You must complete all online labs in LabSim; these are the activities with the computer mouse icon. Some of the other areas in LabSim are optional. You can complete any or all of those if you feel you need to learn more about the topics at hand.

Rubric Name: Vulnerabilities Assessment and Recommendation Document Part 1
Competencies Section 1 Level 3: 90 – 100%
Develop a vulnerability assessment based on the scenario provided This includes:

Analyzing business needs in regards to network security

Identifying current vulnerabilities

Providing scholarly references to the vulnerabilities

Articulating the vulnerabilities

Follow proper procedures and protocols in completing IT-related tasks. This includes:

Performing vulnerability assessment based on the scenario

Demonstrating the ability to make network administration or Cybersecurity decisions based on best practices and/or standard procedures/protocols

Rubric Name: Vulnerabilities Assessment and Recommendation Document Part 2
Competencies Section 2 Level 3: 90 – 100%
Assess the need for network security devices to support the business or organization. This includes:

Selecting/identifying the appropriate type of network security devices to use

Providing justifications for the selected devices

Assess the need for network services to support the business or organization. This includes:

Selecting/identifying the network services to implement

Providing justifications for the selected services

Follow proper procedures and protocols in completing IT-related tasks.

This includes:

Demonstrating the ability to make network administration or Cybersecurity decisions based on best practices and/or standard procedures/protocols

Only Part 1 & Part 2 , for Part 3 please visit here
Download immediately available after purchase