Touchstone Task 4 – Planning Network Security Measures
Review the scenario and client expectations about Greenfield Properties.
Based on the information provided by the client, answer the following questions in 2-4 sentences each. Be sure to explain your answers in detail.
| What types of firewall systems should be used? Explain your choice. (Ref: Firewalls Technologies and Firewalls Features and Functions) |
| Greenfield Properties should consider using the network-based type of firewall system. This is because this type of firewall helps protect the private network from public networks. Also, the network-based type of firewall is essential because it is designed to protect an entire set of computers instead of just a single computer on the system (Zalenski, 2002, p. 26). |
| What switch or router settings can be used to secure network access? Suggest one method and briefly explain its benefit. (Ref: Security Filtering – Access Control List and VPN |
| One of the methods of securing the network access is using the secure sockets layer (SSL). Adopting SSL on a network is essential because it ensures that connections between a web browser and a web server are secure. As a service-independent component, SSL can secure different types of network applications. Therefore, SSL is essential because it strengthens data security, affirms the user’s identity, and necessitates PCI compliance (Zalenski, 2002, p. 31). |
| Which authentication method do you recommend for user sign-in to the network? Explain your recommendation. (Ref: User Authentication Methods) |
| I recommend the Remote Authentication Dial-In User Service (RADIUS) for user sign-in on the network. RADIUS is an authentication service that is used to verify users operating on different types of links, including but not limited to dial-up requests. The RADIUS server stores clients’ usernames and passwords, configuring connections before passing authentication requests. I recommended the adoption of RADIUS as an authentication method on the network because it necessitates storing clients’ confidential data in a central database. |
| What password policies would you recommend enforcing? Explain your recommendation. (Ref: User Account and Password Security) |
| The password policies I recommend enforcing in running day-to-day activities at Greenfield properties are automatic account lockout and password expiration. The automatic account lockout is a policy that prevents hackers from gaining illegal entry into the network when the users forget to log out from their respective accounts (Chanda, 2016, p. 14). The feature prevents a potential hacker from executing an automated script to crack the passwords of accounts. Password expiration policy dictates the duration for which the password can be used, such as between 30 and 45 days. In this regard, the grace period for which customers must reset their passwords is often limited to the specific number of login attempts. |
| How will the company protect physical access to the servers? Suggest two methods and briefly explain the benefits of each one. (Ref: Network Physical Security) |
| The two methods the company can use to protect the physical access of its servers are video monitoring and access control vestibules. Video monitoring often encompasses the installation of either IP cameras or closed-circuit television (CCTV) to perform surveillance of organizational premises. On the other hand, the access control vestibule comprises two doors. At the first door, the person seeking access to this room is first authenticated, followed by another form of verification when the person seeks to access the second door. At the second door, the verification process may be a guard who visually identifies the person in question. |
| What types of anti-malware software should be deployed? Explain your choice. (Ref: Anti-Malware/Anti-Virus Programs) |
| The two broad categories of anti-malware software that should be deployed at Greenfield properties are host- and server-based anti-malware. Host-based anti-malware would give the organization total control over the entire process despite requiring regular updates. On the other hand, server-based anti-malware may also be used because it requires little processing power, permits access to the latest malware data, and eliminates the need for continuous software updates. |
References
Chanda, K. (2016). Password security: an analysis of password strengths and vulnerabilities. International Journal of Computer Network and Information Security, 8(7), 23.
Zalenski, R. (2002). Firewall technologies. IEEE potentials, 21(1), 24-29.
Complete the order form and upload all of your files, including any instructions, rubrics, or other materials provided by your instructor. 
Complete the order payment after filling in the order form. We’ll receive your order and assign it to a writer.
The assigned writer will complete your paper and forward it to our Editing Team for review and approval.
Once approved by the editor, the completed paper will be uploaded to your account for you to download, review and approve.