Security Management Document

Security Management Document

Week 1: Introduction to Information Security

Company Profile

The digital age necessitates information security. As companies grow, they should secure sensitive data in line with their expanding customer base. Alpha Solutions is a creative and knowledgeable consulting organization. The firm is a software vendor and service provider that serves customers in banking, health care, and technology in a busy town. Alpha Solutions has skilled employees who provide quality services to clients, hence attracting customers. Nonetheless, this growth presents many difficulties related to information asset security for the company.

Need for Information Security and Potential Risks

Security of Information at Alpha Solutions: The company places high value on information security through its management of private business strategies, financial documents, and even employee or client files. The absence of proper security measures leads to several exposures, like data breaches, which can damage an organization’s brand name, finances, and legal frameworks when confidential information becomes exposed (Soomro et al., 2016). Ongoing threats, from malware attacks to phishing schemes, can wipe out both a business’s operations and reputation. General Data Protection Regulation (GDPR) and HIPAA (Health Insurance Portability and Accountability Act) violations can also worsen the impact of a breach. Furthermore, the number of personnel has increased accidental or deliberate internal security threat risks. Despite Alpha Solutions having management issues, information security investment results in many benefits, such as building trust with clients, adhering to privacy laws, and gaining a competitive advantage over other participants in the market.

New Challenges with On-site Consultant Project

As the company initiates another program that would make consultancy possible instantly on-site, it comes with more hurdles. The project aims to give external access to internal resources, which necessitates building strong network securities. Firewalls and intrusion detection systems can be used, as well as encryption (Franco et al., 2022). Additionally, virtual private networks and multi-factor authentication are some of the vital measures for preventing illegal access while strengthening defenses. Endpoint security protocols should be implemented in order to manage laptops and mobile phones used by on-site consultants. Thus, these antivirus applications’ endpoint detection response technologies and device encryption are tools that facilitate maintaining safe data without leakage and protection from infections. Risk mitigation calls for stronger access control data encryption and data loss prevention strategy that supports regulatory compliance.

Challenges with Recent IPO

IPO in Alpha Solutions introduces a new set of challenges. The company must change compliance approaches in the face of scrutiny by regulators, shareholders, and investors (Zhang, 2016). This requires strict oversight that reassures investors, thorough reporting processes, and better observance. When it comes to the company’s financial situation, meeting shareholders’ expectations and regulatory costs matter a lot. However, it is difficult to strike a balance between investments in information security infrastructure, personnel, and training against financial constraints. Any security breach or default on compliance could tarnish the reputation of Alpha Solutions and undermine its market value and long-term sustainability.

The growth and innovation of Alpha Solutions has been consistent. On-site consultation projects and recent IPOs will help this company deal with growing challenges. Thus, strong protective measures ensure that every employee follows all privacy guidelines regarding Alpha Solution’s assets and how they can be protected from modern hackers who are more connected due to advanced technology, including global online business activities that are undeniably more regulated now than before the Internet was created; thus clients are also increasingly aware of confidentiality. Accordingly, this suggests that customer loyalty program satisfaction, production efficiency, and companies’ reputations could be affected both positively and negatively due to the lack of appropriate controls around such critical infrastructure.

Week 2: Security Assessment

Description of Typical Assets

By virtue of its engagement in sectors like banking, healthcare, and technology, Alpha Solutions is a custodian of a wide array of sensitive data and information systems. This includes customers’ and employees’ personal information, financial information, medical records, and business information. Software assets include CRM (customer relationship management) systems, ERP (enterprise resource planning) systems, data analysis platforms, and security software. The hardware assets, which are essential for the deployment of these software tools, include servers, workstations, mobile network equipment, and end devices can also be mentioned. Finally, the company has network assets; these include internal and external connections, cloud services, and VPN remote access. Alpha Solutions uses these necessary resources to achieve its goals, making it a prime target of cyber attacks.

Current Risks with No Network Segregation

Alpha Solutions’ lack of network segregation exposes it to critical security vulnerabilities. In the monolithic network model, all areas (even sensitive areas) can be accessed when an attack occurs within the walls of the system. This increases internal risk and even a single failure event that could cause catastrophic damage throughout the organization’s entire system (Kallatsa, 2024). There is also no doubt that this configuration violates GDPR and HIPAA because these regulations strictly restrict access to sensitive information or protection. The consequences of non-compliance are severe and can lead to legal and financial penalties that can have long-term consequences for such organizations.

Risks Introduced by the New Consultant Network

The new consultant network, which allows consultants to access servers remotely, may introduce additional vulnerabilities. This network expansion increases the organization’s attack surface by introducing new ways through which unauthorized outsiders can access the system. These risks include network breaches, where attackers can use strategic instructions to gain access to critical internal systems; data interception that threatens information privacy and integrity during transmission; and device compromise, whereby unsecured consultant devices could be turned into entry points for malware or other malicious agents into the company’s main network structure (Malecki, 2020).

Testing for Risk and Conducting a Security Assessment

To overcome these issues, Alpha Solutions must use a security program that includes testing vulnerability against all weak points in the network and connected devices. Scanning could be used to detect weaknesses and simulate attacks. Compliance auditing with applicable laws and standards should also be done by detecting events and malfunctions in the security architecture and tracking their analysis. Finally, insider threat analysis should be conducted as a way to prevent or minimize negative or intentional behavior by insiders (Scarfone et al., 2018). These activities are essential in understanding the company’s security and helping to find solutions.

Risk Mitigation

The subsequent risk reduction phase follows strategic actions to increase the organization’s security against threats. These include using network segmentation techniques to isolate essential parts of the network, using secure remote access methods such as VPNs and multiple authentication methods with solid encryption methods known to external consultants, and improving the ultimate security by using the latest antivirus software to prevent access. Intrusion detection systems and device encryption should also be implemented. Creating a system for regular updates and field control to combat known vulnerabilities is also essential. This is accomplished by regularly training employees and consultants so that everyone understands the importance of IT threats. Finally, creating an incident response plan supported by ongoing testing will prepare organizations to effectively respond to cybercrime or recover when a security breach occurs.

An analysis of security findings shows that Alpha Solutions’ information systems currently face significant issues that need to be addressed immediately and offer opportunities for improvement. Therefore, by carefully determining risky assets, determining the nature and potential threats, and implementing effective risk prevention strategies such as segmentation strategies, the company can protect its core assets and adhere to standards when managing customer experience. The sustainability of information security is not a legal obligation but is an integral part of the company’s long-term survival in today’s business world.

Week 3: Access Controls and Security Mechanisms

Alpha Solutions, a consultancy firm in banking, healthcare, and technology, struggles to manage employee access to information systems. As the organization grows and adds new initiatives like the consultant network, robust access control is essential. This section will outline Alpha Solutions’ system access control methods and tactics for protecting the new consultant network and sensitive data.

Access Control Mechanisms for Various Systems

Financial Systems

Alpha Solutions handles sensitive financial data. Hence, robust security measures must be used. Role-Based Access Control is a simple technique to limit access to finance systems by applying authorizations depending on the job category (Samarati & de Vimercati, 2017). Every authorized person, from finance directors to accountants, should have access to these financial systems to execute their tasks successfully. Others should not interact with such sensitive financial information. Two-factor authentication (2FA) prevents unauthorized login even if credentials are stolen by requiring two forms of authentication before access.

CRM Customer Relations Management 

CRM systems need efficient and secure access control procedures to prevent data leaks and misuse. Only sales and support staff who need this technology to work more efficiently should have Role-Based Access Control (RBAC) permission to use it. Instead, Attribute-based Access control (ABAC) can authorize users based on user role, location, or time of day. This technique is incredibly granular, allowing Alpha Solutions to clearly express users’ access privileges while protecting customer data.

ERP Enterprise Resource Planning 

Alpha Solutions relies on its integrated resource planning (ERP) system to manage company processes and workflows. Access control for ERP systems needs to carefully balance data security against departmental collaboration. One option is to implement an RBAC architecture that allows ERP module access based on job roles and functions. In this case, HR might access personnel data while purchasing can view supply chain details. An alternative is role-based encryption, which encodes classified ERP material so that only authorized users are permitted to decrypt it. The idea here is to protect vital commercial information within the corporation that could be leaked through unauthorized sources, thus breaching regulatory guidelines.

Protecting the New Consultant Network through Access Control

Securing this new consultant network will be more difficult because external consultants need access to corporate resources, but at the same time, they must avoid exposing sensitive data to them. Alpha Solutions may also use access control and network security as mitigation measures for this.

Network Segmentation

To minimize exposure to the corporate network or prevent any cases of a security breach, network segmentation isolates the consultant’s network from the rest of the company’s computers or systems. Alpha Solutions could split its network and use Access Control Lists (ACLs) to manage traffic flows between segment networks, thus limiting unauthorized passage and protecting essential information (Tourani et al., 2017).

Secure Remote Access

Consultants’ remote connections can be secured using VPN technology for data transmission encryption purposes in order to authenticate secure communication transmissions over public networks with limited authorized user accessibility rights only through robust enabler mechanisms put in place by Alpha Solution IT team members. Notably, multi-factor authentication tools can help reduce losses attributed to thefts involving confidential client records.

Intrusion Detection and Prevention Systems (IDPS)

Alpha Solutions IDPS implementations detect consultant intrusions/malicious activities within their networks. This ensures a more secure environment for everyone involved, whether it is an individual computer or a whole consulting service provider system being attacked by online criminals who have managed to break into victimized parties’ accounts. The goal is to have a network that can be monitored in real time and be able to respond automatically to security threats before they escalate, leading to potential dangers (Tourani et al., 2017).

Single Sign-On (SSO) and Virtual Private Network (VPN) Technology

Single-Sign-On

Single sign-on (SSO) allows clients to use the same login credentials for multiple applications/systems, hence simplifying the authentication process, reducing password fatigue, and minimizing weak password problems (Cakir, 2013). Therefore, integrating SSO with Identity and Access Management (IAM) makes vendor access control contracts more efficient while allowing Alpha Solution users to work faster even though there are security issues, such as reliance on single points of failure.

VPN Technology

VPNs encrypt and secure crucial data as they travel across public networks. When a user’s device and the company’s network are encrypted by VPN, unauthorized parties cannot intercept or listen to sensitive data (Tourani et al., 2017). Since VPN technology allows secure remote access for employees and consultants’ Alpha Solutions, it might be useful when remote workers need to access internal resources. For VPN vulnerabilities and data breaches to be reduced, VPN infrastructure must be properly configured and maintained.

Conclusion

Each information system needs a customized access control approach to secure sensitive data, comply with regulations, and prevent security threats. Alpha Solutions could improve its security by using access control mechanisms like RBACs, ABACs, VPNs, and SSOs to protect the privacy of new consultant network stakeholders, especially customers who need their personal information kept private. Alpha Solutions also protects critical company assets from growing cyber threats by using network security solutions like network segmentation and IDPS.

Week 4: Security Policies, Procedures, and Regulatory Compliance

Alpha Solutions, a banking, healthcare, and technology consultancy firm, faces increased data security concerns post-IPO. Regulatory compliance, however, becomes very important as the IPO requirements tighten. This section concerns regulatory requirements that Alpha Solutions must meet to protect data at rest or in motion through its policies, processes, and controls.

Regulatory Requirements Introduced by the IPO

The initial public offering (IPO) subjects Alpha Solutions to strict financial transparency and data security demands. An IPO rule of significance is the Sarbanes-Oxley Act (SOX) compliance. In order to protect the public and investors from corporate accounting errors and fraud, SOX prescribes stringent financial reporting and transparency guidelines. According to Millar (2011), SOX requires strong internal controls, clear financial reporting, and accurate record-keeping.

Policies Required by Alpha Solutions

1. Data Access Control Policy: The policy ensures that only authorized personnel can access sensitive information through governing access to resources and revocation of such rights. When adhered to, these rules prevent unauthorized access through role-based access control (RBAC) implementation and regular access checks.
2. Data Encryption Policy: This policy ensures that only authorized individuals read it by encrypting data in transit from one place to another or while at rest. It does so by providing encryption algorithms together with crucial management approaches that may be used in dealing with a compromise on any given data (Chen & Xie, 2010).

• Data Retention and Disposal Policy: Here, the organization stipulates how long each category of information should be held before its secure elimination takes place. Complying with legal and regulatory retention standards for information reduces breaches from stale or unnecessary files.

1. Incidence Response and Reporting Policy:T his policy outlines steps for recognizing security issues, monitoring systems, and informing stakeholders during an incident of breach. It sets out roles for employees in detecting threats or vulnerabilities towards confidentiality and integrity of systems and channels for communicating to relevant authorities.
2. Vendor Risk Management Policy: Alpha Solutions reduces supply chain risks and data breaches by doing security posture assessments and managing third-party vendors. This involves vendor due diligence, contract negotiations, and security monitoring.

Controls to Implement

1. Access Controls: Alpha Solutions should use RBAC and MFA to limit unauthorized access to sensitive information. For organizations that are so strict with their access policies, it may minimize the occurrence of internal threats or unauthorized disclosures occasionally.
2. Encryption Controls: To prevent interception or unwanted access, data in motion must be encrypted alongside data at rest. Even when there is hacking, encrypting vital information maintains privacy within Alpha Solutions.

• Monitoring and Logging Controls: The enterprise can detect dangers by monitoring records of access, traffic on the network, or actions carried out by the system; thus, it can neutralize them. Although comprehensive monitoring and logging controls are time-consuming processes on the part of Alpha Solutions, they become helpful during the identification of security incidents as well as subsequent response mechanisms.

Protecting Data in Motion and at Rest

While data in motion is transmitted between computers through a network, data at rest stays dormant; it is stored in databases like file systems. To achieve protection against unauthorized decryption when stored without a key, Alpha Solutions should utilize encryption alongside user role-based permissions restricting sensitive data’s disclosure or usage. Tokenization hides personally identifiable data using non-sensitive placeholders, while anonymization masks sensitive information (Elsenpeter et al., 2011).

Encryption, secure communication, and network segmentation will help Alpha Solutions protect moving data such as this one. Data transmission requires that transmissions have an encrypted form so that unauthorized persons do not get hold of it. Secure communication technologies like TLS or SSL prohibit data eavesdropping and tampering during transmission. These implementations segment a network into zones, enabling more robust securities to be applied to the sensitive data traffic and prevent unauthorized access.

Alpha Solutions can protect its data by adhering to IPO regulations and having robust security policies, procedures, and controls. The compliance with SOX, as well as efficient data in motion and at rest security procedures, improve the company’s safety and the trust of stakeholders and investors.

Week 5: Network Security

Appropriate Network Infrastructure

Configuring the intranet and projected expansions is crucial for network security. Network architecture needs zones or segments with different functionalities and security demands (Kallatsa, 2024). User LAN stores staff devices for daily work, while server LAN stores crucial data and applications. Web and email servers should be hosted in DMZ segments. Firewalls and ACLs should partition traffic and block undesirable access. Next-generation firewalls, or NGFWs, should be positioned carefully throughout the network architecture. These NGFWs filter incoming and outgoing traffic at the network perimeter and between segments to enforce security policies and detect all advanced threats. Deep packet inspection, intrusion prevention, and application-layer filtering help NGFWs detect cyber threats. Malware infections, unwanted access attempts, and data exfiltration can be identified in application layer traffic, improving network security.

A reliable VPN should be implemented to let authorized users connect securely from anywhere. VPNs encrypt data between local employees’ machines and the corporate network. VPNs prevent critical data leaks by demanding authentication and encrypting communication between remote workers outside business premises. IDS/IPSs are crucial for suspicious network traffic monitoring. IDS solutions analyze real-time packets to find anomalies or send notifications on suspicious activities in the system being used, while IPS complements IDS by automatically blocking or minimizing threats so no damage can occur along such networks without human intervention at all stages of operation and implementation, though such measures may sometimes increase. In addition, IDS/IPS systems at critical locations can recognize and respond to cyber threats, minimizing the likelihood of security breaches or data compromise.

Network Access Controls (NACs) and Role Based Access Controls (RBACs) are essential for restricting network resource access to approved users and devices. These should be configured on the network. Users cannot access sensitive data or crucial systems due to their work duties and authorization. Network Admission Control checks devices for compliance before letting them on the network, allowing only secure and properly configured devices. Network infrastructure is protected from unauthorized access by access enforcement.

Network Diagram

Figure 1

A Diagram of the Network Architecture

 

The network design shows a secure, isolated infrastructure built for Alpha Solutions. The diagram starts a next-generation firewall (NGFW) at the edge of the networks to combat internet threats. Through intrusion prevention and deep packet inspection, the NGFW prevents malicious conduct. One of the primary goals of the company is to host public-facing services securely. A demilitarized zone (DMZ) of web and email servers hosts public-facing services. These servers are protected from security vulnerabilities that could compromise corporate networks by DMZ firewalls. This network infrastructure has user and server LAN segmentation for essential resource protection and control. User workstations browse the Internet on user LAN, whereas data servers contain critical company data. Every LAN segment has its own firewall to prevent unauthorized entry by any means. The diagram also shows the VPN concentrator needed by remote workers for secure access. VPN concentrators encrypt internet tunnels between remote users’ PCs and the company’s intranet. Finally, IDS/IPSs monitor the network for odd activity and take proactive measures to stop or mitigate threats. The organization can protect data confidentiality, integrity, and availability and reduce security breaches and cyber assaults by integrating these security measures into the network architecture.

Access Controls

Access controls protect firm infrastructures by regulating network resources. Effective access controls authenticate users, authorize roles and permissions, and enforce security policies. The following are access controls for infrastructure effectiveness to ensure that devices and the topology are effective and working to protect the company infrastructure.

1. Network User and Device Authentication: The organization should implement strong authentication. Passwords, biometrics, smart cards, and multi-factor authentication (password and mobile code) should be used.
2. Authorization Policies: This involves giving access based on organizational roles, responsibilities, and permissions. RBAC grants privileges to roles and assigns jobs based on job descriptions (Samarati & de Vimercati, 2017). The organization must frequently evaluate its permission procedures to allow personnel into places they need for their jobs without allowing undesired access.
3. Network Access Control (NAC): NAC solutions check device compliance before accessing networks to enforce security standards. Along with security configurations, it checks for antivirus software updates and operating system patches. NAC reduces malware and other hazards by blocking unlawful or insecure devices.
4. Access Control Lists (ACLs): Control network traffic by denying or allowing access to certain resources. ACLs restrict IP addresses, port numbers, and protocols on routers, switches, and firewalls. As firm security and access regulations change, ACLs should be evaluated often.

Continuous monitoring and auditing should be implemented to preserve control system efficiency. This includes monitoring user authentication and network data access attempts. Network traffic anomalies can also help enterprises identify insecure data kept on network premises, preventing data loss due to theft. Security audits and compliance assessments can find security problems. Monitoring access activities helps firms identify and fix security vulnerabilities, preventing unauthorized entrance and data leakage. Firm infrastructure needs regular device and network topology testing and inspection. These usually involve vulnerability scanning, penetration testing, or fast access control audits. Also, staff training should cover the best techniques to secure information by limiting access. Secure access controls and regular evaluation would improve the organization’s security.

IDS and IPS

Need for Intrusion Detection Systems (IDSs)

Organizations seeking cybersecurity must use Intrusion Detection Systems (IDSs). IDS monitors system logs for trends that may indicate system integrity violations (Mahboub et al., 2021). Signature-based detection, behavior analysis, and heuristics let IPS detect zero-day assaults and new malware. Organizations must deploy IDSs to comply with HIPAA and other confidentiality rules. IDSs also help prevent insider threats, including unauthorized logins and privileged account usage, reducing internal and external risks.

Moreover, Intrusion Prevention Systems (IPSs) add protection beyond detection to IDS. IPS automatically blocks kinetic threats, decreasing cybercrimes such as data breaches. Signature-based IPS combats known threats, whereas behavioral analysis and heuristics forecast day-zero attacks like new malware. Additionally, firewalls and antivirus software leverage IPSs, improving corporate security. Therefore, IPSs are essential for current cybersecurity due to their various defensive layers that can protect against many cyberattacks.

Need for Intrusion Prevention Systems (IPSs)

Recent advances in IDS and IPS technologies have increased efficiency. Using machine learning algorithms and behavioral analytics, IDSs and IPSs can find tiny network security vulnerabilities and user behavior patterns. IDSs and IPSs use threat intelligence feeds to detect and stop malicious traffic (Mahboub et al., 2021). Cloud-based threat detection and prevention systems are scalable and flexible to accommodate cloud computing growth. Integrating Endpoint Detection and Reaction (EDR) systems with network-based threat indicators gives end users holistic IT infrastructure visibility and reaction. These advancements show that IDS and IPS technologies are changing and vital to cyber security.

Effective IDS and IPS Use

IDSs and IPSs should be planned, installed, monitored, and changed to support network operations. First, this comprises full perimeter coverage by installing IDSs or IPSs at important internal segments and endpoint locations to guard against various threats. Second, risk tolerance is important when setting up an IDS or IPS system so as to cover all security needs adequately. Accordingly, this provides a foundation for choosing detection/prevention rules, sensitivity levels, and response actions (if any) through our organization’s security policy/threat landscape.

Continuous monitoring and analysis of IDS and IPS alerts help identify and respond to threats. Security staff must carefully analyze warnings and investigate suspicious conduct before it becomes a security problem. Threat monitoring, analysis, and incident response are coordinated by Security Operations Center (SOC) integration. Integration with external threat information feeds improves IDS/IPS detection by exposing new hackers or proven attack strategies. All IDS/IPS systems need regular upgrades and maintenance. Systems must be updated constantly with software patches/security signatures to resist new threats. Essentially, effective IDS and IPS use requires incident response planning and training. Security teams must be adept at alert interpretation, incident investigation, and response. Cybersecurity exercises and simulations should be performed to test the security response plans and prepare organizations for security incidents. These methods and best practices help organizations employ IDSs and IPSs to improve cybersecurity, identify and prevent threats, and reduce network operational security breaches.

References

Cakir, E. (2013). Single sign-on: Risks and opportunities of using SSO (Single Sign-On) in a complex system environment with a focus on overall security aspects.

Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In 2012 international conference on computer science and electronics engineering (Vol. 1, pp. 647–651). IEEE.

Elsenpeter, R., Velte, A. T., & Velte, T. J. (2010). Cloud Computing, A Practical Approach. Fl, United States: Osborne-mcgraw-hil.

Franco, M. F., Lacerda, F. M., & Stiller, B. (2022). A framework for the planning and management of cybersecurity projects in small and medium-sized enterprises. Gestão e Projetos: GeP, 13(3), 10-37. http://dx.doi.org/10.5585/gep.v13i3.23083

Kallatsa, M. (2024). Strategies for network segmentation: A systematic literature review. JYX. http://urn.fi/URN:NBN:fi:jyu-202401221445

Mahboub, S. A., Ahmed, E. S. A., & Saeed, R. A. (2021). Smart IDS and IPS for cyber-physical systems. In Artificial intelligence paradigms for smart cyber-physical systems (pp. 109-136). IGI Global.

Malecki, F. (2020). Overcoming the security risks of remote working. Computer Fraud & Security, 2020(7), 10–12. https://doi.org/10.1016/S1361-3723(20)30074-9

Millar, J. A., & Wade Bowen, B. (2011). Small and large firm regulatory costs: The case of the Sarbanes‐Oxley Act. Corporate Governance: The international journal of business in society, 11(2), 161–170.

Samarati, P., & de Vimercati, S. C. (2017). Access control: Policies, models, and mechanisms. In International school on foundations of security analysis and design (pp. 137-196). Berlin, Heidelberg: Springer Berlin Heidelberg.

Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2018). Technical guide to information security testing and assessment. NIST Special Publication, 800(115), 2–25. https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=152164

Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225. https://doi.org/10.1016/j.ijinfomgt.2015.11.009

Tourani, R., Misra, S., Mick, T., & Panwar, G. (2017). Security, privacy, and access control in information-centric networking: A survey. IEEE communications surveys & tutorials, 20(1), 566–600.

Zhang, C. (2016). A study on cybersecurity start-ups: A financial approach to analyze industry trends, entrepreneurship ecosystems and start-up exits (Doctoral dissertation, Massachusetts Institute of Technology). http://hdl.handle.net/1721.1/104506.

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

---

Week 1: Introduction to Information Security
This section will describe the organization and establish the security model that it will use.
Week 2: Security Assessment
This section will focus on risks that are faced by organizations and how to deal with or safeguard against them.
Week 3: Access Controls and Security Mechanisms
This section examines how to control access and implement sound security controls to ensure restricted access to data.
Week 4: Security Policies, Procedures, and Regulatory Compliance
This section will focus on the protection of data and regulatory requirements that the company needs to implement.
Week 5: Network Security
This section combines all of the previous sections and gives the opportunity to examine the security mechanisms that are needed at the network level.
Include cover, outline, abstract, and Reference pages.
The case study company has expressed a desire to have a secure company-wide network infrastructure. Because the network has to be re-evaluated from the beginning, the company wants to ensure that the new network has as many reasonable security controls and mechanisms in place. What solutions can you propose to support these initiatives? Create the following section for Week 5:

Week 5: Network Security
Propose an appropriate network infrastructure that offers sound security practices for the existing intranet and the new proposed expansion.
Create and describe a diagram of the network architecture, discussing how it can meet the goals of the company.
Describe the access controls and how the company can ensure that devices and the topology are effective and working to protect the company’s infrastructure.
Review and describe the need for intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) based on research of the latest elements of intrusion detection and prevention available.
Discuss how they can effectively be used in a network operations setting.
Ensure that there is an appropriate use of the IDSs and IPSs in the network diagram.
Section 5 should be 4–5 pages long (2–3 pages of network topology, 1–2 pages of IPSs and IDSs).
Name the document “CS651_FirstnameLastname_Final.doc.”
As a final deliverable to the management team, create a PowerPoint presentation that summarizes the solutions outlined in the Key Assignment template. In addition, describe why the proposed solution is the correct method or mechanism to be implemented. Remember that the presentation is for the management team and should contain the appropriate level of detail.
Worked Example

Please refer to the following worked example of this assignment based on the problem-based learning (PBL) scenario. The worked example is not intended to be a complete example of the assignment, but it will illustrate the basic concepts that are required for completion of the assignment, and it can be used as a general guideline for your own project. Your assignment submission should be more detailed and specific, and it should reflect your own approach to the assignment rather than just following the same outline.