SEC 435 week 10 paper

  

As a penetration tester, you are hired as a consultant by a small- to mid-sized business that is interested in calculating its overall security risk today, January 1, 2012. The business specializes in providing private loans to college students. This business uses both an e-Commerce site and point-of-sales devices (credit card swipes) to collect payment. Also, there exist a number of file transfer operations where sensitive and confidential data is transferred to and from several external partnering companies. The typical volume of payment transactions totals is approximately $100 million. You decide that the risk assessments are to take into account the entire network of workstations, VoIP phone sets, servers, routers, switches and other networking gear. During your interview with one of the business’s IT staff members, you are told that many external vendors want to sell security networking products and software solutions. The staff member also claimed that their network was too “flat.” During the initial onsite visit, you captured the following pertinent data to use in creation of the Penetration Test Plan.Non-stateful packet firewall separates the business’s internal network from its DMZ.All departments–including Finance, Marketing, Development, and IT–connect into the same enterprise switch and are therefore on the same LAN. Senior management (CEO, CIO, President, etc.) and the Help Desk are not on that LAN; they are connected via a common Ethernet hub and then to the switched LAN.All of the workstations used by employees are either Windows 98 or Windows XP. None of the workstations have service packs or updates beyond service pack one.Two (2) Web servers containing customer portals for logging in and ordering products exist on the DMZ running Windows 2000 Server SP1, and IIS v5.One (1) internal server containing Active Directory (AD) services to authenticate users, a DB where all data for the company is stored (i.e. HR, financial, product design, customer, transactions). The AD server is using LM instead of NTLM.Write a six to eight (6-8) page paper in which you:Explain the tests you would run and the reason(s) for running them (e.g. to support the risk assessment plan).Determine the expected results from tests and research based on the specific informational details provided. (i.e., IIS v5, Windows Server 2000, AD server not using NTLM)Analyze the software tools you would use for your investigation and reasons for choosing them.Describe the legal requirements and ethical issues involved.Using Visio or its open source alternative, provide a diagram of how you would redesign this business’ network. Include a description of your drawing. Note: The graphically depicted solution is not included in the required page length.Propose your final recommendations and reporting.  Explain what risks exist and ways to either eliminate or reduce the risk.Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Don't use plagiarized sources. Get Your Custom Essay on
SEC 435 week 10 paper
Just from $10/Page
Order Essay
Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Order your essay today and save 30% with the discount code ESSAYSHELP