Draft Security Plan Answers | Assessment Answer

The security plan for the Community college has been a major concern for the people. There are different standard provisions where the IT needs to work on managing the risks by identifying, evaluating, controlling and mitigating all the vulnerabilities which pose a potential threat to the data. Hence, for this, there is a need for the user accounts and password implementation for the network resource usage which accounts to the access of the system. The plan is to mainly prohibit the sharing of all the different personal user accounts or the passwords and prevent them from accessing in the university. The IT network has been set for handling the laws and regulations which will provide a complete configuration of the system to protect the privacy or the security of the user.

The reconfiguration process of the network hardware is designated to be held with the IT individuals where the connections, monitoring of devices and the communication is prohibited from the DHCP servers, DNS, NAT routers, network gateway or the packet capturing devices. There have been project cases to handle the records of network traffic along with handling the e-mail messages or the telnet sessions. The information is directly collected for accessing the network utilisation process where the IT may look for network operations and functions depending upon the schemes of DHCP and DNS.

The wireless networks are important as they help in accessing the resources through a wired networking system along with handling the wireless network security to control mechanisms. The operations are based on accessing the networks through the use of information and devices. The user computing devices are important for the security and integrity to control the physical and the network access of the equipment. The services have been deployed to include the anti-virus software which needs to be installed to connect to the network of CC.

The CC needs to work on removal of the data of the former members and work on allowing access with the use of card or check out key. The subnets are important to allow the authentication with the switch management in order to create a control of the backend administration. The servers are directed to the security audit where the evaluation is based on administrative access to the servers with the two-factor authentication process.

Description

This includes the assessment based on the computer hardware, PC, serves, application and the system software work. The entire network device has been set for handling the operations which will help in handling the assets related to the threats and vulnerability. The information of the security policies depend on taking hold of residual risks with the implementation and use of the data backup system and recovery technology. The strategy works on the different technical details to access, share, download and upload the files and folders depending upon the authentication process. The controllers work on addressing the services along with configuration of the HTTP server and other application architecture. The major need of the security is to handle the investments with accurate data used to collect, store and work on the reliable information. The focus has been on the security categories and the physical security system, operating system level security and the communication security. The physical security and the control threats are under the areas of hardware attack, software attack and the masquerade attack which uses the system for identifying the authorised used to obtain access to the network. The security threats are tapping and spoofing which can cause problem in the data communication system with the tracking of data flow. The effective focus is on how the software can be installed and administered through user rights and privileges. There is a need to handle the methodology of confidentiality, authentication, and access control inorder to determine the genuity of information. The access control is based on handling the data accuracy along with providing the proof for the transmission and receipt. For a complete security setup, there is a need to work on access control and data integrity. The system works on simple model inorder where there is a need to buy the antivirus package with users for the login scripts. The network applications are for educating the organisation for the details of the passwords and the other virus on the computer. There is a need to test all the backup processes by creating the directory through the use of all the important data files. This will help in maintaining the data and applications for the disaster recovery. The firewalls have been the best method for the organisation to handle the security of the system. For this, there is a need for the software and the hardware components to work on the maintenance of the internal network with explicitly handling the traffic. This allows the system to be more secured along with internet security, mobile PC and remote site security.

With the complete analysis of the security risks, there are certain security tools which are for identifying the weakness along with analysing the networks. The public domain software tool has been to administer the concerned availability factors with the Security Administrator Tool for Analysing Networks for all the Internet connected hosts for detecting the presence of the network. The programs are for identifying the configured systems along with all the system which identifies the poor configured systems. The management is based on working over the end users, internal and external security risks that holds the distributed environment with full security. The technology has been used for the CIS audit and security to monitor the relative adjustments, technology and improvements. The access of the software is based on establishing and maintaining the network interconnection along with data flow. For this there is a need for the modern networks which will be able to handle the IP and other proprietary protocols. The access of the computer systems is based on analysing, securing and working on the property of the computer systems. The data analysis is based on working over the TCP/IP as well as the operating systems and applications. The information security is based on handling multiple connections like the firewall for the web and the mail traffic which is for handling the remote connections. The system works on handling the users to realised the access to the internet along with holding the appropriate security of the system. The corporate users work on the proliferation to information which is belong the intranet enterprise.

Project Plan

Project scope

The scope of the project is to handle the costs of the current network at CC with the development of IP addressing scheme. This will help in providing a secure and a private network for the students, staff and the visitors.

Objectives and constraints

CC business process work on the systems which include the IPX/SPX and ICT related services. It needs to work on the CC growth and sustainability which will maintain and integrate the systems to expand and improve services. The CC needs to handle the ICT infrastructure inorder to provide a higher quality of learning and teaching in the best effective way. The transition has been set to include immersive tele-presence system with distance education students. With the security of network and information, CC ICT infrastructure needs to work on the access of resources which will assure handling of the internal and the external network attacks.

Statement of work

The focus has been on handling the design and implementation of a secured information network system which will be able to have a higher availability, reliability and the security of the system. This needs to work on meeting the current and the future needs depending upon the changed technology structure. The network design has been used for the IP address allocation through the usage of the CIDR format report. The design has been to handle the WLAN frames with proper reliability, performance, scalability and security of the system.

 

The focus of this is on immersive telepresence system in order to handle the CC which is seen to grow in the upcoming time. The strategy has been for handling the remote access and the mobile services where the migration has been set for the LM, file, Web and the Mail servers. The requirements and the cost benefit analysis depending on handling the cloud service providers (IaaS, PaaS, SaaS).