Homework: Designing Compliance within the LAN-to-WAN Domain
Note: Review the page requirements and formatting instructions for this homework closely. Graphically depicted solutions, as well as the standardized formatting requirements, do NOT count toward the overall page length.
Imagine you are an Information Systems Security Officer for a medium-sized financial services firm that has operations in four states (Virginia, Florida, Arizona, and California). Due to the highly sensitive data created, stored, and transported by your organization, the CIO is concerned with implementing proper security controls for the LAN-to-WAN domain. Specifically, the CIO is concerned with the following areas:
i. Protecting data privacy across the WAN
ii. Filtering undesirable network traffic from the Internet
iii. Filtering the traffic to the Internet that does not adhere to the organizational acceptable use policy (AUP) for the Web
iv. Having a zone that allows access for anonymous users but aggressively controls information exchange with internal resources
v. Having an area designed to trap attackers in order to monitor attacker activities
vi. Allowing a means to monitor network traffic in real time as a means to identify and block unusual activity
vii. Hiding internal IP addresses
viii. Allowing operating system and application patch management
The CIO has tasked you with proposing a series of hardware and software controls designed to provide security for the LAN-to-WAN domain. The CIO anticipates receiving both a written report and diagram(s) to support your recommendations.
Write a three or more page paper in which you:
I. Use MS Visio or an open source equivalent to graphically depict a solution for the provided scenario that will:
i. filter undesirable network traffic from the Internet
ii. filter Web traffic to the Internet that does not adhere to the organizational AUP for the Web
iii. allow for a zone for anonymous users but aggressively controls information exchange with internal resources
iv. allow for an area designed to trap attackers in order to monitor attacker activities
v. offer a means to monitor network traffic in real time as a means to identify and block unusual activity
vi. hide internal IP addresses
II. Identify the fundamentals of public key infrastructure (PKI).
III. Describe the manner in which your solution will protect the privacy of data transmitted across the WAN.
IV. Analyze the requirements necessary to allow for proper operating system and application patch management and describe a solution that would be effective.
Note: The graphically depicted solution is not included in the required page length.
Format your homework according to the following formatting requirements:
i) The answer should be typed, using Times New Roman font (size 12), double spaced, with one-inch margins on all sides.
ii) The response also includes a cover page containing the title of the homework, the student's name, the course title, and the date. The cover page is not included in the required page length.
iii) Also include a reference page. The Citations and references must follow APA format. The reference page is not included in the required page length.
The specific course learning outcomes associated with this homework are:
i. Analyze information security systems compliance requirements within the Workstation and LAN Domains.
ii. Use technology and information resources to research issues in security strategy and policy formation.
iii. Write clearly and concisely about topics related to information technology audit and control using proper writing mechanics and technical style conventions.