Overview (one page)
Make a brief reference to the controls you proposed in the network security plan (please refer to the Security Strategies and Recommended Controls section of the Network Security Plan). For this technology implementation, you are required to document, implement, and test at least five (5) controls (as shown below).
[Control 1] (No word limit)
Objective of Control
Describe in which ways this control is to meet the organisation’s security needs. This is a follow up of your analysis conducted in planning the security. For example, let’s assume you recommended to use a RADIUS server. In this case, you may say that the purpose of this server is for users to be securely authenticated when accessing the wireless network of the organisation.
Resources Used
Describe the hardware and software resources you recommend implementing this control. In the RADIUS example, you should provide the complete technical specifications of the software and hardware; the type of RADIUS implemented; protocols (WPA, AES, PEAP, etc.); database to store user accounts; type of storage system; server operation system; and web interfaces to manage the server, database, monitoring, accounting, and reporting.
Developing the control [proof of concept]
This will be a proof of concept only of your recommended control using free open source software and your computer. In a real-world project, you will be using commercial hardware and software.
Description of the System
Technical specifications of the open source software and your computer used to implement this control.
Block Diagram
Attach a block diagram to illustrate the proof of concept. For example, if you were to implement the RADIUS server above, then draw a logical diagram showing the following:
- Wireless router.
- Range of IP address and subnets.
- RADIUS server.
- Mobile Clients technical specifications (hardware and software) including IP address
- Links and interfaces showing IP addresses.
Configuration of the system
Provide the instructions to configure the system including steps for downloading, installation, configuration, scripting, and how to run the system. Support your description with screenshots.
Test Plan Design
For this section, explain how you are to test the functionality of the system you configured. For example, in the case of the RADIUS, make a list of design steps including employees’ profiles, two or three fictional user accounts (Peter, John, Mary…), device connections (laptop, android, etc.), create reports, create backups, etc. All these design steps will be used next in testing your implementation.
Test Plan Implementation
Based on the design you created above, follow the design steps and enter the details into the system. You need to support your test plan implementation with screenshots.
Test Results and Analysis
Once you have completed your tests, then proceed to analyse the results. Verify that the results are in accordance with the expectations. In case of any discrepancy, proceed to readjust the system accordingly. Run the test again and check for inconsistencies.
[Control 2] (No word limit)
[Control 3] (No word limit)
[Control 4] (No word limit)
[Control 5] (No word limit)
Conclusion (half a page)
Provide a summary of your five implementations.
No comments:
Post a Comment