D482 Secure Network Design.docx

Jordan McCready Student ID#: 010287766 D482 Secure Network Design DHN1 Task 1 Network Merger and Implementation Plan A. Network Security / Infrastructure Problems Company A Network Security: 1. Company A Risk Analysis, Table D. Risk Identification, Risk #1, Open ports 21-90, 3389 Ports 21, 23, and 80 specifically are outdated and insecure. These ports should be closed to secure the network. Ports 22 and 443 are more secure and should be used to replace those insecure ports. 2. Company A Risk Analysis, Table D. Risk Identification, Risk #2 and Risk #5, All users utilize eight-character passwords/Regular password changes are not enforced Passwords of eight characters can be hacked within a relatively short amount of time depending on the complexity of the passwords. Also, once a user’s account is compromised, it can remain compromised due to there not being a maximum lifetime of passwords being enforced. Company A needs to document and enforce a password policy that lays out a password length of 10-24 characters for users. The complexity of the passwords should be required by requiring a minimum of multiple character types. In

addition to those requirements, there should be a maximum lifetime for passwords of 60 days or so. Infrastructure: Company A has many end of life components in use, which no longer have security updates or provide technical support. 1. Security updates and technical support for Windows 7 ended on January 14, 2020 (Microsoft). 2. Security updates and technical support for Windows server 2012/R2 ended on October 10, 2023. This affects the Application server, File Server, and DMZ FTP and external Web Server (Microsoft). 3. Cisco 7600 series routers reached end of support date July 31, 2021 (Cisco). 4. Cisco 3750X series switches reached end of support date October 31, 2021 (Cisco). Company B Network Security: 1. Insecure open ports: 20, 21, 23, 80 Ports 21, 23, and 80 specifically are outdated and insecure. These ports should be closed to secure the network. Ports 22 and 443 are more secure and should be used to replace those insecure ports. 2. All users have local administrative privileges It is a major concern that all users have local administrative privileges. This goes against the security principle of least privilege. A regular end user with local administrative privileges

has the power to do significant damage to a network. This can lead to an inadvertent insider attack. It is best practice to put group policies in place to restrict users of these privileges and provide them with the just right amount of functions to perform their jobs. Infrastructure: Similar to Company A, Company B has many end of life components in use, which no longer have security updates or provide technical support. 1. Security updates and technical support for Windows XP ended on April 8, 2014 (Microsoft). 2. Security updates and technical support for Windows 7 ended on January 14, 2020 (Microsoft). 3. Security updates and technical support for macOS 11 Big Sur ended at the end of 2023.

B. Vulnerabilities: Impact, Risk, Likelihood Company A Vulnerability 1: Company A does not enforce a password policy as all users utilize eight- character passwords and regular password changes are not required. Passwords of eight characters can be hacked within a relatively short amount of time depending on the complexity of the passwords. Also, once a user’s account is compromised, it can remain compromised due to there not being a maximum lifetime of passwords being enforced. Impact: High The impact of Company A not enforcing a password policy is high. If a privileged user’s account is hacked, attackers can gain a dangerous amount of control over the company’s resources. With Company A storing financial data, this can provide a wealth of information to the hacker(s) and cause significant damage to the owner of that financial data. Risk: High The risk of Company A not enforcing a password policy is high. This vulnerability can provide attackers access to resources that can be detrimental to Company A. This would affect Company A’s reputation and customers may seek external services. Likelihood: High The likelihood of user accounts being compromised is high if a password policy is not enforced. Computing power has increased exponentially since the beginning of the technological era. The amount of time it would take to crack simple eight-character passwords, knowing what information these accounts would give you access to, is worth the effort.

Vulnerability 2: Company A has many end of life components in use, which no longer have security updates or provide technical support. Security updates and technical support for Windows 7, Windows server 2012/R2, Cisco 7600 series routers, and Cisco 3750X series switches are no longer provided. Impact: High Utilizing end of life components in your organization can have a major impact. These components may provide functions that are critical to meet your customers’ needs. If an attacker exploits a vulnerability in one of your components, this could eliminate the availability of that component. If that component is no longer available to its users, then the services that component provides cannot be utilized. Also, end of life components can become pricey to maintain, as they would require extra protection. Risk: High It is a high risk to depend on end of life components within your organization. The functional requirements of your organization and customers cannot be met if the end of life components can no longer be utilized. With security updates and technical support no longer provided for these components, they’re one exploit away from causing detrimental effects to your organization. Likelihood: Moderate The likelihood of end of life components causing issues to your organization is moderate. Although security updates and technical support are no longer provided, extra protection and knowledgeable employees can help prevent the likelihood that issues arise. However, there is only so much an organization can do, as you need to balance security measures with the availability of these components to ensure users can perform their business needs.

Company B Vulnerability 1: Systems using Distributed Ruby (dRuby/DRb) does not restrict allowed hosts from executing system commands or Ruby scripts. Impact: High The impact of systems using Distributed Ruby (dRuby/DRb) is high. Distributed Ruby does not restrict hosts allowed to execute system commands or Ruby scripts. This can provide attackers the ability to run commands that give them access to credentials, or by deleting critical files, or even installing a backdoor. The possible outcomes that this vulnerability can lead to could bring about a major impact to the organization. Risk: High The risk of this vulnerability is high. The risk is high due to the potential commands that can be executed by attackers. This emphasizes the importance for administrators to put security controls in place to mitigate this vulnerability. Likelihood: Low The likelihood of attackers executing system commands or Ruby scripts is low. Administrators of systems using Distributed Ruby can put controls in place to ensure access is only to those of trusted hosts. Vulnerability 2: Similar to Company A, Company B has many end of life components in use, which no longer have security updates or provide technical support. Security updates and technical support for Windows XP, Windows 7, and macOS 11 Big Sur are no longer provided.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help