Executive Summary

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

643

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

6

Uploaded by MinisterField10017

Report
1 Executive Summary Jerome Bowers SNHU IT 643 Network Assessment Dr. Adam Goldstein November 19, 2023
2 Executive Summary Purpose Network defense is a serious matter. Strategic Security Consulting Group (SSCG) is not just a business. It is entrusted with information that, if found in the wrong hands, can cause significant harm. Therefore, as the company's name implies, the company must be strategic. To employ a strategy to combat the current security issues, a blueprint or plan must be developed that informs and provides tools. The manual being present will accomplish both objectives and, if employed, mitigate risk, and help troubleshoot if an incident arises. Network Defense Methods Monitoring network traffic is essential. It is crucial to understand regular traffic from erroneous traffic. The benefits of monitoring traffic are that SSCG can locate issues quickly and address them, IT resources are used efficiently, and a historical baseline better ascertains erroneous traffic (Cohen, 2023). Implement firewalls. Firewalls protect the network against outside threats or unnecessary traffic (CISA, 2023). Firewalls are necessary because the organization is connected to the internet, and data is exposed. Firewalls function as gatekeepers. Intrusion Detection System monitors suspicious activity and alerts administrators of the vulnerability to address it (Lutkevich, n.d.). The IDS is the security guard that notifies the authorities that something is wrong. Vulnerability assessments must be conducted to understand the weaknesses of the system. While other protective measures are snapshots, the assessment is thorough and consists of identifying, analyzing, assessing, and providing remediation (Imperva, n.d.). All of these functions are necessary for a health system. It is essential to understand the devices on the network and the health of those devices. Network assessment is the tool that is used to assist in this effort. If one device in the network is compromised and not communicating
3 correctly, the whole network could be affected by latency, bandwidth inadequacies, outdated antivirus software, and misconfigurations (Network ATS, n.d.). Computer systems automatically generate logs of activity. Collecting, assessing, and acting on the information in these logs helps identify issues such as unauthorized users and traffic so that IT professionals can act to defend the network (Cavello, 2023). Evaluation of Mitigation Methods Each defense method has tools that can be used to assist in the effort. Wireshark is an open-source tool that allows users to see network information in real-time and capture that data to be examined. For the IT administrator, this tool is useful when trying to find the source of bad data. In much the same way, the network miner allows the administrator to see the IP addresses and the possible source of infiltration. The Linux firewall is customizable. However, it works only in the Linux environment. pfSense is scalable for the organization and works well with IP4 and IPv6 (Netshop, 2022). Snort is an easy-to-use tool to detect intrusion. It works in real-time, which allows on-the-spot assessment of intrusions. OpenVAS gives a thorough inspection of the firewalls, applications, and services. Assessing these areas helps to identify gaps within the network to protect from threats. Network assessment tools are necessary when determining what assets are on the network. Nmap and Metasploit are good tools to use because they can assist in identifying which ports are open and if they are protected. Grep and Gawk are good tools for sorting through data to determine if it is benign or malicious. Incident response Incidents will occur. It is crucial to respond to alerts quickly. The first step of incident response is satisfied by using the tools in this manual or others that function the same (Kral, 2011). These tools are designed to identify threats. Once the threats are identified, containment is
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help