Scenario#2 Hydrogen Inc. provides monitoring and maintenance services for a major solar farm at Changi. To facilitate their work, they set up a branch office in Changi where on-site employees can connect back to the main office in Bugis to update data stored on the file server. Due to personal reasons, the IT administrator had resigned from his position and left behind an incomplete hand drawn network diagram as shown below. Recently, Hydrogen Inc. suffered several malware and ransomware attacks despite having anti-malware solutions installed on their servers and laptops. The management suspects that an ex-employee had copied sensitive documents from the company's server prior to his resignation. Another concern they had was that there are no visibility or control over the websites employees had visited. You have been tasked to advise Hydrogen Inc. on how to go about securing their infrastructure. The project will be completed in two phases. Phase One is to be implemented immediately over next two weeks. The implementation should involve a re-design of the current setup, processes and/or configuring of new features without the need to install any new equipment. Phase Two is subjected to management approval of the budget to purchase new IT equipment or security devices/appliances. You are to recommend FIVE (5) IT equipment or security devices/appliances to purchase to secure the infrastructure. Draw up a proposal to meet Hydrogen Inc. requirements, including the network diagrams, the rationale behind your recommendations and the estimated budget for the implementation for Phase One and Phase Two respectively. <Tip: Do not hand draw your network diagram> Please use the format provided below for your recommendations. Phase | Description of Proposed Measure | Rational | Est. Cost/Budget <20 marks>
Added by Michelle D.
Close
Step 1
This involves analyzing the incomplete hand-drawn network diagram left by the previous IT administrator and identifying any immediate vulnerabilities or misconfigurations that could be contributing to the security issues. Step 2: **Immediate Security Measures Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 91 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
Overview: Now that you're super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skill sets. Assignment: In this project, you'll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization's requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you as a security consultant to help bring their operations into better shape. Organization requirements: As the security consultant, the company needs you to add security measures to the following systems: - An external website permitting users to browse and purchase widgets - An internal intranet website for employees to use - Secure remote access for engineering employees - Reasonable, basic firewall rules - Wireless coverage in the office - Reasonably secure configurations for laptops Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices. Engineers will require access to internal websites, along with remote, command-line access to their workstations. Grading: This is a required assignment for the module. What you'll do: You'll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements, and the following elements should be incorporated into your plan: - Authentication system - External website security - Internal website security - Remote access solution - Firewall and basic rules recommendations - Wireless security - VLAN configuration recommendations - Laptop security configuration - Application policy recommendations - Security and privacy policy recommendations - Intrusion detection or prevention for systems containing customer data
Akash M.
Overview: Now that you're super knowledgeable about security, let's put your newfound know-how to the test. You may find yourself in a tech role someday, where you need to design and influence a culture of security within an organization. This project is your opportunity to practice these important skillsets. Assignment: In this project, you'll create a security infrastructure design document for a fictional organization. The security services and tools you describe in the document must be able to meet the needs of the organization. Your work will be evaluated according to how well you met the organization's requirements. About the organization: This fictional organization has a small, but growing, employee base, with 50 employees in one small office. The company is an online retailer of the world's finest artisanal, hand-crafted widgets. They've hired you as a security consultant to help bring their operations into better shape. Organization requirements: As the security consultant, the company needs you to add security measures to the following systems: - An external website permitting users to browse and purchase widgets - An internal intranet website for employees to use - Secure remote access for engineering employees - Reasonable, basic firewall rules - Wireless coverage in the office - Reasonably secure configurations for laptops Since this is a retail company that will be handling customer payment data, the organization would like to be extra cautious about privacy. They don't want customer information falling into the hands of an attacker due to malware infections or lost devices. Engineers will require access to internal websites, along with remote, command-line access to their workstations. Grading: This is a required assignment for the module. What you'll do: You'll create a security infrastructure design document for a fictional organization. Your plan needs to meet the organization's requirements, and the following elements should be incorporated into your plan: - Authentication system - External website security - Internal website security - Remote access solution - Firewall and basic rules recommendations - Wireless security - VLAN configuration recommendations - Laptop security configuration - Application policy recommendations - Security and privacy policy recommendations - Intrusion detection or prevention for systems containing customer data
You work for Microsoft in their global cell phone group. You have been made the project manager for the design of a new cell phone. Your supervisors have already scoped the project, so you have a list showing the work breakdown structure, and this includes major project activities. You must plan the project schedule and calculate the project duration. Your boss wants the schedule on his desk tomorrow morning! You have been given the information in Exhibit 5.13. It includes all the activities required in the project and the duration of each activity. Also, dependencies between the activities have been identified. Remember that the preceding activity must be fully completed before work on the following activity can be started. Your project is divided into five major subprojects. Subproject "P" involves developing specifications for the new cell phone. Here decisions related to such things as battery life, size of the phone, and features need to be made. These details are based on how a customer uses the cell phone. These user specifications are redefined in terms that have meaning to the subcontractors that will actually make the new cell phone in subproject "S" supplier specifications. These involve engineering details for how the product will perform. The individual components that make up the product are the focus of subproject "D." Subproject "I" brings all the components together, and a working prototype is built and tested. Finally, in subproject "V," suppliers are selected, and contracts are negotiated. Exhibit 5.13: Work Breakdown Structure and Activities for the Cell Phone Design Project MAJOR SUBPROJECTS/ACTIVITIES | ACTIVITY IDENTIFICATION | DEPENDENCY | DURATION (WEEKS) Product Specifications (P) Market research | P1 | — | 1 Overall product specifications | P2 | P1 | 3 Hardware | P3 | P2 | 3 Software | P4 | P3 | 3 Supplier specifications (S) Hardware | S1 | P4 | 3 Software | S2 | P4 | 5 Product design (D) Battery | D1 | S1 | 1 Display | D2 | S1 | 1 Camera | D3 | S1 | 1 Outer cover | D4 | D1, D2, D3 | 3 Product integration (I) Hardware | I1 | D4 | 4 User interface | I2 | D2 | 3 Software coding | I3 | I2 | 3 Prototype testing | I4 | I1, I3 | 3 Subcontracting (V) Suppliers selection | V1 | S1, S2 | 11 Contract negotiation | V2 | I4, V1 | 1 a. Determine the minimum number of weeks for completing the project. b. Your boss would like you to study the impact of making two changes to how the project is organized. The first change involves using dedicated teams that would work strictly in parallel on the activities in each subproject. For example, in subproject P (product specifications), the team would work on P1, P2, P3, and P4 all in parallel. In other words, there would be no precedence relationships within a subproject—all tasks within a subproject would be worked on at the same time, and each would take the same amount of time as originally specified. With this new design, all the subprojects would be done sequentially with P done first, then S, D, I, and finally V. What would be the expected impact on how long it would take to complete the project if this change were made?
Sri K.
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
Watch the video solution with this free unlock.
EMAIL
PASSWORD