Question

***I only need the High Level Project Plan (Time to Implement)******

You have recently been hired by a new Japanese accounting firm, headquarter in Tokyo, as the director ofInformation Systems and Telecommunications. Your assignment is to assist security posture of the firm anddevelop a security structure for this new company. Write your recommendations and reasons to the firm’s CEO. The firm has 600 employees in Tokyo, 50 in Houston, and is planning to open two branch offices in India andCalifornia. Ten accountants will be hired at each site. USA customers’ data from the Houston and Californiaoffices will be transmitted to the India and Japan offices for processing of payroll. The results are then sent backto the Firm’s USA office in Houston. Currently, only TCP/IP (pubic Internet) is being used. The firm’s network is a Windows environment, using CISCO products, with two IPv4 address, 211.156.13.0/24 and 211.156.14.0/24. You may create any subnet as needed. Assume no security applications are in place since this is a new company. Design a detailed logical and physicalsecurity system to be used in the new firm’s plan. Provide information about specific hardware and software. Also include needed policies and procedures. Provide security details and address policies, government regulations and industry regulations as needed. Your high level areas of requirements are as follows (this is a big list – focus on priorities!): Install critical infrastructure that provides business continuity Implement IDS/IPS solution Investigate next generation technology Implement VPN for Remote Users Email Filtering (scanning for viruses, spam, etc) Web Filtering SIEM Solution (malware analysis, vulnerability scanning, internal penetration testing) Penetration Testing and Security Auditing (outside service option) HTTP to HTTPS Conversion Centralized Management Services for all Networking/Security Devices Recommend Standards for configuration of all devices and servers ACL standards (allow/deny), Turn off services, ports, block protocols, etc. Disaster Recovery (just backup at the config level & data) Standard for offsite device config backup and recovery Standard for data backup and recovery Physical Security (recent incidents indicate espionage risk is high) Standards for device and physical access (ex: BitLocker, disable USB, biometrics, cameras, security guards) User awareness & training

Answer 1

Solution IDS Intusien defense Syshemslips intyusion Pyevention Syste' common bse. buト卯ト inte He neue rkind:FFere Places with ed Auns, and Sclue n number op diffeyence Problem's PS s Cempaved to five vol) ye bc ave Contic)divices an entevpyices though they have a have theutands o ules to alfouo the Packer pass Hm λ in the absence 63 a Yeason Pss he yffic the fire to all d№p's a Yeason o he afe the IPS Passes though Ds bur an IPs in the absence of eingy fool Can be om pared to exercise Contl BIPS and 1Ds venders don make sy e U because they have devels ped and ve lenSed hybr preduct which Combine 1Ds teasy Us. visibilty op IPS Conbrel

* theγe May be Seveval benefits of an SSL whic needs e be implemented onte an enterpwse. * the geabeS wi IPse s's fas hede of transport and betteγ0ptimi2edțcy quick opimi2ed toy quick aa ccess t VolP and Stveaming medr asse s s the application's and ensure inteynal Compati bility oih Hhe on enter Prise HTTPS aoeb s; e's better for everyone cand Secuvity and more, via pivacy.