Question

Task:

ABC Company (assume your company name) is a new start-up company providing end-to-end solution on Networks and web oriented solutions and hence requires a server infrastructure set up. The company has strength of 60 employees including Supervisory team and higher management team.

1. Your task is to come up with a network which comprises of the plan, design, backup solutions, fail-safe methodologies, etc.

2. Give out solutions with respect to Server services viz. (users, groups, etc)

NOTE:

1. Moderate assumptions to be made based on your plan and design strategy. A-Z component list to be presented so that the implementation team won’t have the need to look for further documents or information gathering.

2. Reference to be provided accordingly (wherever necessary).

Assumptions could be (for example):

1. 40 production machines ( categorized )

2. 10 admin machines

3. 10 other machines (purpose defined)

4. Active directory services

5. ADCS

6. DC requirements

7. IIS Server

8. ….

9. ….

this assignment should include the following topics:

1. Introduction

2. Security Scope

3. Network Diagram or logical diagram

4. Security implementation & justification

Answer 1

Introduction:

The server service lies above the transport drive interface (TDI) layer, which is said to be a file system driver. It permits to individually interact with the network transport protocols installed in the system. Similar to the other file system driver, it could be able to respond to the request and also allows the user to write and read from the network remotely. One file is said to be the services.exe that runs with the process of general Service Control Manager. The other is the Srv.sys that operates in the kernel mode and capable of handling the low-level function. The main thing to be considered before installing is that whether the installment is a small-scale deployment or an enterprise-scale deployment. Since this is a small scale deployment there is no requirement for the cluster of servers or the group of servers that perform individually.

Security Scope:

The process of risk management involves prioritization, implementation, and evaluation. The reduction or eliminating all the risk factors is highly impossible. Therefore, the least-cost approach or the most appropriate controls should be implemented to minimize the risk for the mission at a minimum acceptable level. The figure below describes the risk identification and the appropriate action taken to eradicate it.

Threat Source YES Vulnerability Exploitable?t Attack Exists YES /vulnerable" System Design NO NO No Risk No Risk Loss Attacker's YES Cost Gain YES Unacceptable Risk Exists Threshol Risk NO NO Risk Accept Risk Accept

Moreover, network planning also plays a role, eg., proxies, firewall, DMZs, etc. The data path and technical hurdles should be clearly understood.

Certain threats could be avoided by strengthening security measures. The detection and recovery controls include Audit, virus detection and eradication, Proof of wholeness, Intrusion detection and containment, Secure state restoration. Hence the control measures should be taken to eradicate these problems. The following are included to control the issues:

• The mission-critical IT system should be given adequate security
• The maintenance of the documentation with the current controls and the address planned controls should be done for all the systems
• The user access registration and also the termination should be noted
• Technical training and security awareness should be made for the users to follow certain behavioral rules in protecting the system of the organization