Current Attack Vectors and Secure Network Design
A friend has recently started a business that has a large amount of intellectual property that he wants to ensure is kept secure and confidential. He plans to hire 75-100 employees within the next 18 months and is preparing to build his systems infrastructure across three (3) locations: one (1) primary headquarters and two (2) small satellite offices. All three (3) locations will occupy one (1) entire floor of a multitenant building. Your friend has asked your opinion regarding major technology choices that he must make for his business, such as operating systems, mobile devices, cloud services, and wireless networking.
Write a six to ten (6-10) page paper in which you:
1. Analyze the security features of Linux, Macintosh, and Windows operating systems, and decide which you believe is the most susceptible to hackers based on hacking techniques and attack vectors. Justify your response.
2. Discuss the primary security concerns surrounding USB and other portable devices, and prioritize the major risks that your hypothetical friend must consider based on the level of potential harm the identified security concern may cause.
3. Take a position on whether you believe a network with wireless access points and clients, or a predominantly wired network, is more susceptible to a network attack. Suggest the tools that you would use to penetrate a wireless network in comparison to a network without wireless access points. Justify your response.
4. Consider the use of cloud providers to allow for access to data for employees and potential clients. Examine the general security concerns for cloud-based solutions, and validate whether or not you would consider the use of a cloud provider an optimal solution for this scenario.
5. Describe what you believe to be the most effective attack against mobile computing devices, and choose one (1) tool that a hacker could use to carry out this attack. Support your response with related examples of the chosen tool in use.
6. Recommend the minimum physical and technical controls for protecting the company's intellectual property from both internal and external threats. Provide a rationale for your response.
7. Consider the tools explored throughout the course, and suggest what you believe to be the three (3) most useful tools for a hacker to utilize. Justify your response.
8. Design a floor plan of each of the three (3) offices. Include locations of data center(s), telecommunication closet(s), end-user areas, conference rooms, networking equipment, security controls, etc. Use the graphical tools in Microsoft Visio or an open source alternative such as Dia. Note: The graphically depicted solution is not included in the required page length.
9. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
The specific course learning outcomes associated with this assignment are:
- Discuss the concepts of ethical hacking, different types of hacking, and penetration testing techniques.
- Explain and apply various hacking technologies and features that administrators deploy to protect their networks.
- Review system (Linux and Mac OS X) and networking device hacking techniques and vulnerabilities.
- Summarize wired and wireless networking devices and standards, including routers, cables, firewalls and access points, as well as the methods of hacking.
- Explain physical security and its associated challenges.
- Use technology and information resources to research issues in ethical hacking.
- Write clearly and concisely about topics related to Perimeter Defense Techniques using proper writing mechanics and technical style conventions.