ABC Invitation Design and XYZ Invitation Printing have decided to merge to one company, A2Z Invitations. ABC is a virtual company with a proprietary website which permits customers to do some preliminary work on invitations and then consult with a designer for the final product. XYZ is a traditional company with a system which permits customers to submit designs and track their orders. It as well has a contact management and invoicing system. ABC will be moving its application into the XYZ data center and will be by using all of XYZ's back end systems.
Both companies have experienced data breaches in the past and don't want to have them in the future. A2Z has hired you to do a security analysis of its new network and to recommend how it can be set up in a secure way. It has budgeted for a capital expenditure (outside of man hrs) of $250,000 for hardware and software and $25,000 every year for additional security measures.
The Statement of Work objectives are:
Perform online reconnaissance on XYZ to see what information is available to an attacker. No social engineering of employees is allowed. Use the Week 1 You Decide as the data for this section. Perform an analysis of the current XYZ network, using the current network diagram and nmap report Diagram; NMAP and files are below. Check the user's password strength. Use the Week 3 You Decide as the data for this section. Redesign of network. Current network below. System hardening procedures for both IIS and Apache (even if they only use IIS). Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section. Template for future security policies. Your paper must conform to all requirements listed below.
Papers must be at least 5-10 pages in length, double-spaced. Papers must include at least three references outside of the text. Paper and references must conform to APA style, including: cover page; header with student's name and page number; and sections including Introduction, Body, and Conclusion/Summary.