Computer science
zeekhum6
Week9CyberDefenceandCountermeasures.zipWeek 9 Cyber Defence and Countermeasures/cf_anchor_hosp_scenario.docx
IT4070
Anchor Hospital Scenario
You are a network specialist hired by Anchor Hospital to address network infrastructure vulnerabilities. Your initial work is broad and expected to encompass the following:
Understanding the network.
Firewalls.
Physical security.
Cloud solutions.
Intrusion detection.
VPN solutions.
Incident response and countermeasures.
Policy and regulatory issues.
Network exposure assessment and control.
Company Information
Anchor Hospital is a small independent care facility in a stand-alone building that houses its IT staff and assets in the basement. The IT infrastructure and staff of six serve 1,200 employees and other users.
Physical Security
The hospital is on a 10-acre campus in an urban neighborhood. Its IT-related physical security consists of:
A contracted security firm, which supplies two 24/7 guards: one of whom conducts hourly foot patrols, and the second who monitors cameras and performs additional security-related functions.
High-definition cameras that record continuously, located at all points of building entry and sensitive access points including the server room.
Three locked data-center doors requiring key card access that records all traffic. All staff have access cards for their respective departments; only IT staff, janitors, and upper management have access to the IT facility.
IT Overview
Network
Hospital connected to the Internet.
Network segmented into virtual LANs for medical data, IT, and finance user groups.
Hardware
Windows 2008 domain servers: email, file/print, data servers.
Routers connect switches to VLANs.
Switches connect desktops and servers to network.
Web server located in the DMZ.
100 antimalware-protected Windows XP workstations with Internet access.
Wireless access point.
Software
Windows firewall on a workstation at the edge of the network.
SNORT intrusion detection system (IDS), located in front of the Windows firewall.
MS Office installed on workstations.
Enterprise-level proprietary medical software.
Oracle Enterprise Resource Planning (ERP) software.
2017 version of free AVG Antivirus.
1
2
Week 9 Cyber Defence and Countermeasures/Cyber Defence- Week 9.docx
Discussion – 1 page
Encryption
Choose one of the following to discuss based on your experience or research:
1. Describe an instance in which encryption was used.
. What type was it?
. What considerations drove its adoption?
. Was it effective?
. How much effort was required to deploy and maintain it?
· Discuss your opinion on whether individuals or businesses should be able to encode their communications with sophisticated encryption methods that can stymie law enforcement or other investigative procedures.
Assignment –
Defending With Encryption
Overview
Data exists in three states: at rest, in motion (or transit), and in use, each of which must be protected. Encryption is one of the tools commonly used to protect data in each state.
In this assignment you respond to a risk assessment finding that sensitive data at rest on a medical patient server are unencrypted.
Scenario
Anchor Hospital's electronic record management (ERM) system’s sensitive data on one of the servers was found to be vulnerable by the conductors of the risk assessment, who recommended encrypting sensitive patient data. This is not small task and you recognize that you must conduct research to define an encryption practice for protecting company data for others' implementation.
Instructions
Briefly describe what you learned from or observed in the lab and include it in the section with your screenshots in the Assignment Template. Be specific.
Based on the above scenario, address the following:
1. Compare asymmetric encryption to public key infrastructure (PKI), considering applications, requirements, implementation considerations, and so on.
2. Recommend the most appropriate encryption method for securing Anchor’s sensitive at-rest data. Justify your decision with specific rationale and supporting resources.
3. Describe three considerations (hardware, software, processes, policies, other) that should guide planning and implementing your solution.
