Any topic (writer's choice)

Instructions

InstructionsThe purpose of this homework assignment is to learn how to audit the LAN-to-WAN domain. You will identify common risks, threats, and vulnerabilities found in the LAN-to-WAN domain. You will assess common risks, threats, vulnerabilities found in the LAN-to-WAN domain, and you will identify network and security policies needed to properly secure the LAN-to-WAN portion of the network infrastructure. You will audit and assess implementation of security controls within the LAN-to-WAN domain, and you will recommend LAN-to-WAN domain hardening solutions by implementing proper security controls at the Internet ingress/egress point within an IT infrastructure. You will use a text document to develop your homework assignment by completing the sections listed below:Lab 6.1aReview the following scenario:You are a security consultant for an information systems security firm and have a new healthcare provider client under HIPAA compliance. Your new client wants to know the requirements and business drivers for securing the LAN-to-WAN domain in its healthcare environment, which requires compliance with HIPAA. Similarly, your firm has a U.S. government DoD client who also wants you to perform a LAN-to-WAN domain compliance audit per the DoD LAN and network hardening guidelines and baseline requirements. Both organizations want you to focus on the LAN-to-WAN domain only, and you are to use the DoD-provided frameworks and STIGs previously found to summarize a network infrastructure hardening strategy.Launch your web browser and navigate to the following website: http://iase.disa.mil/stigs/Pages/index.aspx. Review the Security Technical Implementation Guides (STIGs) available and the proper implementation of security based on DoDs workstation/desktop hardening guidelines.In your homework assignment, discuss three STIGs and the DoDs workstation/desktop hardening guidelines.Lab 6.1bLaunch your Web browser and navigate to the following website: https://www.sans.org/reading-room/whitepapers/bestprac/network-security-smb-1542Open the .pdf file and identify the risks, threats, and vulnerabilities commonly found in the LAN-to-WAN domain. List these in your homework assignment.Using the information you learned in the homework assignment you submitted in Unit II and Internet resources, identify and review the documents available for hardening network infrastructure and the LAN-to-WAN domain as per DoD standards.List these in your homework assignment.Lab 6.1cLaunch your Web browser and type in the web address http://iase.disa.mil.Find the STIGs for the routers and switches, network policy, firewalls and IDS/IPS, and other network devices.Use the following Web addresses to find these devices:  http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/routers-switches.aspx  http://iase.disa.mil/stigs/policy  http://iase.disa.mil/stigs/net_perimeter/network-infrastructure/Pages/firewall.aspxhttp://iase.disa.mil/stigs/net_perimeter/network-other/Pages/network-other.aspxDownload these ZIP files from the URLs listed in the previous step, including:Network Infrastructure Router L3 SwitchNetwork Perimeter Router L3 SwitchNetwork L2 SwitchNetwork PolicyNetwork FirewallNetwork IDS/IPSNetwork Other DevicesExtract the Overview PDFs from each of the ZIP files listed in the previous step. This PDF is the summary document that supports all of the XML files.Extract the Overview PDFs from each of the ZIP files listed in the previous step. This PDF is the summary document that supports all of the XML files.Review the following concepts from this overarching DoD standards document for network infrastructure:Enclave perimeterenclave protection mechanismsnetwork infrastructure diagramexternal connectionsleased linesapproved gateway/internet service provider connectivitybackdoor connectionsIPv4 address privacyFirewallpacket filters  bastion hoststateful inspectionfirewalls with application awarenessdeep packet inspectionapplication-proxy gatewayhybrid firewall technologies  dedicated proxylayered firewall architecture  content filteringperimeter protectiontunnelsBriefly discuss in these in your homework assignment.Lab 6.1dExtract the Switch Cisco Manual XML file from the Network L2 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco switches:non-registered or unauthorized IP addresses,in-band Mgt not configured to timeout in 10 min,exclusive use of privileged and non-privileged,assign lowest privilege level to user accounts, andlog all in-band management access attempts.Briefly discuss these in your homework assignment.Lab 6.1eExtract the Perimeter Router Cisco XML file from the Network Perimeter Router L3 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco routers:A log or syslog statement does not follow all deny statements.DNS servers must be defined for client resolver.Running and startup configurations are not synchronized.Briefly discuss these in your homework assignment.Lab 6.1fExtract the Firewall Cisco PIX ASA XML file from the Network Firewall ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening Cisco firewalls as performed previously for switches and routers.Discuss these in your homework assignment.Lab 6.1gExtract the IDS-IPS Manual XML file from the Network IDS-IPS ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening IDS/IPS devices as performed previously for switches and routers.Discuss these in your homework assignment.Lab 6.1hExtract the Network Policy Manual XML file from the Network Policy ZIP file. Review at least three of the concepts and vulnerabilities for configuring and hardening network policy as performed previously for switches and routers.Discuss these in your homework assignment.Lab 6.2Write an executive summary on the top LAN-to-WAN domain risks, threats, and vulnerabilities, and include a description of the risk mitigation tactics you would perform to audit the LAN-to-WAN domain for compliance. Use the U.S. DoD LAN-to-WAN hardening guidelines as your example for a baseline definition for compliance. Submit the document to your instructor as a deliverable for this homework assignment.NOTE: When you submit your homework assignment, you can combine the assignments into one document for grading. Please clearly mark the answers for Lab 6.1a, Lab 6.1b, Lab 6.1c, Lab 6.1d, Lab 6.1e, Lab 6.1f, Lab 6.1g, Lab 6.1h, and Lab 6.2 within your submission by labeling those sections within your assignment.Your homework assignment should be a minimum of three pages in APA format. Include a minimum of two sources, with at least one source from the CSU Online Library in addition to your textbook.

Answer