Jamel McBean s NET 240 Chp 8 Design Scenario
Jamel McBean Consulting LLC.
Client: ElectroMyCycle
Date: 6/19/15
Project: Net 240 Design Scenario Chapter 8
1. What are ElectroMyCycle’s most important assets that must be protected with security mechanisms? Servers
Routers
Switches
PC’s/Workstations
The Physical Building
2. What are the biggest security risks that ElectroMyCycle faces?
The biggest risks are from tech savvy vendors and customers applying a DOS attack amongst other types of attacks and internal non – compliance. VPN’s also can pose a viable threat if infiltrated. Wireless network, server farms, etc.
3. Design a high-level security policy for ElectroMyCycle.
Purpose: This document describes a required minimal security configuration for all routers and switches connecting to a production network or used in a production capacity at or on behalf of ElectroMyCycle
Scope: All employees, contractors, consultants, temporary and other workers at Cisco and its subsidiaries must adhere to this policy. All routers and switches connected to ElectroMyCycle production networks are affected.
Policy:
The enable password on the router or switch must be kept in a secure encrypted form. The router or switch must have the enable password set to the current production router/switch password from the device’s support organization.
The following services or features must be disabled:
TCP small services
UDP small services
All source routing and switching
All web services running on router
Cisco discovery protocol on Internet connected interfaces
Telnet, FTP, and HTTP services
Auto-configuration
The following services must be configured:
NTP configured to a corporate standard source
Password-encryption
All routing updates shall be done using secure routing updates.
Access control lists must be used to limit the source and type of traffic that can terminate on the device itself.
Access control lists for transiting the device are to be added as business needs arise.
Each router must have the following statement
Client: ElectroMyCycle
Date: 6/19/15
Project: Net 240 Design Scenario Chapter 8
1. What are ElectroMyCycle’s most important assets that must be protected with security mechanisms? Servers
Routers
Switches
PC’s/Workstations
The Physical Building
2. What are the biggest security risks that ElectroMyCycle faces?
The biggest risks are from tech savvy vendors and customers applying a DOS attack amongst other types of attacks and internal non – compliance. VPN’s also can pose a viable threat if infiltrated. Wireless network, server farms, etc.
3. Design a high-level security policy for ElectroMyCycle.
Purpose: This document describes a required minimal security configuration for all routers and switches connecting to a production network or used in a production capacity at or on behalf of ElectroMyCycle
Scope: All employees, contractors, consultants, temporary and other workers at Cisco and its subsidiaries must adhere to this policy. All routers and switches connected to ElectroMyCycle production networks are affected.
Policy:
The enable password on the router or switch must be kept in a secure encrypted form. The router or switch must have the enable password set to the current production router/switch password from the device’s support organization.
The following services or features must be disabled:
TCP small services
UDP small services
All source routing and switching
All web services running on router
Cisco discovery protocol on Internet connected interfaces
Telnet, FTP, and HTTP services
Auto-configuration
The following services must be configured:
NTP configured to a corporate standard source
Password-encryption
All routing updates shall be done using secure routing updates.
Access control lists must be used to limit the source and type of traffic that can terminate on the device itself.
Access control lists for transiting the device are to be added as business needs arise.
Each router must have the following statement