ICTCYS612 Design and implement virtualised cyber security infrastructure for organisations

Subject Code :
ICTCYS612
University :
Victoria University Exam Question Bank is not sponsored or endorsed by this college or university.
Country :
Australia

ICTCYS612

Design and implement virtualised cyber security infrastructure for organisations

TOC o "1-3" h z t "RTO Works Heading 1,1" Section 1: Virtualised cyber security infrastructure PAGEREF _Toc73011123 h 5Section 2: Implementation and testing PAGEREF _Toc73011124 h 11

Student name:

Student ID:

Assessor: Date: Organisations this assessment is based on:

Section 1: Virtualised cyber security infrastructureComplete this section for each organisation.

Organisation 1

Organisation operations

Provide an analysis of your chosen organisations operations.

Describe the cyber security needs the organisation has based on their operations. Jonathans Graphic Design

The name of the selected business organization for the case study is Jonathan's Graphic Design. This business organization is committed to providing an effective and secure graphic design for the protection of the computer system. This organization is also focusing on the fulfillment of IT needs by running the two main operating systems Mac and Windows because these two operating systems are mostly used by various types of business organizations at the workplace. They are also trying to ensure the business organization that the use of the virtual machine is cyber secure. However, this business organization also focused on different types of data like the customer's database is going to be stored on the computer system of the business organization but it does not store the details of the account. Also, this organization uses Xero for the accounting system and OneDrive to keep the records. For the level of security, this organization uses Xero and OneDrive to protect customer data as well as financial data. They also focus on security boundaries and provide effective input and output control of the digital estate.

Description of the cyber security needs

Various types of cyber security needs are identified which are essential for the safety and security of business organizations.

It is required to protect the personal data of the business organization as well as of employers and customers.

It is also essential to get protection from cyber threats and illegal access to the organization's network and data.

Cyber security is also needed to defend itself from breaches of data, ransomware attacks, and phishing.

It is also required to get a notification of unauthorized activity to maintain the confidentiality and security of the data.

It is also required to protect the data from third-party action.

Network security options and technologies

Based on the organisations cyber security needs, identify and describe network security options, as well as suitable security technologies. Remember that these must relate to virtualised cyber security infrastructures.

Include at least two options for network security and two security technologies. Firewall: It is also an essential network security option and effective technology which is used for the protection of the data and other sensitive information of the organization. The firewall works like a barrier in the computer system between the private network system of the organization and public internet services. It is also beneficial to filter the outgoing and incoming network traffic which is also essential from a cyber security point of view. It is also helpful to get protection from external attacks and other cyber threats. A firewall is also important for malware attacks as well as application-layer cyber-attacks.

Access control: It is also required to get protection from cyber threats. It is beneficial to protect the data from unauthorized access of the third-party and others. Also, With the help of an access control system, a business organization makes sure that data is only used by the authentic person and gets its identification. It is also essential for the management of access control systems because an organization can remove or add the authorization and authentication of the users. It is also used to control the access of files, computer systems, personal information, and networks.

Requirements

Describe the data types to be protected, security levels required and secure boundary requirements.

Further, describe the mission-critical network servers that are part of the infrastructure. The data type which is required for protection and security level is the data of customers and bank details. In this context, customers of the data are used to store in the computer system but the details of their bank account are not stored. OneDrive and Xero are also going to be used by this business organization for the security of accounting data and others.

The mission-critical network of Jonathans Graphic Design is OneDrive and Xero.

Also, the secure boundary requirement of this organization is IO control of the digital estate.

Infrastructure design

Provide your design for the virtualised cyber security infrastructure. You can include this as a screenshot and attach it to your Portfolio.

Implementation plan

Provide your implementation plan for your design. Make sure you plan includes:

Actions for implementation including network boundaries and technologies that will be used.

responsibilities and timelines. The implementation of the network security system design for virtualized cyber security infrastructure is as follows.

First, proper evaluation of the existing security infrastructure and monitoring of the computer network system.

Setting goals and objectives for the design implementation

Collaboration and discussion with team members

Analysis of the devices and security measures for the effective implementation of virtualized cyber security infrastructure.

Development of the dynamic and positive security culture

Network boundaries

Firewall and access control systems are going to be used to set strong boundaries in order to protect the data from cyber threats. Other employees except the admin and authorized person can only access the file and network of the system. Also, the use of a firewall prevents external users from accessing the private network system of the business organization.

Responsibility and timeline

Responsibilities Estimated time

Evaluation of the existing security infrastructure 10 days

Setting goals and objectives 2 days

Collaboration and discussion with team members 4 days

Analysis of the devices and security measures 6 days

Development of the dynamic and positive security culture 8 days

Total 30 days

Network security monitoring strategy

Describe the strategy that will be used for monitoring the network security. For the effective monitoring of the network security system, Wireshark software and solar wind are selected in this context. This software has effective features to monitor the "multi-vendor network", and gives deeper insights into the virtualized cyber security infrastructure. Also, it is effective to focus on the safety measures of the large environment and helps them in getting alert in advance. It also finds the network devices automatically and helps people in monitoring the identified nodes. This monitoring system is also helping them in the analysis of the performance of the computer system related to the information of access points, clients, and others. However, the main purpose of the selection of the Wireshark software is to identify and catch the packets which are used in the network connections. With the help of a filter, this software application dices and slices the data pocket for the authentication and authorization of the sender and receivers within the organizational network system. The network stream is also effectively visualized using these applications which is also effective from the network security point of view. It is also a significant point of this application that users can dive into the middle to check the data security of the network packet.

Tools

Outline the tools that you will use to implement the infrastructure. Explain how you will obtain access to the network and data you need. Access control and firewall are going to be used as security tools for virtualized cyber security infrastructure. These tools are used to identify the authentic and authorized person who has permission to access the system of the organization. These tools are also helping the organization in the filtration of the external network and internal network for the effectiveness and security of the system. Also, it prohibits the threat of accessing the network of the business organization. Also, the management of the traffic is effectively controlled using strong firewalls. These tools are cost-effective and easy to use for users.

Presentation

Include the title of your presentation here and attach it to your Portfolio.

Jonathans Graphic Design

Feedback

Document the feedback you received from the presentation regarding your design.

Describe your response to this feedback and adjustments you will make. From the analysis of the design and implementation process of the cyber security system, it is identified that the design and implementation strategy of virtualized cyber security infrastructure is effective and all the details of the design are clearly mentioned. This paper also continues with details of the responsibility and timeline which is also an essential point for the implementation of the virtualized cyber security infrastructure system within the organization. It can also reduce the number of hardware in the computer system but it is also important to include details of whether the hardware is essential or not essential for the implementation of the given infrastructure of cyber security.

The response

I am satisfied with the work as well as the feedback and I will improve it as soon as possible for the development of the best virtual infrastructure design.

618594143510 Attach: Screenshots

Presentation

Organisation 2

Organisation operations

Provide an analysis of your chosen organisations operations.

Describe the cyber security needs the organisation has based on their operations. King Edward VII College

This college is also offered services for the development of the virtualized cyber security system for the organization and this business type of this organization is vocational. This organization is also focusing on the establishment of virtual machines for safety and security networking systems and testing software. The basic data is going to be stored in the data of students and staff files. Like other organizations, Xero is also used by King Edward VII College for the safety and security of the accounting system. Academic-related files and information like files of staff, enrollment documentation, and academic documentation are also considered important parts of data protection by this organization. This organization has considered the multilevel security mode to satisfy the needs of all users and to give permission to access only specified data according to their needs. Xero, RTO Manager, and OneDrive are also used as network servers, and boundaries are defined to control the input and output of the data in the digital estate.

Needs for cyber security

For the safety and security of business operations

Protect the data from hacking and cyber threats

Evaluation and authentication of the sender and receiver

Defend from malware and ransomware attacks

Understanding the risk and external environment

Protection of personal and sensitive data of the organization and stakeholders

To control the interference of the third-party

It is also required to access the existing threats to data and implementation of the control measures.

Network security options and technologies

Include at least two options for network security and two security technologies. Data loss prevention: It is also an effective option for the safety and prevention of personal and professional data. It included best practices and technology for protection. It is effective to send and receive data from the authentic network system and authorized person. With the help of this network security option, user can also protect their data from cyber threats and unauthorized access by an unknown person. It is also beneficial for the management of compliance related to cyber security issues.

Cloud Network Security: In the virtual system, strong cloud network security is also required. This security system provides effective and innovative security measures for data protection. Also, SDN and SD-WAN are the two effective solutions that are embedded with the cloud networking system for the protection of data. It also provides flexibility and security to transfer the data from the local; system to the cloud system.

Anti-virus software: It is used and installed in the computer system to get protection from malicious code and viruses. Also, an automatic updating system is associated with the anti-virus software which is essential to protect the data from newly identified viruses and malware. Antivirus also protects the devices from damage.

Requirements

Describe the data types to be protected, security levels required and secure boundary requirements.

Further, describe the mission-critical network servers that are part of the infrastructure. The data type used by King Edward VII College: "management of the student data: RTO Manager", data of accounting, file of staff, enrolment, and academic-related

Mission-critical network servers: OneDrive, RTO Manager, and Xero

Secure boundary requirements: Control of IO data in digital estate

Infrastructure design

Provide your design for the virtualised cyber security infrastructure. You can include this as a screenshot and attach it to your Portfolio.

Implementation plan

Provide your implementation plan for your design. Make sure you plan includes:

Actions for implementation including network boundaries and technologies that will be used.

responsibilities and timelines. The implementation plan of the virtualized cyber security infrastructure needs proper identification of the current needs of the cyber security system and analysis of the present infrastructure of the cyber security. In the second step, the business organization has to make an effective plan and select the design for the implementation of the cyber security infrastructure. After that, they discussed with their manager and staff selected to design and make an appropriate budget and set a timeline. After the completion of these steps, they have to make an effective team and execute the process of implementation. Also, they have to use the performance measurement system to analyze the progress and performance of the virtualized cyber security infrastructure.

Network boundaries

We have appointed a manager for the safety and security of the network system and they have the power of authentication and authorization of users. Also, we have fixed an access control system and firewall to protect the data from hacking and cyber threats.

Timeline chart

Responsibilities Expected time

Identification of the need for cyber security and analysis of the present cyber security infrastructure 12 days

Planning and selection of the virtualized infrastructure design 6 days

Discussions with staff and managers 5 days

Team development 3 days

Execution of the implementation plan 8 days

Monitoring process 6 days

Total 40 days

Network security monitoring strategy

Describe the strategy that will be used for monitoring the network security. In this section, network security monitoring strategy is considered to be an automated process that helps in supervising the networking devices and traffics for the vulnerabilities, malicious activities or potential threats associated in the organizational security. The organization can utilize to detect or identify and response to the cyber security breaches instantly. The strategy that has been utilized in this organization for monitoring the network security is the Solarwinds. It is considered to be one of the effective and affordable network monitoring software that allow the organization system to detect, diagnose and resolve the network associated issues and outages instantly. The design of a solarwind helps in accomplishing the comprehensive monitoring starting with the discovery. This particular network monitoring software is regarded as an efficient tool used as a part of security monitoring measures. It is a set of freeware application that will enable the monitoring networks securities to be more notifying even if a security is have an emerging issue. The key features associated with SolarWinds are optimizing database performance, monitoring, analysing and diagnose etc. One of the major benefits that can e obtained using the solar wind as a network monitoring software is through its graphical interface which is exceptional as it can be seen the graphs of utilization, packet drops and network latency which are beneficial at the time of troubleshooting network issues. Other benefits involve health and wellness, workplace culture, financial benefits and perks etc.

Tools

Outline the tools that you will use to implement the infrastructure. Explain how you will obtain access to the network and data you need. Tools that can be utilized to implement within the organizational infrastructure are firewall and anti-malware software. These software helps in filtering the networking system of the organization from the malicious activities and unauthorized access into the restricted areas of the organizational networking. It also helps in protecting the access point of the organizational networking system.

Firewalls: It is one of the effective network monitoring tool as it monitors all the incoming and outgoing traffic and effectively controls what is authorized to transmit and what is unauthorized to transmitted. It helps in filtering the unwanted and unauthorized access into the organizational networking system and prevent it from cyber security breaches and other malicious activities which causes major problems like financial loss, reputational damage etc. It acts similarly like gates. It effective blocks the unwanted traffic coming into the network. It successfully secures the virtual machines from the tremendous external cyber-attacks.

Anti-malware software: It is a type of software program that is developed in order to secure the information technology system of the organization along with the individual systems from the malicious software or malware interventions. The main functionality of anti-malware software is top scan the computer system to identify or detect and prevent or remove the malware. Avira, Kaspersky, McAfee etc are some of the effective anti-malware software that successfully prevent malicious software to enter the system and corrupt the valuable and confidential information.

Presentation

Include the title of your presentation here and attach it to your Portfolio.

King Edward VII College

Feedback

Document the feedback you received from the presentation regarding your design.

Describe your response to this feedback and adjustments you will make. Feedback:

Virtualization enhances physical security by reducing the amount of hardware required in a system. The presentation provided a comprehensive overview of infrastructure design, explaining how virtualization achieves this goal.

Response:

I appreciate your feedback and will strive to improve all aspects of the design to the best of my ability.

618594143510 Attach: Screenshots

Presentation

Section 2: Implementation and testingComplete this section for each organisation.

Organisation 1

Implementation

You are to provide evidence of the implementation of your design. This should include screenshots that show:

Network boundaries created

Relevant technologies implemented

Security levels set

User access set Testing

Run tests on your network which will also demonstrate how you monitor the network.

Describe the tests you undertook and the results. Provide screenshots of the test results including logs. User feedback

Document the user feedback from your assessor. Adjustments

Based on the tests you ran, monitoring and user feedback describe the adjustments you need to make. 618594143510 Attach: Screenshots

Organisation 2

Implementation

You are to provide evidence of the implementation of your design. This should include screenshots that show:

Network boundaries created

Relevant technologies implemented

Security levels set

User access set Testing

Run tests on your network which will also demonstrate how you monitor the network.

Describe the tests you undertook and the results. Provide screenshots of the test results including logs. User feedback

Document the user feedback from your assessor. Adjustments

Based on the tests you ran, monitoring and user feedback describe the adjustments you need to make. 618594143510 Attach: Screenshots

-989966-1080135003810342265Portfolio

Student Version

020000Portfolio

Student Version

07265670ICTCYS612

Design and implement virtualised cyber security infrastructure for organisations

00ICTCYS612

Design and implement virtualised cyber security infrastructure for organisations

TOC o "1-3" h z t "RTO Works Heading 1,1" Section 1: Virtualised cyber security infrastructure PAGEREF _Toc73011123 h 5Section 2: Implementation and testing PAGEREF _Toc73011124 h 11

Student name:

Student ID:

Assessor:

Date: Organisations this assessment is based on:

Section 1: Virtualised cyber security infrastructureComplete this section for each organisation.

Organisation 1

Organisation operations

Provide an analysis of your chosen organisations operations.

Describe the cyber security needs the organisation has based on their operations. Network security options and technologies

Include at least two options for network security and two security technologies. Requirements

Describe the data types to be protected, security levels required and secure boundary requirements.

Further, describe the mission-critical network servers that are part of the infrastructure. Infrastructure design

Provide your design for the virtualised cyber security infrastructure. You can include this as a screenshot and attach it to your Portfolio. Implementation plan

Provide your implementation plan for your design. Make sure you plan includes:

Actions for implementation including network boundaries and technologies that will be used.

responsibilities and timelines. Network security monitoring strategy

Describe the strategy that will be used for monitoring the network security. Tools

Outline the tools that you will use to implement the infrastructure. Explain how you will obtain access to the network and data you need. Presentation

Include the title of your presentation here and attach it to your Portfolio.

Feedback

Document the feedback you received from the presentation regarding your design.

Describe your response to this feedback and adjustments you will make. 61859414351000 Attach: Screenshots