Hands-On Steps 1. From your computer workstation, create a new text document called LAN-to-WAN Domain Lab #7. 2. Consider the following scenario: You are a security consultant for an information systems security firm and have a new health care provider client under HIPAA compliance. Your new client wants to know the requirements and business drivers for securing the LAN-to-WAN domain in its health care environment, which requires compliance with HIPAA. Similarly, your firm has a U.S. government DoD client who also wants you to perform a LAN-to-WAN domain compliance audit per the DoD LAN and network hardening guidelines and baseline requirements. Both organizations want you to focus on the LAN-to-WAN domain only, and you are to use the DoD-provided frameworks and STIGs previously found to summarize a network infrastructure hardening strategy. Just as you researched STIGs in Lab #6, do the same at the following url: http://iase.disa.mil/stigs/net_perimeter/index.html#. 3. Review the U.S. Department of Defense (DoD) network hardening guidelines and other NIST standards that you identified in Lab #3. 4. Launch your Web browser and type in the Web address http://www.sans.org. Use the Custom Search box in the upper right corner to identify the risks, threats, and vulnerabilities commonly found in the LAN-to-WAN domain. List these in your text document. 5. Using the information you learned in Lab #2 and the Internet, identify and review the documents available for hardening network infrastructure and the LAN-to-WAN domain as per DoD standards. List these in your text document. 6. On the IASE/DISA website, find the STIGs for the routers and switches, network policy, firewalls and IDS/IPS, and other network devices. Use the following Web addresses to find these: http://iase.disa.mil/stigs/net_perimeter/network_infra/routers_switches.html http://iase.disa.mil/stigs/net_perimeter/network_infra/policy.html http://iase.disa.mil/stigs/net_perimeter/network_infra/firewall.html http://iase.disa.mil/stigs/net_perimeter/network_infra/other.html 7. Download the available ZIP files from the URLs listed in the previous step, including: a. Network Infrastructure Router L3 Switch b. Network Perimeter Router L3 Switch c. Network L2 Switch d. Network Policy e. Network Firewall f. Network IDS/IPS g. Network Other Devices 8. Extract the Overview PDFs from each of the ZIP files listed in the previous step. This PDF is the summary document that supports all of the XML files. Review the following concepts from this overarching DoD standards document for network infrastructure: ENCLAVE PERIMETER Enclave Protection Mechanisms Network Infrastructure Diagram External Connections Leased Lines Approved Gateway/Internet Service Provider Connectivity Backdoor Connections IPv4 Address Privacy Hands-On Steps 55 7 38412_Lab07_Pass1.indd 55 3/7/13 6:04 PM FIREWALL Packet Filters Bastion Host Stateful Inspection Firewalls with Application Awareness Deep Packet Inspection Application-Proxy Gateway Hybrid Firewall Technologies Dedicated Proxy Layered Firewall Architecture Content Filtering Perimeter Protection Tunnels Briefly discuss these in your text document. 9. Extract the Switch Cisco Manual XML file from the Network L2 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco switches: Non-registered or unauthorized IP addresses In-band Mgt not configured to timeout in 10 min Exclusive use of privileged and non-privileged Assign lowest privilege level to user accounts Log all in-band management access attempts Briefly discuss these in your text document. 10. Extract the Perimeter Router Cisco XML file from the Network Perimeter Router L3 Switch ZIP file. Review some of the following concepts and vulnerabilities for configuring and hardening Cisco routers: A log or syslog statement does not follow all deny statements DNS servers must be defined f…
Looking for solution of this Assignment?
WHY CHOOSE US?
We deliver quality original papers |
Our experts write quality original papers using academic databases.We dont use AI in our work. We refund your money if AI is detected |
Free revisions |
We offer our clients multiple free revisions just to ensure you get what you want. |
Discounted prices |
All our prices are discounted which makes it affordable to you. Use code FIRST15 to get your discount |
100% originality |
We deliver papers that are written from scratch to deliver 100% originality. Our papers are free from plagiarism and NO similarity.We have ZERO TOLERANCE TO USE OF AI |
On-time delivery |
We will deliver your paper on time even on short notice or short deadline, overnight essay or even an urgent essay |