INTRODUCTION
You are the cybersecurity professional for Company A and are responsible for protecting the information of the company. Your roles include managing the company’s cybersecurity capabilities and tools, conducting vulnerability management, and assessing risk to sensitive information. Company A has recently purchased Company B and wants to merge both networks.
Executives of Company A have tasked you with making risk-based decisions on integrating Company B’s network with Company A’s existing network. Company B has provided its latest vulnerability scans, network diagrams, and existing cybersecurity capabilities and tools. As a deliverable to the executives, you will submit your recommendations for a secure network design that merges the two networks and allows remote access for employees of both companies in the form of a merger and implementation plan.
For this project, you will use the given scenario and the following supporting documents to complete your network merger and implementation plan:
•  “Company A Network Diagram”
•  “Company A Risk Analysis”
•  “Company B Network Diagram”
•  “Company B Vulnerability Report and Cybersecurity Tools”
SCENARIO
Company A is a global company based in the United States that operates in the financial industry. Company A serves its customers with financial products, such as checking accounts, bank cards, and investment products. Company A has recently acquired Company B and needs to integrate with or remove similar capabilities and tools from Company B. Company B is smaller in size, has no dedicated cybersecurity professional role, and utilizes third-party support for infrastructure needs. Company B offers specialized software to medical providers and accepts credit cards as a payment option.
The executives of the newly merged company have expressed interest in integrating the use of the cloud to allow for scalability and redundancy. As the security professional of the merged networks, you are tasked with creating a secure network design that includes the use of zero trust principles and that utilizes both on-premises and cloud infrastructure. You also have been tasked with ensuring compliance with all regulatory requirements of the merged company, along with utilizing cloud-based technologies to provide security capabilities. Company executives have provided a budget of $50,000 in the first year to create a secure network design to utilize cloud-based services.
REQUIREMENTS
A.  Describe two current network security problems and two current infrastructure problems for each company, based on business requirements given in the scenario.
B.  Analyze the given network diagram and vulnerability scan for both companies by doing the following:
1.  Describe two existing vulnerabilities for each company.
2.  Explain the impact, risk, and likelihood associated with each described vulnerability from part B1 as it relates to each company.
C.  Create a network topology diagram with details of the proposed merged network requirements.
D.  Identify the layer for all components in the topology diagram referencing the layers of the OSI model and TCP/IP protocol stack.
E.  Explain the rationale for adding, deleting, or repurposing network components in the newly merged network topology diagram, including details of how each component addresses budgetary constraints.
F.  Explain two secure network design principles that are used in the proposed network topology diagram.
G.  Explain how the proposed merged network topology diagram addresses two regulatory compliance requirements that are relevant to the newly merged company, including the following in your explanation:
•   the name of the regulatory compliance requirement
•   why the regulatory requirement is relevant to the newly merged company
•   how the proposed merged network topology diagram meets the regulatory requirement
H.  Describe two emerging threats that are applicable to the merged organization, including the following in the description:
•   potential network security risks of implementing the topology
•   potential performance impacts on the merged network after implementation of the proposed design
•   how to manage the identified potential security risks
I.  Summarize your recommendations for implementation of this proposed merged network based on the scenario and budgetary requirements, including the following in the summary:
•   a cost-benefit analysis for on-premises and cloud infrastructure solutions
•   a justification for your recommendations to implement the proposed secure merged network design
J.  Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
K.  Demonstrate professional communication in the content and presentation of your submission.
Leave a Reply
You must be logged in to post a comment.