In this assignment, you will continue with the report for ABC, Inc. that you started in Week 1 Project. Remember to review the scenario document for the company profile and overall security objectives. Modify and correct the plan you created for Week 1 Project to accommodate suggestions and recommendations from your instructor and your own changes based on the readings and activities for this week. Use Track Changes or color code your changes and additions so that the changes are easy to identify.
In this week, the focus will be on planning the security of the OSs and implementing access control. You will also be creating verification activities to make sure the recommended security solution is in place.
Using the South University Online Library or the Internet, research the following:
- Planning and implementing a security solution for an organization
- Verifying security solutions
Using the project report from Week 1 Project, complete the following tasks by adding 2- to 3-pages to your existing report:
- Recommend a mechanism that will implement user authentication before an employee can log on to the network.
- Recommend a method to secure the computers in the accounts department. This should prevent users outside of the accounting group from accessing these machines.
- Recommend a method for enabling only the users in a department to access the department folder on the file server.
- Recommend an OS for the servers and for the workstations (these may be different OSs and subgroups may need different machines as well). Describe how each of the OSs chosen will be updated and patched. Justify your choice based on the security of the OS along with cost considerations.
- Describe the implementation process and timeline for your recommendations. Try to give as reasonable a timeline as possible.
Create a section of your report for verifying the implementation of the security recommendations. This should include testing activities to make sure the security system is working properly. An example of this would be using an intentionally incorrect password to make sure the system does not allow the login.