CCNA SECURITY CASE STUDY Essay Example | Topics and Well Written Essays - 2500 words

CCNA SECURITY CASE STUDY - Essay Example The proposed network security policy as stated below specifically addresses access rights the minimum requirements for hardware buildup and the parameters and basis for audit and review. The Network Security Policy shall guide the access rights policy and set the parameters for the information security audit and review policy. The login policy including the password policy shall also be guided by the Network Security Policy (Whitman and Mattord). This paper shall also draft a procedure that will be responsive to the requirement of the Network Security Policy. The procedure will not only provide a detailed implementation of a specific intent of the policy it will also guide the operation and mechanism of the policy when implemented (Whitman and Mattord). Please note that the policies and procedures detailed in this paper is only recommendatory for the consideration and approval of the management of CMS. 2. Table of Contents 1.Summary 2 2.Table of Contents 3 3.Network Security Policy 4 I.Policy Declaration 4 II.Objective 4 III.Scope 4 IV.Definition and Abbreviations 5 V.Responsibilities 5 VI.General Requirements 7 V. Related Procedures 10 VI. Enforcement 10 4.Router Configuration Procedure 11 I.Purpose 11 II.Standard 12 III.Procedure 13 IV.Records Generated 14 5.Switch Configuration Procedure 14 I.Purpose 14 II.Procedure 14 A.Create and Administrative User 15 B.Storm Control 15 C.Protection against STP attacks 15 D.Port Security/Disabling unused ports 15 III.Useful Resources 15 3. Network Security Policy I. Policy Declaration CMS is in the business of providing health care services in line with its fiduciary and legal obligation this policy shall protect the privacy of its clients and employees by protecting the confidentiality, integrity and availability of all records, data, information entrusted to it. II. Objective The purpose of this policy is to outline the Network Security at CMS to be followed to ensure the confidentiality, availability and integrity for the purpose of protecting CMS, its client and employees. Inappropriate implementation exposes CMS to risks including virus attacks, compromise of network systems and services, and legal issues. III. Scope This policy applies to the whole CMS-Systems related Infrastructure and Equipments employees and customers. To achieve this goal, the following are required for implementation: Establish company-wide policies to protect the CMS networks and computer systems from abuse and inappropriate use. Establish mechanisms that will aid in the identification and prevention of abuse of networks and computer systems. Establish mechanisms that will limit the access and authorization of CMS personnel to information assets that balances role and job requirements and information security requirements. Establish mechanisms that will protect the reputation of the Company and will allow it to satisfy its legal and ethical responsibilities with regard to its networks and computer systems’ connect ivity to the worldwide Internet. Establish mechanisms that will support the goals of other existing policies. IV. Definition and Abbreviations Network resources - includes any networks connected to the CMS backbone, any devices attached to these networks and any services made