Security Solution: Weekly Assignment For The Course Is A C

Posted on December 27, 2025

Security Solutionthe Weekly Assignment For The Course Is A Comprehensi

The weekly assignment for the course is a comprehensive assignment. Each week, you will be completing part of this assignment based on the content covered in the week. You will add new content to the report each week to build a comprehensive security solution for an organization. Scenario A tire manufacturing company, who wishes to be called ABC, Inc. to protect its privacy, has recently fallen victim to a cybercrime. The customer information and some of its proprietary technology were compromised in the attack.

This company has been in the business for pretty long and enjoys a big market share. If its identity is disclosed, the attack has the potential to cause it to lose customer confidence. Also, some of its competitors are constantly looking for opportunities to hack the company's important strategic and functional information. The company's head, Dermot Reed, is very concerned about the situation because a recent study shows that some of its competitors have started using its techniques. The source of the attack remains unknown.

It could be that an internal, disgruntled, or greedy employee has been involved in the attack or has been revealing important information to its competitors. Moreover, there have been several attempts of hacking in the past that have been unsuccessful, prior to the incident. Ed Young, the network administrator, has requested a budget for a system overhaul to rebuild the infrastructure of the organization with an emphasis on security. The company does not have anything currently in terms of true security measures. Young is competent but has limited understanding of attack methodologies.

The attacks were thwarted mainly due to automated antivirus programs installed on the servers. ABC, Inc. has a network with four servers that cater to around 450 employees. ABC, Inc. keeps track of its data using a MySQL database. However, some of the data is found to be incorrect in its database since somebody has modified it outside of normal business operation hours. The database server is used for updating the inventory records.

The database contains information about quantity of raw materials available, quantity of finished products, price of finished products, etc. Users from across the organization use the database to access different information. Therefore, availability of the server is critical. Young would like a recommendation from you on the fault-tolerance mechanism that can ensure uninterrupted business and security on the database to prevent unauthorized modifications. Ken Burton, the sales and marketing head is worried about the security of the laptops that the sales and marketing personnel carry with them while traveling.

Burton has previously reported that data on these laptops has been leaked or hacked when these laptops are outside the organization network. Burton wants a system by which these computers can be secured while they move out of the organizational network and still maintain a secure connection to the home network. In addition, ABC, Inc. wants to implement a computer use policy for its users which explains their responsibilities and the internal and legal implications to users who violate this policy. The intent is to prevent users from indulging in activities which put the company at risk. ABC, Inc. needs to create a charter that describes the following:

Hacking
Violation of right of ownership
Violation of privacy of user's personal data

The management of ABC, Inc. decided that adequate security measures must be taken to protect internal data and entrusted Young with the responsibility of creating the security requirements.

Young has created the following additional requirements: User authentication must be performed before an employee can logon to the network. The organizational structure is given in Appendix A. Appendix A: Use the information in the following table to recommend user and group permissions for the organization. Name Role Department/Sub Department Groups David Wong Design Head Design Dsngrp Debbie Howe Database Administrator Information Systems ISgrp Ken Burton Sales and Marketing Head Sales and Marketing SMgrp Jim Lewis Human Resources Head Human Resources HRgrp Tom Wilkins Network Support Head Information Systems ISgrp Mike Womack Information Systems Head Information Systems ISgrp Diane Frye Inventory Manager Operations ODgrp Jerry Smith Sales Manager Sales and Marketing SMgrp Lee Mitchell Marketing Manager Sales and Marketing SMgrp Ed Young Network Administrator Information Systems ISgrp Sheila Frost Accounts Head Accounts Accgrp

Each department stores its data in separate folders that are shared in a central file server. Measures need to be taken to enable only the users in a department to access the department folder in the central file server. Personnel in a particular department should not be able to access the folder of another department. In addition, a mechanism is required that would record event data on each department folder on the central server. The network administrator will use this data to identify the events that generated security alerts. The computers in the accounts department need to be made secure.

Employees in other departments currently use these computers as well. Sensitive data on these computers are accessible to any user who has physical access to the computer. A mechanism is needed by which data belonging to a user on the local machine is accessible to that user only. Young suggests using encryption to secure data on local computers. The OSs installed on the computers need to be updated with the latest patches and fixes.

All users in the organization currently use the database. However, only the heads of the departments, the network administrator, and the database administrator should have access to the database. The database administrator should have full control permissions, the department heads should have modify rights, and the network administrator should have read-only permission on the database. The computers in the marketing department need to be secured when the computers move out of the network. All computers in the organization are run on an outdated OS.

The organization has identified that some of the hacking has occurred because computers running on this OS can be accessed from outside the organizational network by using terminal services. The OS needs to be updated and configured to prevent outsiders from accessing the computers. A mechanism is required to check if the computers in the organization are running the latest patches. In addition, a mechanism is required for implementing antivirus in the computers in the organization. You have been hired by this company to suggest ways of securing its technology assets.

Paper For Above instruction

ABC, Inc., a long-established tire manufacturing company, recently experienced a serious cybersecurity breach that compromised customer data and proprietary technology. This incident highlighted significant vulnerabilities within its IT infrastructure, which lacked comprehensive security measures. The potential loss of customer confidence and strategic information, coupled with the risk of competitive disadvantage, underscores the urgent need for robust security solutions. The breach's uncertain source—possibly an internal employee or external attacker—further complicates the company's security posture, necessitating a multilayered approach.

To address these challenges, the organization must prioritize layered security strategies, including technical controls, policy enforcement, and organizational awareness. Key vulnerabilities include outdated operating systems, unprotected data storage, inadequate user authentication, and insufficient network perimeter defenses. These vulnerabilities render the organization susceptible to data theft, unauthorized modifications, and external intrusions, all of which threaten its reputation and operational continuity.

Based on a comprehensive analysis, the following top five security recommendations are proposed to strengthen ABC, Inc.'s defenses:

1. Implement Robust User Authentication and Access Control

Enhancing user authentication protocols ensures that only authorized personnel can access sensitive systems. Multi-factor authentication (MFA) should be adopted across all critical servers and databases, supplemented by role-based access control (RBAC) to restrict users’ permissions according to their roles. For example, database administrators would have full control, department heads modify permissions, and general users read-only access where appropriate. This segregation minimizes the risk of data breaches from insider threats and limits damage scope.

2. Regular Updates and Patch Management

Keeping operating systems and software up-to-date is critical in closing security vulnerabilities that hackers often exploit. Automated patch management systems should be implemented to regularly check and install security patches on all organizational computers and servers. This includes replacing outdated OSs with secure, supported versions, particularly for remote access services like terminal servers, which are frequent attack vectors.

3. Data Encryption and File Security

To prevent unauthorized access to sensitive data, especially on laptops and local machines, encryption must be adopted. Full disk encryption (FDE) on laptops and local encryption of user files will ensure confidentiality even if devices are lost or stolen. Encryption keys should be securely managed, with access restricted to authorized users. Additionally, implementing secure file sharing permissions and event logging ensures accountability and traceability of access attempts or modifications.

4. Network Security and Virtual Private Networks (VPNs)

Network defenses need reinforcement through firewalls, intrusion detection/prevention systems, and secure VPNs to protect remote access points. Employees traveling with laptops should connect through VPNs that enforce strong encryption and authentication, ensuring secure communication with the corporate network. Network segmentation can isolate critical systems, such as databases, from general user traffic, reducing the impact of breaches.

5. Endpoint Security and Malware Protection

All organization devices must be secured with up-to-date antivirus and anti-malware solutions, integrated with real-time scanning and automatic updates. Given the prevalence of outdated OSs, an upgrade schedule should be established to standardize secure, supported OS versions. Regular security audits and vulnerability scans will help identify and remediate emerging threats proactively.

Implementing these measures will significantly enhance ABC, Inc.'s security posture. User authentication controls restrict unauthorized access, encryption safeguards data confidentiality, and updates mitigate exploitation of known vulnerabilities. Network security ensures secure remote connections, especially for mobile personnel. Endpoint protection prevents malware infections that could compromise entire systems. Collectively, these strategies reduce the risk of data breaches, protect organizational reputation, and ensure business continuity.

Addressing the specific questions, the attack on ABC, Inc. impacts consumer confidence because data breaches diminish trust in the company's ability to safeguard personal and transactional information. The damage to reputation can lead to customer attrition and legal consequences, which may have long-term business impacts. Companies often choose to remain anonymous during such incidents to avoid public scrutiny, preserve their brand image, and prevent giving competitors insights into their vulnerabilities.

To prevent employees from accessing each other's data, organizations should enforce policies such as role-based access control, segregated user directories, and individualized permissions. These policies limit visibility only to relevant data, thereby reducing internal security risks. For example, department-specific folders with permissions set to allow access only for department members prevent unauthorized viewing or modification by users from other departments. Combining this with audit logs and regular monitoring ensures accountability and detects potential violations in real time.

Conclusion

In conclusion, the security of ABC, Inc. requires a comprehensive, multi-layered approach that combines technical controls, organizational policies, and continuous monitoring. Upgrading outdated systems, implementing encryption, enforcing access controls, securing remote connections, and deploying endpoint protection are essential steps. These measures will foster a resilient security environment, safeguarding organizational assets, maintaining customer trust, and ensuring operational continuity amid evolving cyber threats.

References

Anderson, R. (2020). Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley.
Chapple, M., & Seidl, D. (2018). CISSP (Certified Information Systems Security Professional) Official Study Guide. Sybex.
Feinstein, S. (2021). Enterprise Security Risk Management: The Definitive Guide to Managing Security Risks. CRC Press.
Krutz, R. L., & Vines, R. D. (2019). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Wiley.
Northcutt, S., & Novak, J. (2019). Network Intrusion Detection. Sams Publishing.
Pfleeger, S. L., & Pfleeger, C. P. (2015). Security in Computing. Prentice Hall.
Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94.
Stallings, W. (2020). Computer Security: Principles and Practice. Pearson.
Sullivan, E., & Newsham, D. (2017). Implementing Effective Security Policies. International Journal of Information Security.
Zhao, J., & Zhou, B. (2022). Data Encryption in Cloud Computing: Techniques and Challenges. IEEE Transactions on Cloud Computing.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.