SCENARIO Company A is a property and casualty insurer underwriting multiple type
SCENARIO
Company A is a property and casualty insurer underwriting multiple types of insurance. Company A is acquiring Company B, a financial services organization, in order to diversify and increase market share. Company B conducts business in the same geographical area as Company A and delivers business and individual financial planning services. Both companies provide services from their respective offices and at the customer’s site. Both companies use broadband connectivity.
You are the IT director for Company A and will be the chief information officer (CIO) for the merged organization. You are tasked with analyzing, designing, and presenting the proposed IT integration project. Company A has clear IT infrastructure documentation, including a logical diagram, an organizational chart, and a recent security risk analysis. Company B does not have any IT infrastructure documentation, and several security and integration issues are evident. Company B outsources any IT-related needs to a consultant. Leadership for the merged organization has allocated a limited budget of $35,000 for this project and will expect justification for recommended expenditures.
Integration project requirements include following secure network design principles, selecting or repurposing secure network components, assuring secure communication channels, addressing relevant regulatory compliance, minimizing potential network problems and security threats, delivering integration cost savings, and aligning IT to meet the business needs of the post-merger organization. This post-merger organization will reflect one corporate office and a branch office.
Requirements:
A. Using the attached documentation, topology, and information on Company A, describe the problems Company A has with network security and infrastructure using details from one or more of the “Company A Organizational Chart,” “Company A Risk Analysis,” and “Company A Visio Diagram” supporting documents. (I’ve already started the document. It has also been attached.)
B. Describe the potential impact of two network security or infrastructure problems of Company B using details from the outputs of Zenmap and OpenVas (attached documents), including the rationale for each problem.
1. Explain how correcting each of these problems will improve the functioning of the merged network.
C. Provide a network topology diagram using Microsoft Visio or a similar software tool that represents the proposed merging requirements from the scenario of Company A and Company B, including remediation of all existing infrastructure problems described in part A and part B.
D. Identify which layer of the OSI model and layer of the TCP/IP protocol stack apply to each component in the merged network topology diagram.
E. Justify the retention or deletion of four existing components as suggested in your proposed network topology diagram. Include how each component’s retention or deletion and any newly required additions to the network address both security concerns and budgetary restrictions found in the scenario.
F. Explain how two secure network design principles are included in your proposed merged network topology diagram.
G. Describe two secure hardware and/or software components integrated into the proposed network topology and how each component will address the security needs of the merged organization.
H. Explain how the proposed network topology diagram for the merged organization addresses security safeguards based on a regulatory compliance requirement.
I. Explain a security threat and one potential network problem that would become a risk as part of the implementation of the proposed network topology diagram, including why each would become a risk.
1. Explain how the security threat and potential network problem should each be managed or mitigated as part of the implementation of the proposed topology diagram.
J. Acknowledge sources, using in-text citations and references, for content that is quoted, paraphrased, or summarized.
