Your team’s security baseline analysis should include an evaluation of network forensics information such as traffic analysis and intrusion analysis, as well as the type of information needed for any future forensics investigations. The team’s evaluation of information needs for network forensics could include what is needed to support security software and hardware across multiple platforms, multiple applications, and multiple architectures in order to communicate with the other nations.You will do this by using security baseline tools to build an audit file and then scan their systems. The systems should be hardened based on the policies, procedures, and standards to ensure desired levels of enterprise-wide information assurance requirements developed by the Global Economic Summit.
As you perform your baseline, address the following tasks:
• Define the components you are searching for in this baseline determination and what you would do in light of possible disasters.
• Include the systems-level diagram of how your nation team is configured, which can be obtained from your lab documentation.
• How would you recover information assets and how would you ensure the integrity of data if such a situation were to take place?
• What are the steps to producing the scan and audit report? What are the communication ports to be used or closed during operation during the Global Economic Summit?
• Conduct packet sniffing with Wireshark and explain how this analysis can be used to identify and exploit vulnerabilities.
• How will you maintain a baseline of registers and images of data? How would you ensure the integrity of these components over time?
• What are different ways to implement security controls to a system after the security posture has been defined, in order to meet the policy requirements?
• What are the missing security configurations or security updates, if any? Report on how these should be addressed to fortify the security posture of the nation system.
• In your scanning, can you determine if there are missing security updates on target computers based on your access? If so, what were they and what tool did you use for this scan? Is there security from/to the IP network to/from the PSTN caller? You will be given decryption information, and then you will determine what are the data types in transit. Identify if these are image files, or document files, and anything else.
Your team will provide all artifacts from the baseline scanning exercise and refer to them in the security baseline analysis report.
Additionally, you should assess (compare and contrast) security issues during the scans and provide issues created by social engineering. You should cover the following testing while implementing network infrastructure contingency and recovery plans in your comparison:
• damage assessments
• types of vulnerabilities and associated attacks
• distributed computing model
• information assurance (IA) principles
• digital certificates
• digital signatures (significance of public-key infrastructure)