In Part 1 of this assignment, you design a 3-layer protection scheme to prevent unauthorized virtual access. Your design will inform an unauthorized access prevention policy that you write in Part 2.
Preparation
In this assignment, you are required to create a diagram depicting your solution for preventing unauthorized network access to the hospital’s information network. Use a tool such as Word, Excel, Visio, or another appropriate diagramming program to create a visual depiction of your solution similar in concept to the Layered Network Defense Diagram example.
Instructions
Consider the scenario and complete the following in a Word document:
Part 1: 3-Layer Virtual Network Defense Design
1. Design an integrated 3-layer protection scheme to prevent unauthorized virtual network access to the hospital’s network via one of the vulnerabilities that you identified in the Network Vulnerability Assessment assignment. The design should:
Be realistic, practical, and effective.
Be comprised of 3 appropriate, distinct (integrated or isolated) hardware or software solutions.
Include a description of how each layer works to effectively mitigate the specified type of unauthorized access. Include major components (Specify current technology solutions and be specific about the components (i.e., Virtual Machine (VM) – Ubuntu Server VM on VMware ESXi).
Include a 4-row table that identifies components and the purpose of each layer. Column headers should be labeled: Layer, Components, and Purpose.
2. Use an appropriate design tool to create a UML-compliant diagram that depicts how these layers are integrated into the hospital network and is consistent with the design description. Cut and paste it (or a screenshot of it) into the Word document.
Part 2: Unauthorized Access Prevention Policy
Note: Work completed here will be used in your Week 10 assignment, Cybersecurity Policy Manual.
Consider your 3-layer defense design and write a formal policy that governs unauthorized access protection effectively. It should satisfy the following criteria:
State a purpose and scope.
Be realistic for the organization’s structure and technical environment.
Comprehensively define enforceable practices, procedures, protocols, and safeguards for preventing unauthorized virtual network access.
Be written as a formal policy statement (e.g., “All remote devices must use Mobile Device Management (MDM) enforced encryption”) that includes its goals and purposes.
Reference applicable regulatory, procedural, or technology-based guidelines (i.e., ISO2700, NIST, HIPAA, etc.).
Submission Requirements
Submit a double-spaced Word document using Times New Roman 12-point font.
This course requires the use of Strayer Writing Standards (SWS). The library is your home for SWS assistance, including citations and formatting. Please refer to the Library site for all support. Check with your professor for any additional instructions.
The specific course learning outcome associated with this assignment is:
Implement network cybersecurity controls and measures.
Write cybersecurity policies.