ABC Invitation Design and XYZ Invitation Printing have decided to merge into one company

ABC Invitation Design and XYZ Invitation Printing have decided to merge into one company, A2Z Invitations. ABC is a virtual company with a proprietary website that allows customers to do some preliminary work on invitations and then consult with a designer for the final product. XYZ is a traditional company with a system that allows customers to submit designs and track their orders. It also has a contact management and invoicing system. ABC will be moving its application into the XYZ data center and will be using all of XYZ's back end systems. Both companies have experienced data breaches in the past and do not want to have them in the future. A2Z has hired you to do a security analysis of its new network and to recommend how it can be set up in a secure manner. It has budgeted for a capital expenditure (outside of man hours) of $250,000 for hardware and software and $25,000 every year for additional security measures. Guidelines Back to Top The Statement of Work objectives are: •    Perform online reconnaissance on XYZ to see what information is available to an attacker. No social engineering of employees is allowed. Use the Week 1 You Decide as the data for this section. •    Perform an analysis of the current XYZ network, using the current network diagram and nmap report Diagram; NMAP and files are below. •    Check the user's password strength. Use the Week 3 You Decide as the data for this section. •    Redesign of network. Current network below. •    System hardening procedures for both IIS and Apache (even if they only use IIS). •    Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section. •    Template for future security policies. •    Your paper must conform to all requirements listed below. Requirements •    Papers must be at least 5–10 pages in length, double-spaced. •    Papers must include at least three references outside of the text. •    Paper and references must conform to APA style, including: o    cover page; o    header with student’s name and page number; and o    sections including Introduction, Body, and Conclusion/Summary. Milestones Each You Decide and other write-ups should be used as the raw material for this report. This report is the analysis of that data. •    Week 1 You Decide •    Week 3 You Decide •    Week 5 writing assignment Grading Rubrics Back to Top Category    Points Recon Report IP Addresses Mail Servers WHOIS CNAME    20 Current Network Diagram Analysis    20 Quantitative Analysis Ranking of Assets    20 NMAP Analysis    20 Password Cracking Report    20 Redesigned Network Diagram    20 Web Server Hardening Procedure IIS    20 Web Server Hardening Procedure Apache    20 Security Policy Template    20 Three Complete Policies    20 Three Outside References    10 Spelling, Grammar, and APA Formatting    10 Total    220 Best Practices Back to Top You should begin working on this course project on Day 1. Official XYZ Network Diagram Back to Top Image Description Results of NMAP Scan Back to Top Above is the official network diagram of XYZ (pre-merger with ABC). All servers are supposed to be Windows 2003. XYZ uses a private IP internally of 192.168.x.x. Below are the results of the NMAP scan done as part of the consulting agreement with infosecwizards. Starting Nmap 5.00 (http://nmap.org) at 2009-MM-DD 23:12 UTC Interesting ports on XYZDomainController at (192.168.0.1): Not shown: 997 filtered ports Port    State    Service    Product    Version    Extra info 135    tcp    open    msrpc 139    tcp    open    netbios-ssn 427    tcp    open    svrloc 445    tcp    open    microsoft-ds Service Info: OS: Microsoft Windows 2003 Server or XP SP2 Interesting ports on XYZInviteDesign at (192.168.0.2): Not shown: 997 filtered ports Port    State    Service    Product    Version    Extra info 135    tcp    open    msrpc 139    tcp    open    netbios-ssn 427    tcp    open    svrloc 445    tcp    open    microsoft-ds Service Info: OS: Microsoft Windows 2003 Server or XP SP2 Interesting ports on XYZAcct at (192.168.0.3): Not shown: 997 filtered ports Port    State    Service    Product    Version    Extra info 135    tcp    open    msrpc 139    tcp    open    netbios-ssn 427    tcp    open    svrloc 445    tcp    open    microsoft-ds Service Info: OS: Microsoft Windows 2003 Server or XP SP2 Interesting ports on XYZprinting at (192.168.0.4): Not shown: 997 filtered ports Port    State    Service    Product    Version    Extra info 135    tcp    open    msrpc 139    tcp    open    netbios-ssn 427    tcp    open    svrloc Service Info: OS: Microsoft Windows 2003 Server or XP SP2 Interesting ports on XYZwebsrv at (192.168.0.5): Not shown: 997 filtered ports Port    State    Service    Product    Version    Extra info 135    tcp    open    msrpc 139    tcp    open    netbios-ssn 427    tcp    open    svrloc 1025    tcp    open    NFS-or-IIS Service Info: OS: Microsoft Windows 2003 Server or XP SP2 (The 1656 ports scanned but not shown below are in state: closed) Interesting ports on XYZChat at (192.168.0.6): Port    State    Service    Product    Version    Extra info 22    tcp    open    ssh 80    tcp    open    Apache 111    tcp    open    rpcbind 6000    tcp    open    X11 32771    tcp    open    sometimes-rpc5 Service info: OS: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7) Service detection performed. Please report any incorrect results at http://nmap.org/submit/. Nmap done: 6 IP address (6 hosts up) scanned in 64.27 seconds What IP address is its network Internet connection? 134.170.185.46 134.170.188.221 What its mailserver IP is? server:    ns1.msft.net What its URL is? Microsoft.com How many other sites link to it? 420   (Internal: 188, Outbound: 232) Reference: Whois Record for Microsoft.com (Microsoft.com WHOIS, DNS, & Domain Info) http://whois.domaintools.com/microsoft.com PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET AN AMAZING DISCOUNT :)