In a business environment, controlling who has access to business information and at what level is critical for facilitating day-to-day business operations. The emphasis of Network Access Control (NAC) it to decide who or what has authorized permission to access resources on the network. In a new age of risks, it is important to re-identify access controls.
Scenario: You have been hired as an IT Security Specialist for a company called LOTR Experience. The leadership at LOTR has recently expressed concerns over various possible security issues. They would like you to be “a new set of eyes” and lead the efforts to review their current security protocols. As an expert in this field, your first task involves assessing NAC and providing a high-level assessment to leadership.
Write a technical assessment in which you:
1. Analyze NAC Best Practices and how these can be detrimental to LOTR, outlining goals for the following areas:
1. Endpoint Security
2. Direct Login
3. Remote Access
2. Determine what type of mechanisms will be used to enforce and monitor NAC controls and the frequency with which these should be implemented.
After assessing the LOTR Network Design, outline five (5) potential issues related to NAC that you see in the network’s overall design (high-level overview).
2. Describe any operational risks that could affect business processes.
2. Describe the consequences of a threat or vulnerability to the infrastructure.
2. Recommend network changes that will implement the proper NAC controls.
1. Use at least three quality resources in this assignment. Note: Wikipedia and similar websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
· Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow school-specific format.
The specific course learning outcomes associated with this assignment are:
· Examine methods that mitigate risk to an IT infrastructure with confidentiality, integrity, availability, and access controls.
· Determine appropriate access controls for information systems within IT infrastructures.