Assess the threats, risks, and vulnerabilities of the LAN domain
Assess strict access control policies, standards, procedures, and guidelines. Implement second-level identity checks to gain access to sensitive systems, applications, and data. Will need to conduct server, desktop, laptop vulnerability window policies, standards, procedures, and guidelines. Conduct periodic LAN domain vulnerability assessments to find software gaps. Define a strict software vulnerability window policy requiring quick software patching
Assess the threats, risks, and vulnerabilities of the LAN-to-WAN domain
Disallow IP port numbers used for probing and scanning and monitor with IDS/IPS. Monitor for inbound IP traffic anomalies and malicious intent traffic. Block traffic right away if malicious. Conduct post configuration penetration tests of the layered security solution within the LAN-to-WAN domain. Test inbound and outbound traffic and fix any gaps. Apply and enforce the organization’s data classification standard. Deny outbound traffic using source IP addresses in access control lists.
Assess the threats, risks, and vulnerabilities of the WAN domain
Enact new laws regarding unauthorized access to systems, malicious attacks on IT infrastructures, and financial loss due to malicious outages. Prohibit using the Internet for private communications without encryption and VPN tunnels. Apply filters on exterior IP stateful firewalls and IP router WAN interfaces to block TCP SYN and ICMP. Encrypt IP data transmissions with VPNs. Back up and store data in off-site data vaults with tested recovery procedures. Encrypt confidential data transmission through service provider WAN using VPN tunnels. Obtain WAN service availability SLAs. Deploy redundant internet and WAN connections when 100 percent availability is...