Network Merger and Implementation Plan –
IT D482 (DHN1) Task 1
You are the cybersecurity professional for Company A and are
responsible for protecting the information of the company. Your
roles include managing the company’s cybersecurity capabilities
and tools, conducting vulnerability management, and assessing risk
to sensitive information. Company A has recently purchased
Company B and wants to merge both networks.
Executives of Company A have tasked you with making risk-based
decisions on integrating Company B’s network with Company A’s
existing network. Company B has provided its latest vulnerability
scans, network diagrams, and existing cybersecurity capabilities
and tools. As a deliverable to the executives, you will submit your
recommendations for a secure network design that merges the two
networks and allows remote access for employees of both
companies in the form of a merger and implementation plan.
For this project, you will use the given scenario and the following
supporting documents to complete your network merger and
implementation plan:
“Company A Network Diagram”
“Company A Risk Analysis”
“Company B Network Diagram”
“Company B Vulnerability Report and Cybersecurity Tools”
Company A is a global company based in the United States that
operates in the financial industry. Company A serves its customers
,with financial products, such as checking accounts, bank cards,
and investment products. Company A has recently acquired
Company B and needs to integrate with or remove similar
capabilities and tools from Company B. Company B is smaller in
size, has no dedicated cybersecurity professional role, and utilizes
third- party support for infrastructure needs. Company B offers
specialized software to medical providers and accepts credit cards
as a payment option.
The executives of the newly merged company have expressed
interest in integrating the use of the cloud to allow for scalability
and redundancy. As the security professional of the merged
networks, you are tasked with creating a secure network design
that includes the use of zero trust principles and that utilizes both
on-premises and cloud infrastructure. You also have been tasked
with ensuring compliance with all regulatory requirements of the
merged company, along with utilizing cloud-based technologies to
provide security capabilities. Company executives have provided a
budget of $50,000 in the first year to create a secure network
design to utilize cloud-based services.
,Describe two current network security problems and two current
infrastructure problems for each company, based on business
requirements given in the scenario.
Analyze the given network diagram and vulnerability scan for both
companies by doing the following:
Describe two existing vulnerabilities for each company.
Explain the impact, risk, and likelihood associated with each
described vulnerability from part B1 as it relates to each company.
Create a network topology diagram with details of the proposed
merged network requirements.
Identify the layer for all components in the topology diagram
referencing the layers of the OSI model and TCP/IP protocol stack.
Explain the rationale for adding, deleting, or repurposing network
components in the newly merged network topology diagram,
including details of how each component addresses budgetary
constraints.
Explain two secure network design principles that are used in the
proposed network topology diagram.
Explain how the proposed merged network topology diagram
addresses two regulatory compliance requirements that are
relevant to the newly merged company, including the following in
your explanation:
the name of the regulatory compliance requirement
why the regulatory requirement is relevant to the newly merged
company
how the proposed merged network topology diagram meets the
regulatory requirement
Describe two emerging threats that are applicable to the merged
organization, including the following in the description:
potential network security risks of implementing the topology
potential performance impacts on the merged network after
implementation of the proposed design
how to manage the identified potential security risks
,Summarize your recommendations for implementation of this
proposed merged network based on the scenario and budgetary
requirements, including the following in the summary:
a cost-benefit analysis for on-premises and cloud infrastructure
solutions
a justification for your recommendations to implement the
proposed secure merged network design
Company A performed an internal risk analysis in anticipation of
system integration with Company B. This risk analysis was
performed in accordance with NIST SP 800-30 Rev 1 to identify the
following:
, vulnerabilities
risk likelihood
Table A. Risk Classifications
IT D482 (DHN1) Task 1
You are the cybersecurity professional for Company A and are
responsible for protecting the information of the company. Your
roles include managing the company’s cybersecurity capabilities
and tools, conducting vulnerability management, and assessing risk
to sensitive information. Company A has recently purchased
Company B and wants to merge both networks.
Executives of Company A have tasked you with making risk-based
decisions on integrating Company B’s network with Company A’s
existing network. Company B has provided its latest vulnerability
scans, network diagrams, and existing cybersecurity capabilities
and tools. As a deliverable to the executives, you will submit your
recommendations for a secure network design that merges the two
networks and allows remote access for employees of both
companies in the form of a merger and implementation plan.
For this project, you will use the given scenario and the following
supporting documents to complete your network merger and
implementation plan:
“Company A Network Diagram”
“Company A Risk Analysis”
“Company B Network Diagram”
“Company B Vulnerability Report and Cybersecurity Tools”
Company A is a global company based in the United States that
operates in the financial industry. Company A serves its customers
,with financial products, such as checking accounts, bank cards,
and investment products. Company A has recently acquired
Company B and needs to integrate with or remove similar
capabilities and tools from Company B. Company B is smaller in
size, has no dedicated cybersecurity professional role, and utilizes
third- party support for infrastructure needs. Company B offers
specialized software to medical providers and accepts credit cards
as a payment option.
The executives of the newly merged company have expressed
interest in integrating the use of the cloud to allow for scalability
and redundancy. As the security professional of the merged
networks, you are tasked with creating a secure network design
that includes the use of zero trust principles and that utilizes both
on-premises and cloud infrastructure. You also have been tasked
with ensuring compliance with all regulatory requirements of the
merged company, along with utilizing cloud-based technologies to
provide security capabilities. Company executives have provided a
budget of $50,000 in the first year to create a secure network
design to utilize cloud-based services.
,Describe two current network security problems and two current
infrastructure problems for each company, based on business
requirements given in the scenario.
Analyze the given network diagram and vulnerability scan for both
companies by doing the following:
Describe two existing vulnerabilities for each company.
Explain the impact, risk, and likelihood associated with each
described vulnerability from part B1 as it relates to each company.
Create a network topology diagram with details of the proposed
merged network requirements.
Identify the layer for all components in the topology diagram
referencing the layers of the OSI model and TCP/IP protocol stack.
Explain the rationale for adding, deleting, or repurposing network
components in the newly merged network topology diagram,
including details of how each component addresses budgetary
constraints.
Explain two secure network design principles that are used in the
proposed network topology diagram.
Explain how the proposed merged network topology diagram
addresses two regulatory compliance requirements that are
relevant to the newly merged company, including the following in
your explanation:
the name of the regulatory compliance requirement
why the regulatory requirement is relevant to the newly merged
company
how the proposed merged network topology diagram meets the
regulatory requirement
Describe two emerging threats that are applicable to the merged
organization, including the following in the description:
potential network security risks of implementing the topology
potential performance impacts on the merged network after
implementation of the proposed design
how to manage the identified potential security risks
,Summarize your recommendations for implementation of this
proposed merged network based on the scenario and budgetary
requirements, including the following in the summary:
a cost-benefit analysis for on-premises and cloud infrastructure
solutions
a justification for your recommendations to implement the
proposed secure merged network design
Company A performed an internal risk analysis in anticipation of
system integration with Company B. This risk analysis was
performed in accordance with NIST SP 800-30 Rev 1 to identify the
following:
, vulnerabilities
risk likelihood
Table A. Risk Classifications
