Just have to check for plagiarism in already done Assignment and fix those plagiarism where it’s...

Question

Just have to check for plagiarism in already done Assignment and fix those plagiarism where it’s neededThanks

CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY WIRELESS AND MOBILE STUDENT ID: 10412135 STUDENT NAME: MOHITKUMAR KAMLESHBHAI PATEL DUE DATE: 30TH APRIL,2018 CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT 1 | P a g e 1 0 4 1 2 1 3 5 - M O H I T P A T E L TABLE OF CONTENTS INTRODUCTION ................................................................................................................................. 2 BOYD IMPLEMENTATION REQUIREMENTS ............................................................................ 3 KEY REQUIREMENTS AND WEIGHTINGS ................................................................................. 4 REQUIREMENT 1: IDS/IPS AND NETWORK DESIGN .............................................................. 5 REQUIREMENT 2: MONITORING NETWORK AND TRAFFIC ANALYSIS USING IDS/IPS .................................................................................................................................................. 8 REQUIREMENT 3: LEGEL POLICIES AND STANDARDS ...................................................... 11 REQUIREMENT 4: BOYD SECURITY RISKS AND MITIGATION STRATEGIES .............. 15 CONCLUSION ................................................................................................................................... 16 REFERENCES .................................................................................................................................... 16 CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT 2 | P a g e 1 0 4 1 2 1 3 5 - M O H I T P A T E L INTRODUCTION The current research aiming to collect and mobile device forensic issues associated with a Proposed new network infrastructure to be implemented at Bradford Hospital, In Perth(WA). The hospital has accommodation of 600 beds with 50 in-charge administration employees and 3 IT in-charge employees. The employees of the hospital are showing their continual expression of interest in building a new network infrastructure which allows them to connect various wireless devices such as smartphones, tablets, storage devices, laptops and their devices. The employees are aiming to make the most out of the proposed network infrastructure such as managing patient data, uploading records and review patient files on the go. This kind of network known as Bring Your Own Device (BYOD). The existing network and infrastructure do not allow this type of activity. The hospital’s existing operational environment is based on manual and on paper record keeping system. Hence, the proposed changeover would require the hospital to invest a certain amount in new infrastructure and hospital will need new maintenance agreements, usage policies, some devices to be bought. Moreover this, Bradford hospital will also need to hire personnel to provide training to the existing staff. On the off chance, if executed, this new system enables staff to coordinate with their smartphones and other wireless devices; permitting them with an advanced facility to manage and upload patient data and retrieve specific patient data if needed. An additional advantage is that it will staff to take their smart devices home to provide further adaptability with their workplace. Overall, the proposed network and infrastructure has the potential to offer the staff flexibility, technically more logical solution to access patient records and produce required reports on time. The proposed system will allow Bradford hospital to reduce hardware and maintenance costs in the long term. CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT 3 | P a g e 1 0 4 1 2 1 3 5 - M O H I T P A T E L BOYD IMPLEMENTATION REQUIREMENTS The proposed system from this report is to continue with the improvement of another system simultaneously, permitting Bring Your Own Device (BYOD) devices at the hospital, with certain conditions. BOYD will be permitted with following conditions: 1. The hospital should purchase all the wireless devices and network infrastructure devices from the certified vendor. The network should allow staff to connect specific models of smartphones, tablet and workplace telephones which can be forensically certified. 2. The involvement of a third-party vendor who is responsible and trusted to download with digital signatures. The device diagnoses reports should be continuously monitored by the network administrator. 3. The software and procedures used by the hospital should not be operable on staff's devices. Every device which connects to the hospital's network must be handled safely. Exchange of patient data must be logged in a centralised storage device to ensure the integrity of evidence, and it must be kept confidential. 4. detailed documented and implemented BOYD policy must be in place, and all staff using devices connected to proposed network structure need to accept BOYD policy prior connecting any devices. 5. essentially the training should be provided for the network administrators and security staff to ensure all the risks are documented in this reports and mitigation strategies must be in place to address them to the satisfactory level. 6. The implementation of a digital “workplace policy” to control operational restrictions that are indulged on the hospital staff and making sure they are completely satisfying workplace procedures. 7. The periodical security checks must be in place to ensure if the wireless device like smartphones, tablets, laptops are updated to latest security patches including software updates. The devices must not be disconnected from the network until and unless the update or security issue is rectified. 8. Device ownership documents should be signed off by the staff members to ensure that no illegal activities carried out on hospital’s network. All in all, the most significant risk to the hospitals confidential is data loss or leakage carried out; if a device is lost or stolen. With keeping in mind, the fact that technical devices come along with the security risks; this report will provide useful recommendations to reduce these risks in a significant manner. CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY REPORT 4 | P a g e

unifolks_636607577650689858_117607_1.pdf

Akansha · Accepted Answer

Why Network Segmentation Needed?
The phase when it required the parting of the networks or a specific equipment has touched its physical volume and the utilization of the partition is done. The network could be extended by fragmenting the LAN. It will decrease the contestation and network issues could be isolated and the security could be enhanced.
▪ Network Extension –to implement the new segments which could allows the new host onto the LAN, switches or routers could added when the network’s maximum physical capacity has been over (Tripod, n.d.). 
▪ Decreasing the Congestion –  with the increase of the number of workstations or devices, the requirement of the bandwidth also increases. The network administrator could segment the LAN and per network hosts could be reduced in number. There is Parallel reduction in the bandwidth usage and requirement if the communication is present in the traffic between the devices on the same segment (Tripod, n.d.). 
▪ Separate network problems – the division of the network in smaller sections by the network administrator, the overflow of the issues could be decreased from one segment to another.  The other challenges like Hardware and Software failure could be reduces to impact the network’s smaller portions (Tripod, n.d.). 
▪ Enhanced Security – the network administer could ensure that an outside source could have the access to the internal configuration of the network by utilizing the partitions. The broadcast of the privileged packets cannot be possible throughout the network, but only on the subnet it originated from  (Tripod, n.d.). 
Point 2
Bradford Hospital’s Firewall Policy
PURPOSE: 
In Bradford Hospital the firewalls play an essential role. They are termed as the alarm system for controlling and restricting the network services and connectivity. It has the control to place a control point if an enforcement of access control is being done. The machines those will be permitted to exchange information is determined by the connectivity. A service is referred here as way to transfer information through a firewall. Such as, services comprise of MS-Exchange Servers, Remote Access (VPN), Mail Relay Server (SMTP) web browsing (HTTP) and File Transfer Protocol (FTP). The given policy demonstrates the important rules related to the maintenance and management of the Bradford Hospital’s Firewalls. The policy is applied to all rented, owned, leased and otherwise used Firewalls in the Bradford Hospital by its employees (Texas Wesleyan Firewall Policy, 2011).
SCOPE: 
Each firewalls of the Bradford Hospital network falls into the control of the policy. It includes the firewalls managed by the hospital’s employees or any third party given access in the branch office. Any permission to the departure from the policy need to be priory approved in writing by the Bradford Hospital’s Network Administrator. In certain cases, the equipment like UTM or Proxy servers could function as Firewalls when they are not recognized officially as firewalls. The role of the firewalls is played by Bradford Hospital, whether or not called as firewalls officially. Still they are to be managed under the policy rules as defined. As particular points, the process may demand the upgradation of the devices so that the devices could support the lowest functionality as defines the policy and procedures (Texas Wesleyan Firewall Policy, 2011). 
REQUIREMENT SPECIFICATION: 
• Documentation Required- the submission of the explanation of the network diagram on the permitted paths with protection for individual, and demonstration of qualified services is important before any firewall of Bradford Hospital gets deployed. This part needs to be submitted to the Bradford Hospital’s Network Administrator. The network administrator f the hospital will provide the permission that will allow any such paths and services. This permission will be given based on the criticality of the business reason and essentiality of the administrative path opted for and ensuring that the viable safety efforts will go along with it. The documentation will be representing the conformance of the real firewall and it will be occasionally checked and scrutinized by the security engineer. The underneath portrayed procedure will be experienced each time a progression of such way takes place. 
• Default to Denial –Bradford Hospital firewalls must deter every affiliation way and organization that isn't especially permitted by this approach. This includes the supporting reports those are issued by the Network Administration division. The neglected which now embraced ways and organizations must be accounted for and taken to all system heads and all information need to be proceeded by Hospital Network Administration Department of Bradford. A stock of all entrance ways in and out of the inner systems of the Bradford Hospital must be kept up by the Network Administration Department of Bradford Hospital.
• Connections in Machines – no real-time connections should be enabled or established between two or more Bradford Hospital. To do this the Network Administration department of the Bradford Hospital should determine first that these connections are not being unduly used to jeopardise with the network’s confidentiality and security. Mostly, comparative middle structure or firewalls should be used. These criteria apply regardless of the innovative technique used, which includes microwave joins, computerised supporter line associations, link modems, remote associations, and administrations advanced system lines. The approval for any association between the in-house Braford Hospital with any external PC or system,

CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY WIRELESS AND MOBILE STUDENT ID: XXXXXXXXXX STUDENT NAME: MOHITKUMAR KAMLESHBHAI PATEL DUE DATE: 30TH...

Answer To: CSI6218 WIRELESS AND MOBILE COMPUTING SECURITY CASE STUDY: WIRELESS AND MOBILE COMPUTING SECURITY...

Answer To This Question Is Available To Download

Related Questions & Answers

Submit New Assignment