Auditing Practices

Question 1

XYZ Enterprises employs 500 people that work in two locations within the United States: Seattle, WA and Dallas, TX. XYZ Enterprises generates $200 million in annual revenue through its business model, a huge target for hackers or criminals. The business has a presence on the web. The primary data center is housed at their primary location in Dallas. The Seattle office houses a backup/failover data center. The Dallas site has four floors and the Seattle site has two. At the Dallas site, there are 20 connections on the 4th floor, 80 connections on the 3rd floor, 100 connections on the 2nd floor, and 100 connections on the 1st floor, including the data center, which is also housed on the 1 st floor. Both of the floors at the Seattle location have 100 connections each. The two sites are linked to one another through a dedicated connection. Through VPN services, employees have the ability to work on the network from anywhere in the world. All employees have company-issued laptops that can be docked when working in the office and taken offsite for remote access. All employees-issued devices are running Windows 10 and their server is running Windows 2012.

Your Task: Address one key network security problem that this organization’s network faces and through scholarly research, address it.

Question 2

In an essay, answer the following questions:

• How do you know if your system is meeting your security goals?
• You can verify that controls are working, but how do you know if they are getting the job done?
• What auditing practices or procedures would you implement for your organization? Why?

Deliverables:

Your well-written essay should be 4-5 pages in length, incorporating at least two academic resources. Cite all sources using APA style guidelines, citing references as appropriate.