Posted: August 3rd, 2022

Project Quality Management

Project Quality Management
Class ID •
Semester •
Student Name

Part 1
Homework help – Summary
Small businesses are very competitive, hence requires a network security solution. The small business has embraced the use of web sites to boost sales and connect many people. Additionally, the business has created a budget to execute a security plan developed to safeguard the business web services and networks. In the process of executing a security project plan in a small business, a network security analysis had to be conducted to identify the security requirements—for instance, analysis of business backup systems, physical security, and server systems.
The business allowed me to connect a laptop to the wireless network to perform scanning and check internet connectivity and performance. The types of software used to scan the devices include the Zenmap. The business also allowed me to check web browser configurations to check whether the servers and networks are configured. Additionally, acquiring information about user education and authorization, authentication, and accounting, various business personnel, were corporative and ready to help. A camera was important in capturing the physical business security, especially checking whether the unused computer systems were locked and offices locked.
Part 2
Customer description
A small business operating a single store and an e-commerce website. The business uses a wireless network to the community and connect to a wide range of customers. The small business also has various information technology systems, such as computers and security projects in hand, for instance, a security plan.
Network/Wireless Security
Question: Is the business web browser protected and updated?
Action: Open the business computer, identify the software’s installed, and how the computer programs interact. The analysis assists discover vulnerabilities in the web browser, such as the availability of malicious web pages, links, bundled software, and whether the web browser is configured. Also, understand the features and functionalities of the web browser.
Question: Does the wireless network have a password?
Action: connect the wireless network to the business computer and check whether the network will demand a password.
Question: Is the WIFI network private or public?
Action: Try to connect the phone to the wireless network by opening the phone’s WIFI settings. If the WIFI asks for a password, the WIFI network is private only to authorized persons.
Question: Is the wireless network faster
Action: connect a digital device, such as a phone, to the wireless network, and check whether the speed is faster according to the specified Mbps.
2. System (PC/Server) Security
Question: is the window server protected
Action: use a Microsoft management console by typing MMC in the dialog box of the start menu.
Question: Does the computer PC temperature favorable?
Action: Check whether business computers are overclocked and use a basic input-output system (BIOS) to check the temperature manually.
Question: Does the computer PC have a security check program?
Action: use a cryptography check value and whether the computer system has any notification for the security problem.
Question: Is the business PC system updated?
Action: Check whether the PC is the latest by checking the computer model.
Question: Is the PC secure attention instruction working?
Action: Check whether the checks are tampered with, for instance, being compromised by a deceptive interpreter.
Backups/Disaster Recovery
Question: Does the business information have a backup plan
Action: Check whether the business has external data storage, such as hard disks and flash disks
Question: does the business have multiple backups?
Action: Check and consult with the information technology expert on whether the business has more than one backup form, for instance, use cloud storage and outsourcing data centers.
Question: Does the business have a disaster recovery budget?
Action: Check the business information technology project plan and requirements on whether the business plan to develop a disaster recovery plan.
Question: Have the business developed security strategies for ransomware?
Action: Open the business computers and check the software’s tools to prevent ransomware as a critical threat to businesses. Open business emails and check whether there are malware attacks, such as crypto virology.
Question: Are business files and information encrypted?
Action: Check computer settings to whether the information is encrypted from cybersecurity, whether the computer system has a working firewall.
Question: how long can a business survive a disaster before the business gets its operations normal?
Action: Check the business recovery time objective.
Physical Security
Question: Does the business have an alternative power backup?
Action: Check whether the organization has a working generator or solar panel.
Question: Can the physical security delay and detect an intruder?
Action: Check whether the computer systems are installed with intrusion control, such as alarms.
Question: Does the business have security lighting?
Action: Check whether the business rooms are installed with security lights to assist the security spot an intruder.
Question: Does the server room have a key code?
Action: Try to access the server room and determine whether the door requires a code for access or whether the server room has a rack mount.
Question: Are the workstations protected from intruders.
Action: Check whether the unoccupied computer desks and rooms are locked, and computers shut down.

AAA (Authorization/Authentication/Accounting)
Question: Does the business have control access to computer systems?
Action: Use business computers and fingerprints to check whether a non-employee can be restricted from accessing working rooms or computer systems.
Question: Does the wireless have a valid password and username?
Action: Connect the wireless network to a computer and check whether the system will ask for a password or a username.
Question: Does the business has a clear pass policy manager or any accounting server.
Action: Check whether the network access server is configured or whether the clear pass policy manager has provided valid accounting information.
Question: What access control permits services?
Action: Login into a restricted account and check what the staff can view and what activities they are required to conduct.
Question: Does the business consist of a secure accounting mechanism?
Action: Check whether the business has interworking architecture, such as the 3G/WLAN.
User Education
Question: Does the business have developed a user training program.
Action: Check user-based business activities to check any training and security education.
Question: Are business staff members conversant with technical and human security elements.
Action: Ask staff members about information security technology and the importance of security control software and policies.
Question: Have the business created awareness on the importance of unauthorized access.
Action: Check whether there are staff members restricted to access certain rooms and accounts and why.
Question: Are the staffs aware of the man-in-the-middle attack and how it can affect the business.
Action: Check whether the network systems are interrupted and ask staff and whether the systems are installed with a PMIPv6 that manages mobile nodes’ movement when using mobile phones.
Question: Are the staff members aware of disaster recovery and business continuity?
Action: Check whether the business has a disaster recovery plan, a business continuity plan and whether the information technology team could respond to a security threat.

Order | Check Discount