Overview:
Now that the After Action Reports have been analyzed, the consultants must develop a plan for improving the security posture at Sifers-Grayson. This will be documented in a Security Strategy Recommendations document. The security strategy will be based upon multiple layers of policies, processes, and technologies that, when implemented, will be used to defend the Information Technology enterprise from both internal and external threats and attacks.
Two defensive security strategies have been chosen by the senior members of the team.
1. Defense Strategy #1: Build a DMZ for the R&D Center. The DMZ will host servers accessed by the engineers while teleworking and while reaching back to the R&D center from the test range. The DMZ will require the following: (a) business class routers, (b) business class firewalls, and (c) intrusion detection and prevention system.
Demilitarized Zone (DMZ). For definitions and diagrams see https://www.us-cert.gov/ics/Control_System_Security_DMZ-Definition.html and https://fedvte.usalearning.gov/courses/Security+_v401/course/videos/pdf/Security+_v401_D02_S04_T04_STEP.pdf
2. Defense Strategy #2: Implement Enterprise-wide Protective and Detective Measures to defend against both internal and external attackers. These measures will include (a) controlling access to software documentation and source code, (b) implementing enterprise-wide identity management, and (c) implementing either a Security Information and Event Management (SIEM) tool or a Unified Threat Management (UTM) tool.
Your Task:
You have been assigned to research products which will be used to implement the two Defense Strategies. You will need to research suitable products and then write a report recommending a set of products and services which can be used to implement the selected strategies. Your report will include summary information and explanations about defense in depth and the two selected strategies.
Note: You may need to do additional reading and research to find the information required to support your explanations of defense in depth and the selected defense strategies. Make sure that you cite authoritative sources for this information.
Product Research:
1. Products to Implement Defense Strategy #1 (Build a DMZ for the R&D Center). You must choose one product for each of the following categories (router, firewall, intrusion detection and prevention).
(a) Business Class Router with WAP and VPN capability (choose one of the following brands)
a. Linksys
b. CISCO
c. NetGear
d. Other (must get instructor’s approval first)
(b) Business Class Firewall (Network Based) (choose one of the following brands)
a. SonicWall
b. Fortinet
c. Watchguard
d. CISCO
e. Other (must get instructor’s approval first)
(c) Intrusion Detection and Prevention System (network based – not cloud)
a. McAfee
b. Trend Micro
c. Entrust
d. Cisco
e. Other (must get instructor’s approval first)
2. Products to Implement Defense Strategy #2 (Implement enterprise-wide protection, detection, and prevention capabilities). These tools or applications will be installed or used on Sifers-Grayson servers (cloud hosting NOT allowed). Select one tool in each of the categories listed below. Your product recommendations must include all of the listed categories.
a. Application Lifecycle Management (ALM) Tool
b. Identity & Access Management (IAM) Tool
c. Security Information and Event Management (SIEM) OR Unified Threat Management (UTM)
d. Forensic Image Capture Utility (e.g. FTK Imager, Belkasoft, Paladin/Sumuri, SIFT)
focus my analysis on the methods of protest, nationalism and patriotism that are found in Shostakovich’s Symphony No.5 and Symphony No.7. What are some of the most common methods of encryption that Shostakovich used to show his disdain for the Stalin Regime? What traits do these pieces share? How did he evoke the feelings of patriotism and nationalism in these two works while still expressing the suffering and repression of the Russian people? How did external factors effect the interpretation of these works?
It is important to understand the limits placed on musical composition during the time of the Stalin Regime in order to analyze the methods used by Shostakovich to express his individualism yet conform to acceptable Party standards. Stalin did not support anything that resembled Western culture since he believed it did not agree with the communist philosophy. At one point in Soviet Russia, there existed a group called the Association of Contemporary Musicians that was pro-West and forward thinking. This group eventually fell out of favor with the Party and was ultimately replaced with another group in 1932 called the Union of Soviet Composers. As the composer organizations evolved in the Stalin Era, they influenced what was considered acceptable music by the Party. The Union of Soviet Composers was part of the Ministry of Culture and the year 1932 was the beginning of the Party’s direct influence on composition. The music was to promote the Party agenda and composers were expected to submit their works to the Union of Soviet Composers for approval if they wanted the support of the Communist Party. The cultural movement at the time was toward nationalism. Social realism was applied to the music of this era. Music was to express the labor and success of the worker through traditional Russian an