Defending the Alexander Rocco Network Against Hacker Threats
After a security breach in which important corporate secrets were lost, the Alexander Rocco Corporation hired you to conduct a security test and offer recommendations for preventing future attacks. Computer forensics specialist Nathan Rosswog has informed you that the hackers got in by compromising a Web site many employees visit; this attack installed Trojan code on users’ workstations by using a drive-by download. Because the company’s antivirus software didn’t detect the code on workstations, attackers were able to launch reverse Telnet command shells and upload confidential documents to hacker-controlled Web sites. To do this, they used a port that allowed outbound HTTPS traffic through the company firewall.
Task
Based on this information, write a brief 3-4 page report (double-spaced in Word or PDF format with 12-pt font) on your recommendations for configuring or revamping the network to defend against these types of threats. The report should give specific examples of how to secure the network, but not rely on a single type of network protection system, and make hardware/software recommendations, if needed.