You have been asked to make a presentation about the steps necessary to secure the back-end DB2 database within your organization. Address the following in the presentation:
- Introduction regarding description and importance of security in depth
- UNIX server vulnerabilities
- Hardening the UNIX system
- Deployment of a Web server to be used by Navy intelligence for checking on project progress
- Apache and Internet information server (IIS)—research and explain how these options might be used for the secure Web server scenario
Prepare an 8–12-slide presentation to address these points. The presentation planned should last about half an hour. Include speaker notes in the presentation. Plan the presentation and speaker notes so that someone else could actually give the presentation.
Be sure to document your references using APA format.
Refer to scenario for additional information.
You are a newly hired civilian contractor for the U.S. Navy at a naval air station. Your position is a security engineer. This project has recently been consolidated to this location from several coastal areas. The team is a small department that focuses on unmanned naval surveillance vehicles.
You have been asked to perform the initial network design while you wait for your security clearance to get approved. You have to bear in mind the requirements that the Navy has for this project. There is a 2 terabyte UNIX DB2 database, which is used for craft designs, part lists, and experimental results; additionally, a smaller Oracle database running on Windows servers takes care of scheduling, administration, and personnel data.
The network will require 200 hosts in the design and development department, 20 in the personnel department, and 40 in the acquisition department. The acquisition department will need access to the secure internal network and external Department of Defense suppliers, whose networks are not considered secure. Both of these departments will need access to Windows laser printers and UNIX-based design plotters. The captain in charge of the project and his staff of 10 need a wireless virtual private network (VPN).
This work is considered top secret and outside of the requirements of the acquisition department; the network is considered a secure one that must meet the requirements of common criteria and evaluation assurance level 4 + (EAL 4 +). The internal, border, wireless, and default gateway duties are handled by a major equipment company. Data availability is important because the government has tens of millions of dollars already invested in this project.