Wireless and BYOD Security Plan

Wireless and BYOD Security Plan

– Provide answers to the threat of unauthorized equipment or rogue access points on the company wireless network and the methods to find other rogue access points.

– Describe how to detect rogue access points and how they can actually connect to the network.

– Describe how to identify authorized access points within your network.

– Within your plan, include how the Cyber Kill Chain framework and approach could be used to improve the incident response times for networks.

– Include this at the beginning of your CIR as the basis for all wireless- and BYOD-related problems within the network.

– Title the section “Wireless and BYOD Security Plan.”

Tracking Suspicious Behavior

– Propose how you would track suspicious employee movements using various tools and techniques.

– “How would you track the location of the company asset?”

– Explain how identity theft could occur and how MAC spoofing could take place in the workplace.

– How would you protect against both identity theft and MAC spoofing?

– Address if it is feasible to determine if MAC spoofing and identity theft has taken place in the workplace.

– Include a whitelist of approved devices for this network. Examples may include authorized access points, firewalls, and other similar devices.

– Disuss any legal issues, problems, or concerns with your actions.

– What should be conducted before starting this investigation?

– Were your actions authorized, was the notification valid, or are there any other concerns?

– Include your responses as part of the CIR with the title “Tracking Suspicious Behavior.”

Continuous Improvement Plan

– Provide for your leadership a description of wired equivalent privacy and also Wi-Fi protected access networks, for education purposes.

– Include the pros and cons of each type of wireless network, as well as WPA2.

– Define the scheme for using preshared keys for encryption.

– Is this FIPS 140-2 compliant, and if not, what is necessary to attain this?

– Include a list of other wireless protocols, such as Bluetooth

– Provide a comparative analysis of four protocols including the pros, cons, and suitability for your company.

– Include your responses as part of the CIR with the title “Continuous Improvement Plan.”

Remote Configuration Management

– Include a description of remote configuration management and describe how it is used in maintain the security posture of your company’s network

– The owner of an undocumtnted device must be removed from the network. Implement this and explain how you would remove the employee’s device.

– Explain how you would show proof that the device was removed?

– Include your responses as part of the CIR with the title “Remote Configuration Management.”

Employee Misconduct

– Provide a definition of ad hoc wireless networks and identify the threats and vulnerabilities to a company.

– How could this network contribute to the company infrastructure and how would you protect against those threats?

– Address self-configuring dynamic networks on open access architecture and the threats and vulnerabilities associated with them, as well as the possible protections that should be implemented.

– How would you detect an employee connecting to a self-configuring network or an ad hoc network?

– How would signal hiding be a countermeasure for wireless networks?

– What are the countermeasures for signal hiding?

– How is the service set identifier (SSID) used by cybersecurity professionals on wireless networks?

– Are these always broadcast, and if not, why not?

– How would you validate that the user is working outside of business hours?

– Include your responses as part of the CIR with the title “Employee Misconduct.”

12 pages, APA format, at least 4 references