Project Overview

Douglas Financials Inc (DFI from here forward) has experienced successful growth and, as a result, is ready to add a Security Analyst position. Previously Information Security responsibilities fell on our System Administration team. Due to compliance and the growth of DFI, we are happy to bring you on as our first InfoSec employee! Once you are settled in and finished orientation, we have your first 2-Weeks assignments ready.

Your first set of tasks is to perform an analysis of Windows and Linux servers using Defense in Depth principles as well as the concept of Least Privilege and provide a report of any recommendations on OS hardening, compliance issues, encryption, and network security.

You'll next be asked to recommend mitigation steps from your analysis of firewall reports (and new connections) in the form of creating sample firewall rules. Similarly, you'll analyze threat intelligence and craft sample IDS signatures. You'll also encrypt several files and folders in preparation for transport to a client.

In the above image, you can see two of the documents you will see while completing the project. The document template contains all of the instructions as we as a place for your answers to submit for assessment. The second document is part of a threat report that you will be provided in order to make recommendations to mitigate threats.

You will be completing some activities in the VMs provided, but providing your answers or evidence in the template above.

Some activities will be more difficult than others, but take your time and you'll do great!