Imagine that you are a network engineer and have been assigned to work on a cross functional team of information technology specialist to assure security of the organizations web servers. Your organizations leadership team would like an update on your progress.
In this exercise, you will be assigned to a group project team. Each project team will prepare an 810-slide presentation with speaker notes to a fictitious corporate leadership committee, which will discuss their strategies to secure the organizations web servers. Please see recommendations for slide numbers below:
Cover slide with team member names that contribute.
Provide a definition of a web server.
Research the Apache, NGINX and Microsoft IIS webservers, select one and provide a recommendation for adoption that includes your rationale for selecting it.
List and discuss the most important security configuration recommendations provided in the web servers product vendors guide for the Apache, NGINX or ISS product your team recommended on slide 3 and how they will be addressed (For this point you will need to conduct internet research and obtain a copy of your selected web servers product guide. This guide will provide you with recommendations from the manufacture on how the web server should be configured for security purposes).
Research and present on encryption methods that will be configured on the webserver.
Explain how the encryption methods work.
Define your strategy for configuring user access and authentication.
Explain the security principles implemented in your user access and authentication program.
Develop and present your patch management plan.
