TASK 1 FULL

 

Contents

No table of contents entries found.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

INTRODUCTION

I will be consulting with Willow technology I have been told that they are facing connectivity problems however they do not affect all users working remotely that have reported this issue. I will be looking closely to find out the cause of this issue by monitoring control document a network set up and topology control document b problems reported by users and control document c the firewall policy and by doing this I will be able to find out the causes of this issue. By doing this I will I will undertake fault finding to resolve problems and consider ways to resolve them. Bellow I have created a test plan document which explains all of these issues in quite detail.

Overview of current issues:

Outdated operating systems

One of the many causes of remote workers facing connectivity problems is that it may be due to the outdated operating systems that Willow technology are using currently they are using Windows server 2019 and that isnt the most latest  I have been told in the control document A that this vpn sever that has been set up on short notice which should not be done clear considerations and planning should be taken to set these types of essential things up because it can lead to facing issues like we currently are with remote workers facing connectivity issues. Willow technology should switch to The most recent version of Windows Server is Windows Server 2025. It's available through the Long-Term Servicing Channel (LTSC). While Windows Server 2019 is also a popular release, it's not the latest with a more newer operating system Willow technology should expect to see a improvement in the overall performance and the connectivity issues.

Staff training

Also the staff training at Willow technology is quite poor and they do not receive enough training current they get 3 hours total training and it is provided to the staff as part of their induction which introduces them to the network software system and security I think that is no where near enough and staff would barely understand how to operate the systems clearly because it is not enough time they have been given. This is no where enough training staff should be given because security threats are constantly evolving and changing so it is important that staff are made aware and know how to spot these threats and how to mitigate them because currently with the training that staff get provided it is not enough and can also be one of the causes of the connectivity issues because staff don’t know properly how to operate the network  software system and security. A well-informed, vigilant team can be more efficient in combatting cyber threats than you think. So, we recommend the following: Conduct an annual comprehensive training to cover, malicious emails like phishing, malware attacks, ransomware and other social engineering attacks. Also more annual or monthly mandatory training where staff are told how to use the network and software systems securely and if there are any new systems Willow technology puts in place staff knows how to use them correctly and securely.

Poor/lack of hardware

 I have been informed that currently Willow technology have just newly set up their vpns service and it is running on a spare desktop pc from the office this is a very poor decision Running a VPN through a single laptop for 30 employees is highly impractical and poses significant security risks. It's not designed for that scale, and would likely lead to performance issues, potential security breaches, and difficulties in managing access and control. Here's why it's a bad idea and what should be done instead: Why it's problematic: Performance a single laptop's hardware (CPU, RAM, network adapter) is not capable of handling the VPN load for a lot employee’s simultaneous users. This will result in slow speeds, lag, and potentially even crashes. Security: Using a single laptop for multiple VPN connections creates a single point of failure. If that laptop is compromised, the entire network is vulnerable.. Scalability issues due to it not being able being it’s not a scalable solution. As the company grows and more users need VPN access, this approach becomes unmanageable. Legal Issues: In some cases, depending on the nature of the company's business and data, using a single laptop for a VPN may violate legal and compliance regulations. In summary, instead of relying on a single computer for VPN, a company should consider a more scalable and secure approach like ZTNA, SASE, SD-WAN, or cloud-based solutions. These solutions offer better security, performance, and flexibility for managing remote access to applications and data.

 

Outdated anti malware

Currently all client pcs are configured with anti-malware which is good because it mitigates against security threats and other issue that can result from that such as if Willow technology looses their data they will suffer from legal consequences and financial however this can be prevented by having secure security systems currently Willow technology uses anti-malware  software 2019 edition. In 2019, anti-malware systems faced several vulnerabilities, including CVE-2019-1181, a critical Remote Code Execution vulnerability in Windows Remote Desktop Services. Other significant vulnerabilities included flaws in Malwarebytes Antimalware and potential vulnerabilities in Sitecore CMS and Experience Platform. Internal application layer security vulnerabilities were also identified, with a significant percentage of vulnerabilities being classified as High or Critical Risk. So I recommend that Willow technology use McAfee Premium is a comprehensive anti-malware solution that is from 2025 and is the most latest and effective in ensuring security and resolving issues and may sort the connectivity issues out for remote employees that offers antivirus protection, real-time threat scanning, and additional security features like a secure VPN and identity monitoring. It is designed to protect against various online threats, including viruses, malware, ransomware, and phishing attempts.

Poor firewall configuration

Poor firewall configuration can cause many issues such as the ftp sever issues connectivity issues and security and the network overall so it especial that the firewall is correct and is strong otherwise Willow technology will keep facing the current issues they are facing their firewall looks poorly configured so I recommend the completely get rid of this one and replace it with a new one. To ensure a secure firewall for your company, focus on proper configuration, strong security policies, regular updates, and continuous monitoring. This includes securing the firewall itself, defining clear rules, creating network zones, and regularly auditing and testing the firewall's effectiveness.

. Secure the Firewall:

• Update Regularly: Keep the firewall's firmware up to date to patch vulnerabilities and address potential threats. 
• Disable Default Accounts: Remove, disable, or rename default user accounts and change default passwords. 
• Secure Passwords: Use strong, unique passwords for all administrative accounts. 
• Limit Access: Restrict administrative access to authorized personnel only. 
• Secure Protocols: Disable insecure protocols like telnet or use secure SNMP configuration. 
• Enable Logging: Configure comprehensive logging and alert mechanisms to track firewall activity. 
• Backups: Schedule periodic backups of the firewall's configuration and database. 

Test and Audit the Firewall:

• Regular Testing: Conduct regular firewall audits and testing to assess its effectiveness against potential threats. 
• Penetration Testing: Consider performing penetration testing to simulate real-world attacks. 

By doing all of these above it will ensure that Willow technology has a good and accurate firewall and by doing this many issues will be resolved from the ftp sever to connectivity issues and security vulnerabilities so it is essential that this is done as soon as possible.

 

FTP server issues  

Currently  many users are facing issues with the companies ftp sever when working form home but they don’t have problems when there in the office also some are experiencing problems accessing the company resources using the ftp servers and the other person is facing connectivity issues. An FTP (File Transfer Protocol) server is software that facilitates the exchange of files between a computer and a network or the internet. It operates on a client-server model, where the server stores files and clients (such as your computer) can access them to download or upload. FTP is a widely used protocol for transferring files, especially larger ones that might not be easily sent via email. So a Ftp sever is essential and it should work properly or it is going to cause major issues. This issue does interlink with the other I have said above however the other recommendation I have given overall do also sort out issues with this specific thing the FTP file server and the issues clients and employees are facing. FTP issues in a company can stem from various factors, including configuration errors, firewall restrictions, network problems, and security vulnerabilities. Common issues include authentication failures, connection timeouts, and permission denials. Lack of proper security measures, such as encryption, can also lead to sensitive data exposure. I recommend that Willow technology also get the latest FTP server The latest release of Cerberus FTP Server is version 13.2, released on November 14, 2023. It includes features like one-time passwords for public shares and Okta SSO support. FileZilla Server's latest stable version is 1.10.3.

 

User	Test date	Software device	Operating system	Proposed test	Expected outcome	Actual outcome	Changes made	Feedback	Ability to record changes based on test outcomes	Record of your investigation leading to solution	User acceptance of your work completed
Employees file and print servers	29/04/25	File and print server	Windows server 2008 R2	Operating system (OS) testing is the process of verifying that an OS functions correctly, is performant, secure, and compatible with hardware and software.	The expected outcome is we will confirm all of the issues like poor performance and connectivity and then we will see proof of all of the issues that have been made by this old os.	TBD = to be done	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Staff	29/04/25	NON	NON	We will be doing one specific staff training test to see how effective the previous staff traing was and how good the staff are at spotting threats A phishing simulation is a cybersecurity exercise where organizations send realistic but fake phishing emails to their employees to test their ability to recognize and respond to phishing attacks. These simulations mimic real-world phishing attempts, allowing employees to learn and improve their awareness of cybersecurity threats without the risk of actual data breaches	The expected outcome for this is we will see how poor the staff training is and the key areas for improvement and from there on we can make decisions on how to improve staff traing and make sure that they know about cyber threats and how detect and mitigate them.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Client	29/04/25	Client pcs	Anti malware 2019	Anti malware test To test your anti-malware software, you can use the EICAR Standard Anti-Virus Test File. This file is a safe, non-dangerous file that is designed to be detected as malicious by all anti-malware software. Running this test will verify if your anti-malware software is correctly configured and responding to threats.	The expected outcome of this test is that I will find a range pof different issues due to it not being the most modern anti malware system and there will be proof of the range of specific issues and also it will be more specific so I will know the specific problems and this will help narrow down the problems like connectivity issues that and other issues willow technology employees are facing	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Owner	29/04/25	firewall	Unknown	Penetration testing, also known as pen testing or ethical hacking, is a security assessment method that simulates cyberattacks to identify vulnerabilities in a system or network. It involves authorized, controlled probing to expose weaknesses, much like real-world attackers would. The goal is to understand how easy it is to exploit vulnerabilities and improve security measures before malicious actors can exploit them.	From this penetration testing I will find out the issues with the firewall if it has poor security or is misconfigured I will specifically find out then I will be able to make clear decision on what to do because I will know the specific cause.	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}
Owner	29/04/25	ftp file server	Unknown	A ping test is used to check network connectivity and measure latency between two devices. It sends a small data packet (ICMP echo request) to a target and measures the time it takes for the response (ICMP echo reply) to return. This helps determine if a device is reachable and how quickly data can travel between them. This will help willow technology to get to see if the ftp server works at all	From this test we will be able to find out what is even causing this connectivity issue and if the ftp server even works at all and if it is reliable this should all be done after  the other changes I have said above have been done this will ensure that there is a higher likely hood of the ftp server working due to the other issues with the other compenet6s also affecting the ftp server fi it could work or not	TBD	TBD	TBD	{User will input changes here based on test outcomes}	{Use will record investigation and input here leading to solution}	{User will input here the acceptance of my completed work}

 

 

Conclusion

In conclusion I conclude that currently willow technology is facing a range of different issues and some relate the other I have said and are all intertwining so it is hard to find a single cause or issue for a problem so from what I have all the recommendations and the issues that I have said that can solve all of these problems should ensure that they stop and they do not keep reoccurring. All issue from security issues to staff training to connectivity and firewall issues and the other should be sorted and this should make it easy for willow technology to carry on expanding their organisation.