Laserfiche WebLink
<br />©2025 Lumifi Cyber, Inc. All rights reserved. <br />PRIVATE - Controlled by Lumifi Cyber <br /> <br />17/25 <br />PRIVATE - Controlled by Lumifi Cyber <br />Appendix A: Interview Guide <br />Virtual Meetings <br />• Personnel for Interviews, time commitments and questions: <br />• IT Administration / Network Ops / Telecom / Infrastructure / Wireless <br />Networking / Desktop Support / InfoSec Interview Session: Desktop admins, <br />AD admins, Helpdesk, Network Admins, Wireless admins, architects (add <br />InfoSec staff if the same people of if we want to combine efforts) meet for up <br />to 2 hours (or 3-4 hours if we include the Information Security Operations staff <br />if you have that role, which is up to you but might be a good idea. At many <br />places, InfoSec is the same as IT, so these happen together anyway.) <br />• Network Team <br />• Go over network diagram or whiteboard <br />• Describe the use of VPNs <br />• Describe WAN connections <br />• Are VLANs used and are they ACLed? <br />• Do you control what network services and protocols are allowed on the <br />inside of your network? <br />• How do you grant and remove administrative access to network devices? <br />• How do you maintain the patch levels and update to new versions for the <br />network devices? <br />• Do you apply role -based access to network devices? <br />• Do you follow the Principle of Least Privilege when assigning access <br />roles? <br />• Do you follow the manufacturers configuration guides or other secure <br />configuration benchmark like The Center for Internet Security or NIST? <br />• Do you conduct security testing of the network after every significant <br />update or major configuration change? <br />• Describe any RADIUS implementations <br />• Do you use secure configuration benchmarks such as NIST or CIS for <br />guiding configuration of security and network devices? <br />• IT Administrators