Audit of IT General Controls

At present, branch routers rely on shared local passwords administered informally among network staff. This approach creates multiple risk vectors: lack of accountability (no way to attribute configuration changes to specific admins), stale credentials that remain valid after staff departures, and non-compliance with regulatory frameworks such as ISO 27001 and SOX ITGC requirements. To address these gaps, senior management has mandated a migration to centralized AAA (Authentication, Authorization, and Accounting). The goal is to enforce identity-based access, provide a tamper-resistant audit trail of all logins and configuration changes, and implement a least privilege model. R2 will be integrated with a TACACS+ server (192.168.2.2) for granular command authorization and full-payload logging, while R3 will leverage a RADIUS server (192.168.3.2) suitable for scalable user authentication. Students are tasked with staging and validating this migration in a lab environment. They must configure local fallback accounts (Admin2 on R2, Admin3 on R3) to guarantee business continuity if AAA servers become unreachable. The exercise includes connectivity verification (ICMP reachability), AAA new-model enablement, group definition, console/VTY method list application, and functional testing with valid, invalid, and fallback credentials. Finally, students will trigger failed logins, pull logs from TACACS+ and RADIUS servers, and perform a comparative analysis of log fidelity and forensic usefulness. Deliverables include configuration snippets, test evidence, and a formal recommendation report for NetBank’s CISO.