Risk Assessment Analyst

You have been working in the field of network security, and are now a Risk Assessment Analyst. Your daily duties often are diving into networks, and performing on risk assessments to prevent application security defects and vulnerabilities from occurring.

One day, you received a work order showing an Insurance office network needing a risk assessment, since one was done over 10 years ago.

The insurance office network contains the following:

PCI/PCII
5 servers
4 2016 servers
1 2013 server
50 endpoints
45 Windows 10
5 Windows 7
2 branches
5 printers
50 VoIP
35 Employees

Once you have designed a thorough and detailed risk assessment for the company, the Senior Risk Analyst asked you to create a network configuration on how to potentially mitigate the risks that you have identified (in the risk assessment).