Network Audit Questionnaire v1.1

IT INFRASTRUCTURE
ASSESSMENT
QUESTIONNAIRE
SITE NAME: KINIHIRA Provincial Hospital
DATE:29/01/2024
ROLE NAME SIGNATURE

INFOSPHERE TECH LEAD Evode & Kevine
RISA REPRESENTATIVE
INSTITUTION KAMANAYO Ananie

REPRESENTATIVE
Table of Contents
Network Infrastructure Components............................................................................3
Logical LAN/WAN........................................................................................................................3
Firewalls.......................................................................................................................................4
Routers.........................................................................................................................................5
Switches.......................................................................................................................................6
Wireless Access Points................................................................................................................7
Service Provider (SP) Links..........................................................................................................9
Network Management..............................................................................................................10
Compute, Systems & Business Continuity Components...............................................................11
Servers & Storage......................................................................................................................11
Backup........................................................................................................................................12
Business Continuity...................................................................................................................12
Core Business Applications.......................................................................................................13
End User Systems..........................................................................................................................14
Workstations.............................................................................................................................14
Endpoint Security......................................................................................................................14
Users & IT Support Staff............................................................................................................15
Voice & Video Communication Systems.......................................................................................16
Telephony..................................................................................................................................16
Video Conferencing...................................................................................................................17
Digital Displays..........................................................................................................................18
Sound Systems...........................................................................................................................18
Passive Network Infrastructure....................................................................................................19
LAN Cabling................................................................................................................................19
Network Cabinets......................................................................................................................20
Data Centre Infrastructure...........................................................................................................21
Power Systems..........................................................................................................................21
HVAC System.............................................................................................................................22
Biometric Access Control System.............................................................................................22
Environmental Monitoring........................................................................................................23
Policies & Procedures....................................................................................................................24
Security Baselines......................................................................................................................24
Network Audit Questionnaire v1.1 (23-01-2024)

Network Infrastructure Components
Logical LAN/WAN
# Query Response
1 Is this a hub site or spoke (branch) site? Hub site
2 Do you have network documentation for the No document
deployed LAN/WAN infrastructure?
3 Do you have network topologies (diagrams) for the No
LAN/WAN?
4 Is the LAN segmented and how many segments Not segmented
exist (identify the segments’ role and their
respective VLAN IDs?
5 What are the IP subnets used in the LAN? NA (BSC)
6 What are the IP subnets used for the WAN & NA (BSC)
Internet peering?
7 Are there any remote access VPNs configured for None
teleworkers/remote workers?
8 Are there any site-to-site VPNs configured None
for connections to other institutions?
9 Which device is used to terminate the above VPNs? N/A
10 Are there any QoS policies configured to enhance None
the performance of the WAN?
11 Are there any WAN acceleration tools used to None
enhance the performance of the WAN (specify the
model and quantities where applicable)?
12 Does the network infrastructure have an active No
AMC (annual maintenance contract) for technical
support and preventive maintenance purposes?
Comments:
The hospital doesn’t have any LAN segmentation.

Firewalls
# Query Response
1 How many firewalls have been deployed? Yes, 1
2 What are the roles for each of the deployed Internet edge
firewalls ie Internet edge or WAN edge or
Internal?
3 What is the firewall hardware models (specify Sophos xg 210
manufacturer name and exact firewall model)?
4 What software version is running in each of the Firmware version:SFOS 19.5.3.MR-3
firewalls?
5 What are the licensed security features for these? NA (BSC)
firewalls?
6 Are the firewalls deployed in redundancy (HA)? NA (BSC)
7 What is the port/interface density for each of 1 for copper and fiber
these firewalls (specify for both copper and fiber
ports where applicable)?
8 What are the interface speeds (specify for both NA (BSC)
copper and fiber ports where applicable)?
9 Have the firewalls been configured to export their NA (BSC)
audit logs to a central repository that can store
the logs for a longer duration for purposes of
incident response and forensics?
10 Are the firewalls integrated to a NOC (Network Yes
Operations Centre) platform for centralized
operational management and monitoring?
11 Are the firewalls integrated to a SOC (Security Yes
security monitoring and response?
12 Do you have Role-Based Access Control (RBAC) Yes
enabled for user accounts that have
administrative access to the firewall(s)?
13 For the management of the firewalls, do you have NA (BSC)
a centralized network authentication,
authorization and auditing (AAA) platform
implemented and integrated with the firewalls?
14 Have all insecure protocols been disabled eg NA (BSC)
Telnet, HTTP etc and ensured that only secure
management protocols such as SSH and HTTPS
are in use?
15 Do the firewalls have an active OEM Yes
warranty/support contract that ensures timely
resolution of technical challenges and
firmware/patch updates?

Comments:
All firewall management are central the end user doesn’t have any access it should be better if the hospital IT has some
access to manage it. BSC Manages the firewall.
Routers
# Query Response
1 How many routers have been deployed? 0
2 What are the roles for each of the deployed routers ie None
Internet edge or WAN edge or Internal?
3 What is the router hardware models (specify N/A
manufacturer name and exact firewall model)?
4 What software version is running in each of the N/A
firewalls?
5 Which routing protocols have been configured and in N/A
use?
6 What is the port/interface density for each of these N/A
routers (specify for both copper and fiber ports where
applicable)?
7 What are the interface speeds (specify for both N/A
copper and fiber ports where applicable)?
8 Have the routers been configured to export their N/A
audit logs to a central repository that can store the
logs for a longer duration for purposes of incident
response and forensics?
9 Are the routers integrated into a NOC (Network N/A
10 Are the routers integrated into a SOC (Security N/A
Operations Centre) platform for centralized security
monitoring and response?
11 Do you have Role-Based Access Control (RBAC) N/A
enabled for user accounts that have administrative
access to the router(s)?
12 For the management of the routers, do you have a N/A
centralized network authentication, authorization and

auditing (AAA) platform implemented and integrated N/A
with the routers?
13 Have all insecure protocols been disabled eg Telnet, N/A
HTTP etc and ensured that only secure management
protocols such as SSH and HTTPS are in use?
14 Do the routers have an active OEM warranty/support N/A
contract that ensures timely resolution of technical
challenges and firmware/patch updates?
Comments:
Switches
# Query Response
1 How many switches have been deployed? 9
2 What are the switch models (specify manufacturer Cisco catalyst 2960 series,
name and exact switch model)? DLINK DES-1024d
3 What is the software version running on each these NA
switches?
4 What is the copper (Base-T) port density for each of 24 Port
these switches?
5 What is the fiber port density for each of these 4
switches?
6 What is the port speed for the copper (Base-T) ports? 100Mbps
7 What is the port speed for the fiber ports? 100Mbps
8 How many ports have been utilized (specify for both
copper and fiber)?
9 Have the switches been configured to export their None
audit logs to a central repository that can store the
logs for a longer duration for purposes of incident
response and forensics?
10 Are the switches integrated into a NOC (Network No
11 Are the switches integrated into a SOC (Security No
Operations Centre) platform for centralized security
monitoring and response?

12 Do you have Role-Based Access Control (RBAC) No
enabled for user accounts that have administrative
access to the switches?
13 For the management of the switches, do you have a No
centralized network authentication, authorization
and auditing (AAA) platform implemented and
integrated with the switches?
14 Have all insecure protocols been disabled eg Telnet, No
HTTP etc and ensured that only secure management
protocols such as SSH and HTTPS are in use?
15 Do the switches have an active OEM No
Comments:
All switches should be replaced to be updated to the latest.
Wireless Access Points

# Query Response
1 How many wireless access points (WAPs) have 4
been deployed?
2 What are the wireless access point (WAP) models D-link model: DIR-636L, TP-LINK
(specify manufacturer name and exact WAP model:TL-WR941ND,
model)?
3 What is the software version running on each NA
these WAPs?
4 Are the WAPs centrally managed by a Wireless No LAN controller
LAN controller (WLC)?
5 What is the model of the Wireless LAN controller? None
in use (specify manufacturer name and exact WLC
model)?
6 Does the WLAN infrastructure have an intrusion No
detection (IDS) capability for monitoring activities
in the wireless network?

7 How many SSIDs are in operation and what are 4
their roles?
8 How do you segregate corporate/private traffic Not
from non-corporate traffic (guest and BYOD)?
9 Which authentication and encryption schemes None
have been used for the WLAN infrastructure?
10 Have the WAPs/WLC been configured to export No configuration
their audit logs to a central repository that can
store the logs for a longer duration for purposes
of incident response and forensics?
11 Are the WAPs/WLC integrated into a NOC No integration
(Network Operations Centre) platform for
centralized operational management and
monitoring?
12 Are the WAPs/WLC integrated into a SOC (Security No integration
security monitoring and response?
13 Do you have Role-Based Access Control (RBAC) None
enabled for user accounts that have
administrative access to the WAPs/WLC?
14 For the management of the WAPs/WLC, do you No
have a centralized network authentication,
authorization and auditing (AAA) platform
implemented and integrated with the WAPs/WLC?
15 Have all insecure protocols been disabled eg Not done
Telnet, HTTP etc and ensured that only secure
management protocols such as SSH and HTTPS are
in use?
16 Do the WAPs/WLC have an active OEM No
Comments:

Service Provider (SP)
Links
Fill in table below:
Link Type MPLS: Internet: Fiber: Wireless: LTE:
(tick where appropriate) Yes
Link Provider Name BSC Plc
Link Bandwidth (Mbps) 10 Mbps
Link Monthly Cost (RWF) 601,800
Average monthly Above the
bandwidth utilization provided Mbps
(Mbps)
Additional Comments Referring to guideline on minimum bandwidth for Broadband Internet Connectivity
in is still in need to upgrade the used bandwidth in range of 140-161 users.
Comments:
Referring to guideline on minimum bandwidth for Broadband Internet Connectivity in is still in need to upgrade the
used bandwidth in range of 140-161 users.

Network Management
# Query Response
1 Is the LAN/WAN centrally managed? No
2 Which tools/platforms are used to None
manage/administer the LAN/WAN infrastructure
components?
3 Which management protocols are used to None
centrally manage the LAN/WAN infrastructure?
4 Are the LAN/WAN components integrated and No integration
centrally managed from a NOC (Network
Operations Centre)?
5 Who has the administrative rights/access to the None
LAN/WAN equipment?
Comments:

Compute, Systems & Business Continuity Components
Servers & Storage
# Query Response
1 Which server models are in use and what are their Dell PowerEdge R410/R730,HP
form factors (blade or rackmount)? Proliant DL380 G7 Rackmount
2 Are the servers virtualized? No
3 Which virtualization platform is in use and what is the N/A
software version?
4 Do you have an endpoint security tool installed on all
the servers/VMs?
5 What is the current resource utilization of the servers %Cpu(s): 14,1 us, 5,3 sy, 0,0 ni, 79,6
(CPU, Memory, Storage)? id, 0,0 wa, 0,0 hi, 1,0 si, 0,0 st
Memory: total:47GB used:14GB
free:32GB.
Storage: Total:3,6T Used:170G
Free:3,2T Used%:5%
6 What high availability technology has been used for EMR
the servers
7 What type of storage solution are you using ie SAN or SAN
NAS?
8 Which storage appliance models are you using? NA
9 Does the server, virtualization and storage No
infrastructure have an active AMC (annual
maintenance contract)?
10 Do you have a report of the most recent preventative No
maintenance conducted on the servers and storage
infrastructrure? Share the report if available
11 Do you have documentation of the current server, No
storage and virtualization set up (as-built)?
12 Do the servers and storage appliances have an active No
OEM warranty/support contract that ensures timely
resolution of technical challenges and firmware/patch
updates?
Comments:

Backup
# Query Response
1 Is the data backup process automated? No
2 Is the backup data encrypted at rest? No
3 Is the backup data stored in a geographically separate No
location from the primary data centre?
4 Is the backup storage air-gapped from the rest of the No
network to prevent infection in the event of a lateral
network attack?
5 Do you have a backup storage policy that defines for Yes
how long the backup data should be kept?
6 Which backup solution are you using (specify None
manufacturer name and model/version)?
7
Comments:
Business Continuity
# Query Response
1 Do you have an established and documented Yes
data recovery process that stipulates what data
should be backed up, the frequency of backup
and the backup data retention period?
2 Do you have a full-fledge disaster recovery site No
that can be fully operational in the event the
primary data center goes offline?
3 Do all the remote sites have an active network N/A
access to both the primary and disaster
recovery site?
4 Is the failover process between the primary No
data center and disaster recovery site fully
automated?
5 Are the applications/systems hosted in the no
data centers accessed via their FQDNs or actual
IP addresses?

6 Do you have a process for testing the backup No
recovery and how frequently is this done?
7 Do you conduct regular tabletop incident No
response exercises to measure the
effectiveness of your incident response plan
and ensure that all key stakeholders are
conversant with the incident response plan?
Comments:
Core Business Applications

List down some of the core applications used in the day-to-day operations of the office.
System Function Hosting Location
Example: Email Communication Cloud: O365/Google
On-Prem: Local Server room/Remote DC
Email Communication AOS,google
EMR Data record Local server room
Microsoft office Data PC storage
Comments:

End User Systems
Workstations
Specify the endpoints that are connected to the network and used for day to day operations.
Type Quantity Operating System
Desktop Computer 40 Window:40
Linux:
MacOS:
Office Laptop 13 Windows: 13
Linux:
MacOS:
Personal Laptop NA Windows:
Linux:
MacOS:
Office Tablet/Smartphone 5 Android: 5
iOS:
Personal Tablet/Smartphone NA Android:
iOS:
Comments:
Endpoint Security
Specify if there is any endpoint security installed on the user computers used to access the core
digital systems for operations
# Query Response
1 Do you have a standard endpoint detection and Yes Kaspersky
response security tool installed across all the
corporate computers? Specify the tool.
2 Which security features does the endpoint security Kaspersky endpoint security for windows
tool support?
3 Which security features of the endpoint security Kaspersky endpoint
tool are being actively used?
4 Does the endpoint security tool support software yes
whitelisting capability that only allows authorized?
software to execute on end user computers?
5 Does the endpoint security tool have a remote wipe No
capability in the event that the device is stolen or
lost to avoid loss of sensitive data?

6 Does the endpoint security tool have an inbuilt Yes
capability to detect, alert and prevent the spread of
malware?
7 Do you have a platform that manages network No
access control for the different category of users?
Specify the platform name and model?
Comments:
Users & IT Support Staff

# Query Response
1 How frequent do you conduct end user No
cybersecurity awareness training?
2 Are users conversant with the organization’s Yes
IT policies?
3 Are the IT policies regularly reviewed and Yes
hosted in a central repository accessible by all
users?
4 Do users know how to identify malicious No
activities on their computers and how/who to
report it to?
5 Do you use multifactor authentication as part For some applications
of verifying end user identities?
6 What qualifications do the IT support staff A0 in Computer science and systems
have (mention both professional and
academic)
Comments:

Voice & Video Communication Systems
Telephony
# Query Response
1 Which telephony system are you using? None
Specify model and version
2 Is it an IP-based or analogue telephony No
system
3 Where is the central call processing server None
hosted?
4 How many functional end user desk None
phones do you have?
5 What are the models of the end user desk None
phones?
6 Do these end user deskphones support No
only voice or both voice and video
capability?
7 Which outbound call technology do you N/A
use ie E1 or SIP?
8 Is the system interoperable with other N/A
web-based collaboration tools such as
Microsoft Teams, Cico Webex, Zoom,
Google Meet etc?
9 Do you have an active OEM No
warranty/support contract that ensures
timely resolution of technical challenges
and firmware/patch updates for the
telephony system?
10 Do you have an active AMC contract with a No
local vendor to support and maintain the
telephony system?
Comments:

Video
Conferencing
# Query Response
1 Which teleconferencing system are you Logi Group
using? Specify model and version
2 Where is the central video processing No server for video processing
server hosted?
3 How many functional end user N/A
teleconferencing terminals do you have?
4 What are the models of the end user
teleconferencing terminals?
5 Is the system interoperable with other Yes
web-based collaboration tools such as
Microsoft Teams, Cico Webex, Zoom,
Google Meet etc?
6 Do you have an active OEM No
warranty/support contract that ensures
timely resolution of technical challenges
and firmware/patch updates for the
teleconferencing system?
teleconferencing system?
Comments:

Digital
Displays
# Query Response
1 How many digital displays have been 1
deployed and in active use?
2 What is the purpose for the digital For video conference
displays?
3 What are the models of the digital Samsung
displays?
4 Who manages the operation and The hospital
maintenance of these digital displays?
5
Comments:
Sound Systems
# Query Response
1 Do you have a sound system implemented? No
2 What is the role/purpose for the sound No
system?
3 What is the model of the sound system? None
4 Who manages the operation and N/A
maintenance of this sound system?
5
Comments:

Passive Network Infrastructure
LAN Cabling
# Query Response
1 How many data points/outlets are 60

installed?
2 What type of cabling is in use ie Cat 5/6 Cat 6
etc?
3 How many fiber backbones are installed? 4
4 What type of fiber cables have been used Dual core MM
ie OM3, SM, MM etc?
5 DO you have an updated documentation of No
the current structured cabling
infrastructure?
6 Do you have Fluke test report for the No
current cabling infrastructure?
7 Do you have an active OEM warranty for No
the installed structured cabling
infrastructure?
structured cabling infrastructure?
Comments:

Network Cabinets
# Query Response
1 Are the network racks secured by lock and key with No
controlled access?
2 Are there CCTV cameras monitoring activites around Yes
and within the network racks?
3 Do the network racks have redundant power No
distribution units (PDUs)?
4 Are the redundant PDUs connected to redundant No
clean power sources?
5 Are the power chords color-coded to identify No
connection to the different redundant PDUs?
Are
Comments:

Data Centre Infrastructure
Power Systems
# Query Response
1 Do you have a functional back-up generator? What Yes, 400 KVA
is its power rating?
2 Is the back-up generator integrated with the NOC No
for remote monitoring?
3 Does the data centre have an upstream transient No
voltage surge suppressor (TVSS) installed that
protects against short-duration surges of high
electrical energy eg from lightning?
4 Do you have a functional uninterruptible power Yes, 1KVA, 6KVA, 10KVA
system (UPS) installed? What is its power rating and
redundancy schema?
5 Are all the rack power distribution units (PDUs) No
connected to the UPS(s) in a redundant format?
6 What is the age (years) of the UPS and do you have 3
an active maintenance support contract with a
vendor to ensure that they are regularly checked
and serviced?
7 Since the operationalization of the UPS, how many 3
times have the battery packs been replaced?
8 What is the End of Life/Enf of Support (EoL/EoS) N/A
status of the UPS models?
Comments:

HVAC
System
# Query Response
1 How is the air containment for the data centre
managed (cold aisle/hot aisle design)?
2 Are unused spaces on the network racks blocked Yes
with blanking panels so as to manage air flow?
3 What kind of cooling system has been used in the LG in server room
data centre?
4 What kind of cooling system has been used in the AC LG wall mounted in server room
UPS room?
Comments:
Biometric Access Control System

# Query Response
1 How is the physical access to the data centre No
managed?
2 Do you have a functional biometric access control No
system for the data centre access?
3 Is there an audit trail of the personnel who access No
the data centre?
4 Is there an audit trail of all activities conducted No
inside the data centre?
Comments:

Environmental
Monitoring
# Query Response
1 Do you have CCTV cameras installed in the data Yes
centre?
2 Is the CCTV system manned at the central NOC? No
3 Are you actively monitoring the cooling in the data No
centre?
4 Are you actively monitoring power consumption? No
5 Do you have a functional Data Centre Infrastructure No
Monitoring (DCIM) solution to manage data centre
capacity requirements and handle change
management proactively.
6 Do you have a solution that actively measures the No
power usage effectiveness (PUE) and Data Centre
Infrastructure Efficiency (DCIE) of the data centre?
7
Comments:

Policies & Procedures
Security Baselines
# Query Response
1 Do you have any minimum security baselines Yes
standards for hardening of the IT infrastructure
components and have these been consistently
enforced?
2 Do you have a vulnerability scanning tool that Yes
regularly scans and alerts on newly discovered
software vulnerabilities on the IT infrastructure
components for both internal and external facing
(external attack surface) systems?
3 Do you have an automated OS and Application Yes
patch management system installed that
continuously & automatically updates the
organization's IT infrastructure systems?
4 Do you have a process to ensure that both No
hardware and software asset inventory is updated
on a regular basis?
5 Do you have scanning tools that constantly checks No
and identifies devices connected to the network?
eg NAC
6 Do you have multifactor (MFA) enabled for all user No
accounts to enhance their security?
7 Do you have the process and tools that enforce No
identity & access management and governance
including privilege access management and joiner-
mover-leaver identity lifecycle management?
8 Do you have a data loss prevention (DLP) platform No
that monitors and prevents exfiltration of sensitive
data?
9 Do you have an established data classification No
scheme that clearly identifies data based on its
sensitivity and segments data storage and
processing based on this sensitivity?
10 Do you have an updated application dependency No
map that identifies which systems should
communicate with each other and on which
specific ports?
11 Which DNS servers are used by the different No
MDAs? Are they ISP DNS servers, Public DNS
servers or Government-owned DNS servers?
12 Do you have a consolidated government-wide No
cybersecurity roadmap?

13 Do you have an NTP server installed and integrated No
with all IT infrastructure components to ensure
time synchronization?
14 Do you have an implemented security capability Yes
that ensures detection and prevention of threats
targeting the web and email attack vectors?
15 Do you have a government-wide PKI (public key No
infrastructure) solution implemented that ensures
a centralized, consistent, safe and secure
management of digital certificates used to secure
government communication and applications?
16 Do you have a security awareness program that No
incorporates regular training of government
officers on basic cyber security hygiene and best
practices when using computer systems?
17 Do your ISPs provide first-level DDoS mitigation No
techniques like traffic scrubbing and rate limiting?
18 Do you conduct regular vulnerability assessments No
and penetration testing (VAPT) of the government
IT infrastructure?
19 Do you have a platform that conducts regular No
cybersecurity validation checks to ensure that
enforced security policies and other remedial
measures are effective in addressing the gaps
identified from the VAPT?
20 Do you have a documented IT Policy that guides Yes
users on the acceptable use of information
technology resources such as computers, systems,
internet etc?
Comments:

Network Audit Questionnaire v1.1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Audit Questionnaire v1.1

Uploaded by

Copyright:

Available Formats

IT INFRASTRUCTURE

ROLE NAME SIGNATURE

INSTITUTION KAMANAYO Ananie

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Wireless Access Points

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Core Business Applications

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Users & IT Support Staff

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

1 How many data points/outlets are 60

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Biometric Access Control System

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

Network Audit Questionnaire v1.1 (23-01-2024)

You might also like