Organizations often do not have the security built into their infrastructure that is required as the organization grows. When the need for security increases, someone is often assigned the responsibility of determining what security measures need to be improved.
Consider the following scenario:
You currently work for a large global organization as a security analyst. The network administrator recently came to you with a new task. The organization has a LAN using TCP/IP. They want the network to be secure but also to gain the most return for the smallest investment. You have been asked to advise the Global Communications team on LAN security.