User Account

All Pages

Analyse the current network topology

Assignment Help Computer Network Security
Reference no: EM131985965

Network Security Fundamentals

Introduction:

This assignment consists of two parts. Part 1 relates to the improvement of the network security posture of an organisation and is worth 25 marks. This part will mainly test your knowledge that you will gain during the lectures and study materials that are available through Blackboard.

Part 2 of the assignment is worth 15 marks and will test your hands-on experience on the use of cyber- security tools such as ‘Nmap' (Network Mapper) and ‘Wireshark'. You are encouraged to use a Virtual Machine, preferably ‘Kali Linux', and start looking for various resources for information on the use and deployment of these tools. You are also encouraged to make maximum use of the ‘Lynda Campus' resource freely accessible on the Student Portal to get you started on both parts. Also, you should start coming to grips with the use of Virtual Machine software such as ‘VMWare' and how to open a ‘Kali Linux' machine within a VM from the first week of the semester. It is also worth mentioning that the final exam is designed to test your knowledge and skills developed through this course, of which, the major assignment is an integral part.

Part 1 (Network Design):

‘Lucent Pharma' is a pharmaceutical firm based in Perth and has two offices in two different suburbs. The firm's current network topology was deployed in haste and as such does not have any effective security control. The CEO of the firm has started feeling the concerns around the cyber security of its network, as Lucent Pharma's business is flourishing, and competitors are also becoming more and more active in the region. The current network topology of Lucent Pharma is given in Figure 1.

Requirement:

As a network security consultant, you are required to:
1. Analyse the current network topology implemented at ‘Lucent Pharma' and identify five major vulnerabilities that exist in the network. You are also required to provide sound reasoning behind these identified vulnerabilities.

2. Place the following security devices/controls, bearing in mind that these devices do not compromise either the network performance or the security of the network:
a. Firewall
b. IDS/IPS
c. Honeypot
d. Routers/Switches
e. Other devices that may add value to the ‘Lucent Pharma' network

3. Explain/Justify why these devices were placed in the chosen locations in (2)? (5 marks for 2 and 3)

4. Does the Lucent Pharma network require segregation into multiple domains (i.e. requirement of VLANs)? If yes, please add these additional sub-networks to your topology.

5. Create a set of firewall policies and a set of firewall rules that should be implemented by the network administrator for firewall(s) placed in the network. Policies must be sound and robust to cover the cyber-security of the entire network.

6. Create a set of IDS/IPS policies and corresponding rules that are to be implemented by the network administrator. Policies must be sound and robust to cover cyber-security of the entire network.

7. Devise ten security policies that are essential for the Lucent Pharma network. Hint: You may refer to security policies from the SANS (SysAdmin, Audit, Network, and Security) website. However, you are required to draft these policies on your own, i.e., to be written in your own words.

8. Design the ‘Proposed Secure Network Design' for the pharmaceutical firm preferably in Microsoft Visio. An image of this design must be appended to the report.

Part 2 (Hands-On):

This part is independent of Part 1 and requires you to use software tools to examine remote machines and traffic thus captured. You are required to undertake this activity preferably through a ‘Kali Linux' Virtual Machine (other VM's are also acceptable).

Requirement:

1. Use ‘Nmap' tool to scan the server scanme.nmap.org. You are cautioned not to scan any other server as this is considered unethical and unlawful. This activity is known as ‘Port Scanning', and only those servers should be scanned for which you have explicit permissions.

There might be a situation where you find that running a port scanner on the above server may cause delay especially when run from within the ECU network. In this case, you are encouraged to run the scan outside ECU's network to avoid unnecessary delays.

2. Record the above traffic using the ‘Wireshark' tool. You may use the Wireshark tool available in ‘Kali Linux', or you may install Wireshark on your base operating system. Hint: It is always better to check the interface on which your Virtual Machine is running to avoid delays.

3. Scan the server from task 1 again with varying options. You should do as a minimum the following and present the command, arguments, discussion, in a tabular format. A small description of the arguments used must also be reported:
a. Do a TCP SYN scan.
b. Enable OS detection and version detection.
c. Quick scan.
d. Scan a single port.
e. Scan a range of ports.
f. Scan all ports.

4. Report the following in tabular form:
a. Commands used to scan the target server.
b. IP address/es of the target server.
c. Ports open on the target server. Mention the name of the port and what that port is used for?
d. Is the target server running any web server? If so, name the web server in use and the port it is running on?
e. Is the web server version in use is patched? If not, what is the latest stable version of the web server is available?

5. Analyse the ‘Wireshark' capture recorded in task 2 above and answer the following:
a. The filter used to extract ‘HTTP' traffic only.
b. The filter used to exclude ‘HTTP' traffic.
c. Highlight the difference between a ‘Capture Filter' and a ‘Display Filter'.

Attachment:- Assignment.rar

Verified Expert

In this project based on scenario the network was designed and using this design the vulnerabilities were found. And explained about the network components such as routers, switches and also the firewall. And the implementation done in the VLAN network and also described about the IDS polices. And Kali Linux and wireshark were used in this project for scanning the ports and analyze the packets. And for this implementation the screenshots provided in this report.

Reference no: EM131985965

Questions Cloud

What is the present worth cost of this permanent project : What is the Present Worth cost of this permanent project if city money is available to be borrowed at 6%/yr CA?
How did the numbers provide information to you : How did the numbers provide information to you as a base about areas of success, opportunities for improvement?
Portfolio to hold securities for long-term appreciation : You are building individual investment portfolio to hold securities for long-term appreciation.
Sketch on one diagram for the period : Sketch on one diagram for the period 1900 to 1950 how many people in total have been killed by each disease.
Analyse the current network topology : CSI3207 - CSI5212 - Network Security Fundamentals - Analyse the current network topology implemented at ‘Lucent Pharma' and identify five major vulnerabilities
How long did it take to travel the first 150 miles : (a) How long did it take to travel the first 150 miles? _____ hours (b) Where was the car after 3 hours? ______miles from the start
What will your monthly payments be : You have arranged to finance the remainder with 30-year, monthly payment, amortized mortgage at 6.5% nominal interest rate, with first payment due in one month
What is the allocative efficient pollution level : What is the allocative efficient pollution level? Draw a graph showing the allocative efficient level of pollution. Label this point A.
At what yield-to-maturity did you originally buy the bond : At what yield-to-maturity did you originally buy the bond? What is the current yield on the bond?

Reviews

len1985965

5/17/2018 5:03:38 AM

6. Margins set to 2.5 cm. 7. Must have a Title page. 8. Your report should not exceed 20 pages in total length. Supporting your findings with screenshots is preferred. However, screenshots should be made part of the Appendices and not the main report. Note: Appendices are excluded from the report length. 9. English Language Proficiency (ELP): It is mandatory to attach the ELP front sheet to your submission. The ELP sheet shall be completed by the marker and returned with the marked assignment latest version of the ELP sheet can be downloaded from the ECU’s student portal. 10. Referencing: All sources of references must be cited (In-text Citation) and listed (end-text Reference). For details about referencing and the required format, please refer to the ECU Referencing guide available on ECU’s student portal. Note: Cited references should mainly consist of research papers and journal articles and must follow the format as per the referencing guide. Marks will be deducted in case of non-compliance with the referencing guide.

len1985965

5/17/2018 5:03:31 AM

1. The report should be written as a business report in a professional manner in both format and style. It must comprise a Table of Contents, Executive Summary, Introduction, Objective(s), and Conclusion. Between the Objective(s) and the Conclusion, you should make appropriate use of headings and sub-headings. 2. You are encouraged to make use of assumptions on the current network deployment illustration and specify them after the defining the Objective(s) of the report, if you have made any assumption. Any assumption made on the network design but not specified will not be given any consideration. 3. 11 or 12 point Times New Roman. 4. Justification – Block Justified. 5. Footer – Should contain your ECU Student ID and Full Name and a Page Number (8-point type).

Write a Review

Computer Network Security Questions & Answers

  Responsibility of confidentiality to previous employer

You have taken a job with a software user who has contracted your previous employer to develop a system for them. However, you have also a responsibility of confidentiality to your previous employer.

  Privileged accounts to perform basic user activities

The assignment must be a minimum of just over 1-full page in length with a minimum of 2 outside sources. Answer the questions below Please be sure to follow APA guideline, Administrators have used their privileged accounts to perform basic user act..

  What firewall type or methodology or system would you

what firewall typemethodology or system would you recommend for a small 10-user it shop running windows systems

  What is web security were mentioned in the last six months

Write a research paper/presentation on what is application/web security and recent attacks that were mentioned in the last 6 months. Present your views and experts' views, if available on the breaches referenced in your paper/presentation.

  Security mechanisms needed to protect the dms systems

Analyze the security mechanisms needed to protect the DMS systems from both state employees and users accessing over the Internet

  Discuss briefly the use of inheritance blocking and forcing

You are required to show evidence that you can prevent student phone numbers on the user information from being read by anyone other than Dorothy Liddleton and the appropriate section manager.

  Describe the secure communication scenarios

Both IPsec and SSL provide encrypted network communication, but at different layers in the Internet protocol stack, and for different purposes. Compare and contrast these two protocols, and describe the secure communication scenarios they are best..

  Difference between cyber-related crimes and cyber crimes

Summarize the difference between cyber-related crimes and cyber crimes. On cyber crimes, define cyber trespass, cyber vandalism and cyber privacy. On cyber-related crimes describe the difference between cyber-assisted and cyber-enhanced crimes.

  Describe secure electronic transactions

Secure Electronic Transactions, Confidentiality and Integrity, Change Cipher Spec protocol, Web Security Approaches: application level.

  Find time when station c hears the collision

The size of the frame is long enough to guarantee the detection of collision by both stations. Find: The time when station C hears the collision (t3).

  What are the most significant threats to your data

What is cyber security, and what are some of its key concepts and what are the most significant threats to your data, and what are some of the root causes of those threats - are cyber criminals a real danger to your enterprise? Why or why not?

  What could ssb and alice have done to protect

Assuming SSB wishes to continue using only 3DES as its cryptographic system, what could SSB and Alice have done to protect against this controversy arising?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd