User Account

All Pages

Identify and describe the organizational holdings at risk

Assignment Help Computer Network Security
Reference no: EM132373946 , Length: word count : 2000

Assignment

Subject Learning Outcomes

a) Analyse and evaluate the organisational adoption of security controls

b) Design solutions for concrete security problems for distributed applications

c) Formulate and evaluate security countermeasures to reduce potential security risks

d) Analyse emerging security threats and controls.

Practical and Written Assessment

Assessment topic 1: Firewall Setup and Configuration

Task Details: This Assignment requires you to perform a security testing on the network to identify the threats, prepare a Risk Mitigation report and configure some of the firewall settings using Kali Linux to secure the network and the distributed applications. The assignment consists of two parts.

Part A:

Use Nmap – a security testing in Kali Linux to perform penetration testing on the network (features of Nmap listed below). Prepare a short Risk Mitigation plan to identify the threats for the assets. This plan will guide you to proceed with the firewall settings required for the organization as you focus on the second part of the assignment.

Features of Nmap:

o Host discovery: useful for identifying hosts in any network

o Port scanning: lets you enumerate open ports on the local or remote host

o OS detection: useful for fetching operating system and hardware information about any connected device

o App version detection: allows you to determine application name and version number

o Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting Engine (NSE)

Part B:

Configure a few settings on the firewall for the network using Kali Linux commands to achieve a required level of security. The initial set of commands are given to you to start with. You may need to perform online search to complete the rest of the requirements for the firewall settings.

Case Study for the Assignment:

CMC is a small business enterprise comprising a network to reach their business requirements. A network need to be secured to achieve their business goals. The System and Network administrator of CMC realizes that it is necessary to impose certain level of filtering for the network to be secure and that is when it can sustain from attacks, which may damage the whole network. To develop a secure network, network administrators must have a good understanding of all the attacks that are caused by an intruder and their mitigation techniques.

Choosing a particular mitigation technique for an attack has an impact on the overall performance of the network, because each attack has different ways for mitigation. The network administrators identify the assets that need to be protected by performing a risk analysis, threats and vulnerabilities that the network may pose.

The risk analysis provides sufficient information about all risks and helps to build a network with high security. After risk analysis, designing a set of security policies is very important to provide high level of security.

Security policies provide information for network users for using and auditing the network. Firewall is considered to be a part of the security policy providing necessary protection to the network and the applications.

You are the System and Network Administrator of CMC and the top management of CMC urges you to design the required firewall for the organization’s network. Looking into the requirements of the security and adhering to information security policy you are required to provide firewall settings to secure the network from different types of possible attacks that can harm the business network.

Part A

Perform the following task:

1. Use Nmap from Kali on your Virtual Box

2. Write an introduction to include the description of the tool

3. Demonstrate four tasks Nmap can perform. Discuss on how this tool can be used for mitigating differ types of threats. The discussion should include the name and brief description of the threat and must be supported by screenshots.

4. Discuss the performance of the tools based on the following:

a. Security features and

b. Time taken to detect any threat

5. Perform the firewall testing using Nmap

6. From the report generated from the above tasks write a short Risk Mitigation Plan to identity the type of threats on the organisation’s assets.

Part B

Configure the following setting on the firewall using the appropriate commands in Kali Linux. The list of commands is provided below:

Command

Description

Ufw status

To check firewall status

Ufw enable

Enable firewall

Ufw allow

Allow services, port range and network

Ufw deny

Blocking a service

1. Check the firewall status

2. Enable or disable the firewall accordingly

3. Allow services such as TCP, SSH and samba using their port number or name

4. Verify the firewall rules after adding the above services

5. Secure a web server by blocking HTTP(80) service and allowing HTTPS(443) service only

6. Allow a range of ports from 20 to 80 and deny a range of ports from 100 to 500

7. Verify the firewall rules

8. Allow HTTP from a specific subnet to access your web services

9. Block connections to a network interface

Assessment topic 2: Security Plan and Training Program

Task Details: This assignment requires you to design a security plan based on a given case study. The learning outcomes of this assignment are to recognize the threats that exist in your current or future work place. Through your research, identify the threats, outline security guidelines and develop a robust and pragmatic training programme.

You should develop a plan that you would regard as helpful to you, the information user, as well as protecting your organization’s information environment. Use your imagination in combination with a wide-range of material. You are required to complete and submit a security plan based on the following scenario:

Case Study Scenario:

You are the recently appointed head of a security team responsible for protecting the information holdings of a business organization of around 1000 staffs. The organization is placed in a separate multistoried building located in the central business district of the city. The security team is responsible for administering the security of information from deliberate and accidental threats.

The recent information security management found it to be deficient in some key areas such as incident response, disaster recovery and business continuity, social engineering attacks and lack of personnel awareness of the various threats to information, and poor password security.

The above issues identified needed urgent remedy. Technical systems were found to be reasonably effective in maintaining database and document management security, and were well serviced by the IT team.

The management of the organization has directed you to undertake some security analysis and planning to improve the organization’s security of information. You tasks are to:

a) Identify and describe the organizational holdings at risk

b) Identify and describe the potential security threats to the organization

c) Design a security plan with the details of necessary counter-measures to manage and address the threats

d) Develop a comprehensive information security training and awareness program for the staff personnel of the organization

Reference no: EM132373946

Questions Cloud

Discuss the importance of treating substance use disorders : Discuss the importance of treating substance use disorders with a family systems approach. Why would treatment not be effective if you do not include the family
Explain the uniqueness of the individual person : Regarding uniqueness, one asks: How can one possibly explain the uniqueness of the individual person in a scientific manner
Write a program which requests that requests a product name : Write a program which requests that requests a product name and a stock number. Store that data in a List or a Dictionary
Specified potential causes of personality : What does research say about the specified potential causes of personality disorders? Please use a detailed explanation and citations
Identify and describe the organizational holdings at risk : ICT 205 CYBER SECURITY-KING’S OWN INSTITUTE-Australia-Identify and describe the potential security threats to the organization.
Topic in industrial and organizational psychology : Work-based assessment is a central topic in industrial and organizational psychology. Work-based assessments are often criticized for lack of quantitative
Use MS-Excel to plot a graph of the Demand Curve for hats : Use MS-Excel to plot a graph of the Demand Curve for hats. How much must they reduce the price of the hats in order to sell an additional hat
Automate a business process : ITECH1100-Understanding the Digital Revolution-Hat World Federation University-Apply business information software for data visualization and analysis purposes
What did you learn this week about communication : What did you learn this week about communication that stood out to you, and what does scripture say about resolving conflicts.

Reviews

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd