Reference no: EM133551237
Case scenario:
Lux Car Rentals (LCR), a newly established car rental company in Queensland. This car rental company provides self-drive, and chauffeur driven car hire in several major cities in Australia. The head office is in Brisbane and the branch offices are in Sydney, Melbourne, Perth, Adelaide, and Hobart. Their services include formal and luxury car hire, supercar hire, wedding car hire, drive aways and so on. They offer corporate packages and membership options for their loyal customers. They are planning to offer an additional service of delivering the prestige rental cars directly to the designated locations in those cities as per customer orders. Staff among different sites need to regularly communicate with each other through WAN network services. During the COVID-19 pandemic, some of the staff are working from home and connect to the company network through an Internet connection for video conferencing. Each location also provides free wireless LAN access to the customers and visitors. Customers can place an order either by visiting any of the local offices or using the web interface or using the mobile App of LCR, as well as through phone calls and via email messages. The orders will be processed using a customised proprietary software purchased by this company. By using this software, LCR will not only reserve the most suitable and available vehicle from their fleet in the nearest vehicle warehouse but also deliver the order, if required, to the customers in a minimum time. LCR provides online and on-site payment facilities for the customers to pay for their orders. Their required network should be available 24/7 to store the real time stock level and reservations of their vehicle fleet and their customer details. Further, the vehicle fleet in the warehouses should be monitored using CCTV monitoring system connected to the network. LCR needs the guarantee that their proprietary algorithm, and various data and information in their information system are highly secured. Sensitive data, such as customer's confidential information, the bookings and their subscribed services are required to be sent to the company via Internet. Therefore, it is essential for LCR to provide high-performance secure network connectivity at every site and the data will be stored in the database server. LCR uses local and cloudbased storages to keep their data. The Chief Security Officer (CSO) of LCR and their team are currently pursuing all the possible ways of securing their network, applications, and data/information.
1. Identify two types of potential attacks that might occur in the above-mentioned scenario. Describe each of them and explain how these attacks could occur in the given case (explain with a diagram or list the possible steps if applicable).
2. Propose at least three networking technologies/methods/protocols that could have been used to enhance the network (wired and/or wireless) security in the above case. Explain in detail how these technologies that you proposed would enhance this company's network security (justify answer). Describe them within the OSI model.
3. Various hardware devices should be used to protect the company's network, such as firewall or AP device with VLANs. Explain the use of such secure devices and how they can improve network security and maybe the network performance. Explain with a simple diagram where would put the firewall/s in this company's network.
4. Propose a suitable access control technique that could have been employed to meet this company's requirement. Please include an appropriate access control model, implementation and related policy in answer. Justify why you are choosing this access control technique over any of the two options that were discussed in the lecture materials.
5. Name two of the authentication methods/techniques that recommend for this company. Do some research and explain those two techniques. explanation should include brief description of the techniques, advantages and disadvantages (if any) of those two techniques and the justification of your choice.