User Account

All Pages

Perform a security testing on the network to identify threat

Assignment Help Computer Networking
Reference no: EM132361375 , Length: word count : 1000

Assessment 1

Assessment topic: Firewall Setup and Configuration

Task Details: This Assignment requires you to perform a security testing on the network to identify the threats, prepare a Risk Mitigation report and configure some of the firewall settings using Kali Linux to secure the network and the distributed applications. The assignment consists of two parts.

Part A:

Use Nmap – a security testing in Kali Linux to perform penetration testing on the network (features of Nmap listed below). Prepare a short Risk Mitigation plan to identify the threats for the assets. This plan will guide you to proceed with the firewall settings required for the organization as you focus on the second part of the assignment.

Features of Nmap:

o Host discovery: useful for identifying hosts in any network

o Port scanning: lets you enumerate open ports on the local or remote host

o OS detection: useful for fetching operating system and hardware information about any connected device

o App version detection: allows you to determine application name and version number

o Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting Engine (NSE) Part B:

Configure a few settings on the firewall for the network using Kali Linux commands to achieve a required level of security. The initial set of commands are given to you to start with. You may need to perform online search to complete the rest of the requirements for the firewall settings.

Case Study for the Assignment:

CMC is a small business enterprise comprising a network to reach their business requirements. A network need to be secured to achieve their business goals. The System and Network administrator of CMC realizes that it is necessary to impose certain level of filtering for the network to be secure and that is when it can sustain from attacks, which may damage the whole network. To develop a secure network, network administrators must have a good understanding of all the attacks that are caused by an intruder and their mitigation techniques.

Choosing a particular mitigation technique for an attack has an impact on the overall performance of the network, because each attack has different ways for mitigation. The network administrators identify the assets that need to be protected by performing a risk analysis, threats and vulnerabilities that the network may pose. The risk analysis provides sufficient information about all risks and helps to build a network with high security. After risk analysis, designing a set of security policies is very important to provide high level of security.

Security policies provide information for network users for using and auditing the network. Firewall is considered to be a part of the security policy providing necessary protection to the network and the applications.

You are the System and Network Administrator of CMC and the top management of CMC urges you to design the required firewall for the organization’s network. Looking into the requirements of the security and adhering to information security policy you are required to provide firewall settings to secure the network from different types of possible attacks that can harm the business network.

Part A

Perform the following task:

1. Use Nmap from Kali on your Virtual Box

2. Write an introduction to include the description of the tool

3. Demonstrate four tasks Nmap can perform. Discuss on how this tool can be used for mitigating differ types of threats. The discussion should include the name and brief description of the threat and must be supported by screenshots.

4. Discuss the performance of the tools based on the following:

a. Security features and

b. Time taken to detect any threat

5. Perform the firewall testing using Nmap

6. From the report generated from the above tasks write a short Risk Mitigation Plan to identity the type of threats on the organisation’s assets.

Part B

Configure the following setting on the firewall using the appropriate commands in Kali Linux. The list of commands is provided below:

Command

Description

Ufw status

To check firewall status

Ufw enable

Enable firewall

Ufw allow

Allow services, port range and network

Ufw deny

Blocking a service

1. Check the firewall status

2. Enable or disable the firewall accordingly

3. Allow services such as TCP, SSH and samba using their port number or name

4. Verify the firewall rules after adding the above services

5. Secure a web server by blocking HTTP(80) service and allowing HTTPS(443) service only

6. Allow a range of ports from 20 to 80 and deny a range of ports from 100 to 500

7. Verify the firewall rules

8. Allow HTTP from a specific subnet to access your web services

9. Block connections to a network interface

Assessment 2

Assessment topic: Security Plan and Training Program

Task Details: This assignment requires you to design a security plan based on a given case study. The learning outcomes of this assignment are to recognize the threats that exist in your current or future work place. Through your research, identify the threats, outline security guidelines and develop a robust and pragmatic training programme.

You should develop a plan that you would regard as helpful to you, the information user, as well as protecting your organization's information environment. Use your imagination in combination with a wide-range of material. You are required to complete and submit a security plan based on the following scenario:

Case Study Scenario:

You are the recently appointed head of a security team responsible for protecting the information holdings of a business organization of around 1000 staffs. The organization is placed in a separate multistoried building located in the central business district of the city. The security team is responsible for administering the security of information from deliberate and accidental threats.

The recent information security management found it to be deficient in some key areas such as incident response, disaster recovery and business continuity, social engineering attacks and lack of personnel awareness of the various threats to information, and poor password security. The above issues identified needed urgent remedy. Technical systems were found to be reasonably effective in maintaining database and document management security, and were well serviced by the IT team.

The management of the organization has directed you to undertake some security analysis and planning to improve the organization's security of information. You tasks are to:

a) Identify and describe the organizational holdings at risk

b) Identify and describe the potential security threats to the organization

c) Design a security plan with the details of necessary counter-measures to manage and address the threats

d) Develop a comprehensive information security training and awareness program for the staff personnel of the organization

Reference no: EM132361375

Questions Cloud

How your experience has led you to this position : In this course, you will encounter different ways that people perceive the relationship between psychological science and Christian faith.
Discuss the residency of misha : LEGL602 - Taxation Law - Australian Catholic University - Discuss the residency of Misha - A bonus received by an employee for a suggestion adopted.
Determine a different production rate each week : Question - Supplies of these materials change from week to week, so the company needs to determine a different production rate each week
Identify all the cultural and social norms in south korea : 1. Identify all the cultural and social norms in South Korea when it comes to gender, both in workplace and outside of work place.
Perform a security testing on the network to identify threat : KINGS OWN INSTITUTE-ICT 205 CYBER SECURITY T219-Australia- Perform a security testing on the network to identify the threats, prepare a Risk Mitigation report.
What approach would you take and why : Does your current work, school, or organizational affilate managed by stockholder or stakeholde approach? Is this appropriate?
Do you believe that applying growth mindset : Do you believe that applying growth mindset to a goal would allow you to achieve success more smoothly? Why or why not?
Anyone can give some examples : Anyone can give some examples how often should my employees receive constructive feedback on their performance.
What is the importance of developing : What is the importance of developing, regularly reviewing and updating individual and team development plans?

Reviews

len2361375

8/26/2019 10:04:40 PM

Very clearly written and structured, Directly answers the question, gives additional insights and theoretical perspectives,Provides exceptional level of support for position taken and conclusion based on extensive and compelling argument.a) Analyse and evaluate the organisational adoption of security controls b) Design solutions for concrete security problems for distributed applications c) Formulate and evaluate security countermeasures to reduce potential security risks d) Analyse emerging security threats and controls.

Write a Review

Computer Networking Questions & Answers

  Write a research paper about social networking and privacy

Write a Research paper about Social Networking and Privacy.

  Differences between symmetric and asymmetric encryption

Explain the key differences between symmetric and asymmetric encryption.- Which can the computer process faster? Which lowers the costs associated with key management?

  What is the purpose of the spanning-tree protocol

List the commands used to create VLAN5 and name this VLAN Marketing group.What are the five STP protocol states?

  What are the most important aspects to monitor your servers

We can all agree that it's important to monitor your servers' performance over time. But, what are the most important aspects to monitor and how often? As a network administrator, how do you best use this information for future planning?

  Explaining pretty good privacy and s-mime

It is essential to encrypt it, by using solutions like PGP (Pretty Good Privacy), S/MIME (Secure Multi-Purpose Internet Message Exchange), and steganography. Research these different mechanisms.

  Examine the security characteristics of both ipv4

Examine the security characteristics of both IPv4, which is most prevalent in today's networks, and IPv6, which is up and coming. State and explain the major shortcomings of IPv4 that are now fixed or improved in IPv6

  Discuss a data routing protocol scheme

Discuss a data routing protocol scheme that can be used in IoT networks. Your answer must clarify the following: type of the routing service

  Develop a proposal for the management team

As one of your first tasks, you have been asked to develop a proposal for the management team. These members have varying backgrounds and sometimes limited knowledge of IT services.

  Circuit packet switching and vpns

Circuit Packet Switching and VPNs-From the e-Activity, analyze at least one major advantage of private networks and the impact it creates for a communication technology organization. Be sure to provide your source either as an article or URL

  Examine the throughput of a tcp connection

Compare the Weighted Fair Queuing, Priority Queuing, and FIFO schemes in terms of drop rate, delay, and delay variation. What are the advantages and disadvantages of each - examine the throughput of a TCP connection as the flow control window size..

  Prepare a website proposal to mr richards

ICTWEB507 Customise a Complex ICT Content Management System -Macquarie University-Australia-Identify and download an appropriate open-source system.

  Discuss some of the problems nats create for ipsec security

discuss some of the problems nats create for ipsec security. see phifer 2000. can we solve these problems by using

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd