Reference no: EM133691732
Manage Network Security
ASSESSMENT 1
Question 1: Answer the following questions regarding the industry-standard ICT networks and their configuration.
1.1 Explain the term "ICT networks".
1.2 What is network configuration?
1.3 What are the three (3) types of network?
Question 2: Answer the following questions regarding the network attacks, vulnerabilities and related weaknesses of installed infrastructure, including:
• security technologies
• emerging security issues
2.1 What are network vulnerabilities?
2.2 What are network security attacks?
2.3 What is the relation between security weakness and vulnerability?
2.4Identify four (4) emerging security technologies.
2.5 Identify four (4) emerging security issues.
Question 3: Answer the following questions regarding the network security measures, including:
• auditing and penetration testing techniques
• logging analysis techniques
• organizational network infrastructure
• capabilities of software and hardware solutions
• general features of emerging security policies, with depth in security procedures
• network management and security process controls
3.1 What are the three (3) basic network security measures?
3.2 Identify two (2) auditing and penetration testing techniques.
3.3Explain the reasons for using network logging analysis techniques in terms of network security perimeter issue?
3.4 What do you mean by organizational network infrastructure keeping network security perimeter in prospect?
3.5 Explain the purpose of special hardware and software solutions like intrusion detection systems (IDS) to secure computer networks and host computers.
3.6 What are security policies and procedures? What general features should be included in the security procedures.
3.7 What are network security controls?
Question 4: Answer the following questions regarding the network security implementation risk management plans and procedures, including:
• network security planning
• implementation
• cost analysis and budgeting.
4.1 What is the purpose of security planning?
4.2 What is security implementation?
4.3Explain the purpose of cost analysis and budgeting for network security implementation
Question 5 Identify the five (5) most common network attacks and explain each in 50-100 words.
Question 6 Identify the five (5) most common vulnerabilities of a network.
Question 7 Identify the six (6) weaknesses of a network that can cause network attacks.
Question 8 Identify five (5) emerging security technologies used to secure a network.
Question 9 Identify six (6) security technologies used to secure organisation networks from web-based attacks.
Question 10 Identify five (5) emerging security issues.
Question 11 What is network auditing?
Question 12 Identify ten (10) tools used for network auditing.
Question 13 Explain network penetration.
Question 14 Identify ten (10) network penetration tools.
Question 15 What is a log analysis?
Question 16 Identify five (5) best practices to analyze network logs.
Question 17 Identify twenty (20) tools used to monitor and analyze network logs.
Question 18 What is organizational network infrastructure?
Question 19 How do you differentiate between IT infrastructure and network infrastructure?
Question 20 Identify five (5) features of an effective security policy.
Question 21 Identify four (4) procedures used for network security. Write 50-100 words for each procedure.
Question 22 Identify seven (7) basic security and management controls applicable to all networks.
Question 23 List five (5) essential features of a successful network security policy and explain each
Question 24 What are nine (9) essential elements of network security planning?
Question 25 Identify eight (8) types of information that must be included in an ideal risk management plan.
Question 26 Identify eight (8) steps to implement network security.
ASSESSMENT 2
Case Study
You have been working at ABC bank as an IT manager. ABC Bank wants to open a new branch in another city and for this they already purchased a double story building. It consists of one server room on the second floor, 2 management rooms on the second floor and one board room on the 1st floor. The following IT infrastructure will be delivered to the new location according to the requirement list raised by you.
• Twenty (20) HP I7 computers
• Four (2) Cisco 24 port switches
• Two (2) Hp ProLiant servers
• One (1) NBN connection
• Two (2) Wi fi Router
• One Wireless access point
• Two (2) Sharp MX-4111N all in one printer
• One (1) Biometric sensor
• One (1) server rack
• Sixty (60) patch cords (network cables)
Malware attacks have been a critical issue for ABC Bank. Last month a number of computer systems were out-of-order and caused significant financial damage to the organization.
Company officials want you to prepare a detailed report regarding the network security plans so that this report can be shared with the company's risk analyst. After the approval of the risk analyst, the IT head can give you the go ahead for setting up the network design with the suggested changes.
Activity - 1
In this assessment task:
• The student will act as themselves.
• The trainer assessor will act as the risk analyst/ your supervisor.
You need to prepare a report that includes the following information:
A. All three (3) phases of network security design
• Defining planning phase for network security design according to organisational requirements
• Defining building phase for network security design according to organisational requirements
• Defining managing phase for network security design according to organisational requirements
o Planning Phase, including the following:
» Most suitable network topology according to office layout
» Server roles
» The operating system for servers and workstations
» Applications requirement
» The bandwidth requirement for internet
» Antivirus requirements for servers and workstations
» Security measures for network equipment
» Access control
» Wi-fi Access point location
» Backup Strategy
o Building Phase of network security design, including the following:
» Risk assessment methods.
» Security measures
» Costing of network design
» Planned Network design feedback given by security analyst and IT head.
» Incident reporting matrix
» The threat model for risk assessment
» Determine attacker scenarios and threats according to network security design specifications.
» Design and document network components security measures.
» Develop and document security policies.
» Submit document to required personnel and seek and respond to feedback.
o Managing phase, including the following information:
» Incident reporting
» Security level matrix
» Facilities level
» Escalation matrix
B. Risks assessment, including the following information:
» Possible reasons
» Attackers scenarios and possible threats
o Determine major threat themes to network security
o Determine the potential origin of major threats according to network security design specifications
o Identify industry standard common network vulnerability types
o Design and document threat model according to network security design specifications
» Common network vulnerabilities
» Who can be a risk to the network?
» Level of risk
C. Risk management strategy.
» Assets that need to be secured
» Asset's approximate value (search form internet)
» Analysis on security risks
o Determine required elements of risk management according to network security design specifications.
o Identify organizational assets requiring protection.
o Categorize and document assets and determine their value according to organizationalrequirements.
o Determine and document risk management plan according to organizationalrequirements.
» Reason for the security of the asset
» Design security incidents response.
o Design and document auditing and incidents response procedure.
o Submit to required personnel, seek and respond to feedback.
» A risk management plan including the following information.
• No.
• Risk (What can happen)
• Source (How this can happen)
• Possible Impact of Risk
• Possible Treatment
• Effectiveness of current plan
• Likelihood
• Consequence
• Acceptable/Unacceptable
Activity 2
In this task :
• The Student will act as an ICT technician
• The trainer/assessor will act as a risk analyst.
• The student will hold a meeting with the risk analyst to collect feedback on the network security design
You are required to share the network design with risk analyst to collect the feedback in the following template.
Activity 3
In this task:
• The student will act as themselves
• The trainer/assessor will act as a security analyst.
• The student will implement the network design developed
You have submitted your proposed network report to the security analyst and after a few minor changes you received the go ahead from the IT head. Now it is the time for you to put your design into practice. You are required to perform the below tasks.
A. Create network security design for network component by including the following:
o Physical security requirements of sever.
o Server access rights
o Physical Security of Switches
o Password requirements of router, switches
o Wi-Fi security encryption
o Wi-Fi access point security
B. Create the Security incident report template including the following.
o Reported by
o Date of reporting
o Title /Role
o Incident No
o Incident Type
o Date of Incident
o Location
o City
o State
o Zip Code
o Incident Description
o Contact of the involved party
o Police Report filed Precinct.
o Reporting Officer
o Phone
o Follow up Action.
o Supervisor Name
o Supervisor Signature
o Date
Activity 4
In this task:
• The student will act as themselves.
• The student will implement the network security design developed.
After finalising the network security design and incident response template, it is the time for you to implement the final network security design. You want to test the working and reliability of the network design against the known vulnerabilities. To check the plan for a final sign off the following activities need to be performed and the required changes made.
• Testing of security design against the following vulnerabilities
o USB Drive access
o Wireless access point authentication
o SQL Injections
o Smartphone or digital devices authentication
o Email Filtering
o Database exposure
o Security patch updating
o Password policy
During the testing document, the incidents in the incident response template designed in part A of this assessment task to make required changes to complete the sign off template.