User Account

All Pages

Analyse the current network topology

Assignment Help Computer Network Security
Reference no: EM131985965

Network Security Fundamentals

Introduction:

This assignment consists of two parts. Part 1 relates to the improvement of the network security posture of an organisation and is worth 25 marks. This part will mainly test your knowledge that you will gain during the lectures and study materials that are available through Blackboard.

Part 2 of the assignment is worth 15 marks and will test your hands-on experience on the use of cyber- security tools such as ‘Nmap' (Network Mapper) and ‘Wireshark'. You are encouraged to use a Virtual Machine, preferably ‘Kali Linux', and start looking for various resources for information on the use and deployment of these tools. You are also encouraged to make maximum use of the ‘Lynda Campus' resource freely accessible on the Student Portal to get you started on both parts. Also, you should start coming to grips with the use of Virtual Machine software such as ‘VMWare' and how to open a ‘Kali Linux' machine within a VM from the first week of the semester. It is also worth mentioning that the final exam is designed to test your knowledge and skills developed through this course, of which, the major assignment is an integral part.

Part 1 (Network Design):

‘Lucent Pharma' is a pharmaceutical firm based in Perth and has two offices in two different suburbs. The firm's current network topology was deployed in haste and as such does not have any effective security control. The CEO of the firm has started feeling the concerns around the cyber security of its network, as Lucent Pharma's business is flourishing, and competitors are also becoming more and more active in the region. The current network topology of Lucent Pharma is given in Figure 1.

Requirement:

As a network security consultant, you are required to:
1. Analyse the current network topology implemented at ‘Lucent Pharma' and identify five major vulnerabilities that exist in the network. You are also required to provide sound reasoning behind these identified vulnerabilities.

2. Place the following security devices/controls, bearing in mind that these devices do not compromise either the network performance or the security of the network:
a. Firewall
b. IDS/IPS
c. Honeypot
d. Routers/Switches
e. Other devices that may add value to the ‘Lucent Pharma' network

3. Explain/Justify why these devices were placed in the chosen locations in (2)? (5 marks for 2 and 3)

4. Does the Lucent Pharma network require segregation into multiple domains (i.e. requirement of VLANs)? If yes, please add these additional sub-networks to your topology.

5. Create a set of firewall policies and a set of firewall rules that should be implemented by the network administrator for firewall(s) placed in the network. Policies must be sound and robust to cover the cyber-security of the entire network.

6. Create a set of IDS/IPS policies and corresponding rules that are to be implemented by the network administrator. Policies must be sound and robust to cover cyber-security of the entire network.

7. Devise ten security policies that are essential for the Lucent Pharma network. Hint: You may refer to security policies from the SANS (SysAdmin, Audit, Network, and Security) website. However, you are required to draft these policies on your own, i.e., to be written in your own words.

8. Design the ‘Proposed Secure Network Design' for the pharmaceutical firm preferably in Microsoft Visio. An image of this design must be appended to the report.

Part 2 (Hands-On):

This part is independent of Part 1 and requires you to use software tools to examine remote machines and traffic thus captured. You are required to undertake this activity preferably through a ‘Kali Linux' Virtual Machine (other VM's are also acceptable).

Requirement:

1. Use ‘Nmap' tool to scan the server scanme.nmap.org. You are cautioned not to scan any other server as this is considered unethical and unlawful. This activity is known as ‘Port Scanning', and only those servers should be scanned for which you have explicit permissions.

There might be a situation where you find that running a port scanner on the above server may cause delay especially when run from within the ECU network. In this case, you are encouraged to run the scan outside ECU's network to avoid unnecessary delays.

2. Record the above traffic using the ‘Wireshark' tool. You may use the Wireshark tool available in ‘Kali Linux', or you may install Wireshark on your base operating system. Hint: It is always better to check the interface on which your Virtual Machine is running to avoid delays.

3. Scan the server from task 1 again with varying options. You should do as a minimum the following and present the command, arguments, discussion, in a tabular format. A small description of the arguments used must also be reported:
a. Do a TCP SYN scan.
b. Enable OS detection and version detection.
c. Quick scan.
d. Scan a single port.
e. Scan a range of ports.
f. Scan all ports.

4. Report the following in tabular form:
a. Commands used to scan the target server.
b. IP address/es of the target server.
c. Ports open on the target server. Mention the name of the port and what that port is used for?
d. Is the target server running any web server? If so, name the web server in use and the port it is running on?
e. Is the web server version in use is patched? If not, what is the latest stable version of the web server is available?

5. Analyse the ‘Wireshark' capture recorded in task 2 above and answer the following:
a. The filter used to extract ‘HTTP' traffic only.
b. The filter used to exclude ‘HTTP' traffic.
c. Highlight the difference between a ‘Capture Filter' and a ‘Display Filter'.

Attachment:- Assignment.rar

Verified Expert

In this project based on scenario the network was designed and using this design the vulnerabilities were found. And explained about the network components such as routers, switches and also the firewall. And the implementation done in the VLAN network and also described about the IDS polices. And Kali Linux and wireshark were used in this project for scanning the ports and analyze the packets. And for this implementation the screenshots provided in this report.

Reference no: EM131985965

Questions Cloud

What is the present worth cost of this permanent project : What is the Present Worth cost of this permanent project if city money is available to be borrowed at 6%/yr CA?
How did the numbers provide information to you : How did the numbers provide information to you as a base about areas of success, opportunities for improvement?
Portfolio to hold securities for long-term appreciation : You are building individual investment portfolio to hold securities for long-term appreciation.
Sketch on one diagram for the period : Sketch on one diagram for the period 1900 to 1950 how many people in total have been killed by each disease.
Analyse the current network topology : CSI3207 - CSI5212 - Network Security Fundamentals - Analyse the current network topology implemented at ‘Lucent Pharma' and identify five major vulnerabilities
How long did it take to travel the first 150 miles : (a) How long did it take to travel the first 150 miles? _____ hours (b) Where was the car after 3 hours? ______miles from the start
What will your monthly payments be : You have arranged to finance the remainder with 30-year, monthly payment, amortized mortgage at 6.5% nominal interest rate, with first payment due in one month
What is the allocative efficient pollution level : What is the allocative efficient pollution level? Draw a graph showing the allocative efficient level of pollution. Label this point A.
At what yield-to-maturity did you originally buy the bond : At what yield-to-maturity did you originally buy the bond? What is the current yield on the bond?

Reviews

len1985965

5/17/2018 5:03:38 AM

6. Margins set to 2.5 cm. 7. Must have a Title page. 8. Your report should not exceed 20 pages in total length. Supporting your findings with screenshots is preferred. However, screenshots should be made part of the Appendices and not the main report. Note: Appendices are excluded from the report length. 9. English Language Proficiency (ELP): It is mandatory to attach the ELP front sheet to your submission. The ELP sheet shall be completed by the marker and returned with the marked assignment latest version of the ELP sheet can be downloaded from the ECU’s student portal. 10. Referencing: All sources of references must be cited (In-text Citation) and listed (end-text Reference). For details about referencing and the required format, please refer to the ECU Referencing guide available on ECU’s student portal. Note: Cited references should mainly consist of research papers and journal articles and must follow the format as per the referencing guide. Marks will be deducted in case of non-compliance with the referencing guide.

len1985965

5/17/2018 5:03:31 AM

1. The report should be written as a business report in a professional manner in both format and style. It must comprise a Table of Contents, Executive Summary, Introduction, Objective(s), and Conclusion. Between the Objective(s) and the Conclusion, you should make appropriate use of headings and sub-headings. 2. You are encouraged to make use of assumptions on the current network deployment illustration and specify them after the defining the Objective(s) of the report, if you have made any assumption. Any assumption made on the network design but not specified will not be given any consideration. 3. 11 or 12 point Times New Roman. 4. Justification – Block Justified. 5. Footer – Should contain your ECU Student ID and Full Name and a Page Number (8-point type).

Write a Review

Computer Network Security Questions & Answers

  Explain how it is forwarded to its destination

Explain how it is forwarded to its destination and a packet arrived at router R2-m0 with destination address 170.14.24.12. Explain how it is forwarded to its destination.

  Information systems security

You are the Information Security Officer for a small pharmacy did Has recently been opened in the local shopping mall. The daily operational of a pharmacy is a unique business requires a combination of did Both physical and logical access controls..

  Develop the issp for the organisation

Assessment Task - You are required to analyse the scenario on page 3 and develop the following ISSP for the organisation described in the scenario: Access and use of sensitive information of the organisation

  Describe the sarbanes-oxley act

Describe the Sarbanes-Oxley (SOX) act and Committee of Sponsoring Organizations (COSO) framework - describe the process of performing effective information technology audits and general controls.

  Describe secure electronic transactions

Secure Electronic Transactions, Confidentiality and Integrity, Change Cipher Spec protocol, Web Security Approaches: application level.

  What process you would use test the software security

Evaluate the extent to which programmers have the requisite experience to test the security of software within the development of a product. If not, explain what process you would use test the software security.

  How system with capabilities as access control mechanism

Consider how a system with capabilities as its access control mechanism could deal with Trojan Horses.

  Explain factors that help to influence our nations focus

Describe three factors that help to influence our nation's focus on natural or man-made disasters. Should FEMA fall under DHS, or should it be its own cabinet level organization? Why?

  Explain the steps you would use to diagnose and repair

Explain the steps you would use to diagnose, and repair if necessary, spyware on the customer's computer. Also, add how you would safeguard the children from uninvited material showing up on the internet.

  Essence of a digital signature is ensures authentication

1. The essence of a digital signature is that it ensures authentication. Explain how and why it does that.

  Describe an md5 hashing algorithm

Describe the differences between an MD5 hashing algorithm and an SHA1 hashing algorithm, outlining the strengths and weaknesses of each hashing algorithm.

  What are the risks of implementing this technique

list one way to prevent malware from executing in Windows from directories that are not normally used for executables. What are the risks of implementing this technique?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd