Assessment 1 Assessment type: Practical and Written Assessment, Individual assignment (1,000 words). Purpose: The purpose of this assignment is to assess student understanding on firewall design and...

All details are inside the file.


Assessment 1 Assessment type: Practical and Written Assessment, Individual assignment (1,000 words). Purpose: The purpose of this assignment is to assess student understanding on firewall design and configuration and students ability to exercise the operational, analytical and critical skills needed to reduce the potential security risks. Analyse and evaluate the organizational adoption of security controls. Design solutions for concrete security problems for distributed applications This assessment contributes to learning outcomes a, b. Value: 20% (Report 16%; Demonstration 4%) Due Date: Report submission Week 6; Demonstration Week 7 Submission requirements details: All work must be submitted on Moodle by the due date. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using Harvard Anglia referencing style. Assessment topic: Firewall Setup and Configuration Task Details: For any organizational network it is necessary to identify the services running on the networks/hosts due to the fact that any open ports without appropriate services running can introduce security vulnerabilities into the network. This Assignment requires you to perform a scan on a network to identify the services running on the network/hosts and also to identify the status of the ports. Once a set of scans has been performed on the network/hosts configure the firewall settings to address security in the network. Case Study for the Assignment: Express Print Services Pty Ltd. is a Medium Business Enterprise comprising with its branch offices based at Sydney, Melbourne and Perth. Each office manages the local area network configuration with appropriate network facilities to reach their business requirements through proper WAN interconnections. The System and Network administrator of the organization realizes that the security of the network has to be addressed and it is highly recommended that there is a need to impose a certain level of filtering for the network to be secure so as to sustain from threats and attacks. To add the restrictions on a particular network it is necessary to identify the possible threats to the organization. For instance, it is necessary to identify the important services that need to run on the network. In order to figure this out there is a need to run scanning on the network to identify the services and ports of the applications. Furthermore, the firewall needs to be configured by adding rules to block and allow the services based on the requirements of the organizations and the security perspective of the network. The executive management of the organization hires you for the above project and urges you to design the necessary security requirements. Plan an appropriate scanning for the organizational network and configure the firewall rules for the same. The assignment requires you to do the following: 1. Scanning network services using Nmap application tool from Kali Linux platform in Virtual Box. Run a set of scan commands (from the Nmap cheat sheet) and discuss how the results obtained from Nmap in terms of the services running on the network and other attributes provided in the result. The discussion of results should be supported with screenshots. 2. Write a short summary on the possible threats that can be experienced by the network to set up the firewall configuration accordingly 3. Configure or set up firewall rules for the network using the Ufw of the Kali Linux platform Configure the following setting on the firewall using the appropriate commands in Kali Linux. The list of commands is provided below: Command Description Ufw status To check firewall status Ufw enable Enable firewall Ufw allow Allow services, port range and network Ufw deny Blocking a service 1. Check the firewall status 2. Enable or disable the firewall accordingly 3. Allow services such as TCP, SSH and samba using their port number or name 4. Verify the firewall rules after adding the above services 5. Secure a web server by blocking HTTP service and allowing HTTPS service only 6. Allow a range of ports from 20 to 80 and deny a range of ports from 100 to 500 7. Verify the firewall rules 8. Allow HTTP from a specific subnet to access your web services 9. Block connections to a network interface Submission Guidelines: The assignment should be submitted on Moodle on or before the deadline as a word document that includes all the details of the task completed. The report should address the requirements mentioned in the Marking Criteria section of the assignment. Marking Criteria: Sections Description of the section Marks Executive Summary Summary on what the report is addressing 2 Outline Include a short description about the case and discuss the features of Nmap and Ufw 2 Risk Mitigation Plan Discuss the possible threats that can be experienced by the organization discussed in the case study 2 Analysis Critical analysis of the scenario (include the commands, description of the commands and the screenshots from Nmap) 2 Firewall setup Details of the firewall settings with screenshots 6 Conclusion Information on what has been addressed in the report – discussion of the findings is important 2 Demonstration Details of the tests performed with screenshots 4 Total 20 Marking Rubric Assessment 1: (20%) Criteria Fail (0 – 49%) Pass (50 – 64%) Credit (65 – 74%) Distinction (75 – 84%) High Distinction (85 – 100%) Executive Summary 2% Did not include the summary on what the report is addressing Includes executive summary but not clear and precise Clear with respect to the contents but can include more details Includes the complete details in the summary Very clearly written and structured Outline 2% Does not include introduction to the case study and no clear description included about the tool used Includes a short report on the case study but no description included about the tool used Includes both the report on the case study and tool description but needs to be clearer and more precise The case study report and the tool description well addressed but the structure not well organized Very clearly written and structured Risk Mitigation Plan 2% No details provided on the most possible threats for the organization discussed in the case study Minimum level of details provided with a minimum of 1 to 2 threats identified A maximum of 3 to 4 threats identified but needs more details on the threats identified Almost all possible threats identified with necessary level of details provided Very clearly written and structured with required detailed explanation and structure Analysis 2% No proper commands of Nmap has been used to provided a detailed analysis of the report and not supported with any screenshots A minimum of 2 to 3 Nmap commands used with screenshots and results but no proper discussion provided on the analysis and the results obtained A maximum of 4 to 5 Nmap commands has been used with screenshots and results but with minimum discussion provided on the analysis and the results obtained A maximum of 6 to 8 Nmap commands has been used with screenshots and results with appropriate discussion provided on the analysis and the results obtained A maximum of 8 Nmap commands used with screenshots and results with a very clear discussion on the analysis and well structured ICT205 ICT 205 CYBER SECURITY T220 24/06/2020 15:36 *AUSTRALIAN INSTITUTE OF BUSINESS AND MANAGEMENT PTY LTD © PAGE 10 OF 16 CRICOS 03171A ABN: 72 132 629 979 Approved by KOI Academic Board for T2 2020 Firewall Setup 6% The rules have not been setup based on the questions provided Some rules have been missed to be configured on the firewall. The questions not completely addressed Most of the rules have been configured based on the questions Almost all the questions have been configured with necessary discussion All questions for the rules have been addressed with proper explanation and structure Conclusion 2% No conclusion provided Conclusion not provided with complete findings in the report Conclusion not provided with necessary details Conclusion provided Very clearly written and structured Demonstration 4% Did not attend the demonstration session Attended but not a good presentation. Not able to provide a clear explanation. Viva voce questions not answered properly The details provided to some extent. A few questions in the viva voce has been answered Good presentation with most of the questions answered Good presentation with all the answers given for the viva voce Total Mark: / 20% COMMENTS: The assessment rubric has a demonstration. The requirements of the completion of this assessment looks for a demonstration to be completed by the students ICT205 ICT 205 CYBER SECURITY T220 24/06/2020 15:36 *AUSTRALIAN INSTITUTE OF BUSINESS AND MANAGEMENT PTY LTD © PAGE 9 OF 16 CRICOS 03171A ABN: 72 132 629 979 Approved by KOI Academic Board for T2 2020