Applied Network and Cloud Technology Assessment Answers Level 7

Assessment Task

Scenario

Taiao Geotech is a consultancy company specialising in the field of Geotechnical and Environmental engineering. Ms. Marama Smith, the co-director of the company, is responsible for managing the IT network. The company is located at Auckland CBD and has it’s 10 employees working on two floors.

The company has around hundred clients from New Zealand and Australia.

Each employee has a company laptop which can be connected to company’s WLAN network. The guests and clients of the company also get connected to the same WLAN network. Apart from that, they have five desktop PCs, a network printer and three servers including a web server with Basic Windows firewall running on their premises.

The following are some security events and incidents that affected the company in recent times.

1. Many staff were complaining about the performance of their PCs. The PCs had issues with malware, virus, trojan and
2. The webserver of the company had a DDoS attack due to which both employees and clients

were not able to get to the company’s website.

3. The company’s client’s information system, which allows clients to upload their queries, documents, and draft plans, was compromised by an attacker. Although no documents were lost or altered, the breach created bit of a concern to some of the
4. There was a Wireless Man-in-the-middle attack on their WLAN
5. There were cross site scripting (XSS) attacks in the Guestbook webpage which was annoying as weird messages and pictures are often displayed when a client logged in to put a
6. Some staff member encrypted and stored passwords were

Taiao Geotech is now taking the ICT security of the company very seriously and wants to make some major changes to its network and ICT security policies.

Pompey Security Consulting (PSC) provides security consulting services to a wide range of businesses, individuals, schools, and organizations. Ms. Marama Smith has asked PSC to provide them a detailed report on how they can plan and implement an upgraded security system for their network with the budget they have allocated. PSC has hired you as a technology student to help them with this new project and provide real-world experience to students who are interested in the security field.

You are required to analyse the general risks and attacks to networking services in such set up and recommend strategies to enhance security. You are also required to apply advanced skills to analyse the given security events and incidents and recommend solutions for the business. You need to use advanced security models, tools and techniques to secure the networks and it’s applications.

Read the following requirements carefully and use them to as a guide to writing the portfolio report:

Requirement 1: 20 marks

LO 2: Analyse risks and attacks to networking services and recommend strategies for enhancing security.

1. Analyse five risks or/and attacks that may occur in small to medium sized company’s computer network. Your analysis may include various type of network and networking services risks and attacks including but not limited to - attacks on network hardware, Denial of Sevice attack, Man in the middle attack, risk of privilege escalation, injection attacks. (2 marks per issue analysed, 10 marks max)

1. On each of the five risks or/and attacks analysed above (Requirement 1, a), recommend at least one strategy with relevant justifcation to enhance (2 marks per solution provided, 10 marks max)

Requirement 2: 20 marks

LO 3: Apply advanced skills to analyse security events and incidents to recommend security solutions for businesses.

1. Analyse five security events and incidents that happened recently in Taiao Geotech from the scenario (2 marks per solution provided, 10 marks max)

1. On each of the five security events and incidents analsed above (Requirement 2, a), recommend at least one security solution with relevant justification. (2 marks per solution provided, 10 marks max)

Requirement 3: 60 marks

LO 4: Apply advanced skills to secure a network and its applications by utilizing advanced security architecture, tools, and processes.

There are numerous ways to secure Taiao Geotech’s network, it’s operations and applications by using various tools, techniques and processes. You are required to implement the following five measures to secure the company’s network and it’s applications using the tools/ techniques/ processes prescribed.

For some of these tasks you will be required to have a virtual Windows server machine installed. You can do it by using Virtual Box.

1. In many networks, the most common method to authenticate a user's identity is to use a secret passphrase or password. A secure network environment requires all users to use strong passwords, which have at least eight characters and include a combination of letters, numbers, and These passwords help prevent the compromise of user accounts and administrative accounts by unauthorized users who use manual methods or automated tools to guess weak passwords. Strong passwords that are changed regularly reduce the likelihood of a successful password attack.

You can implement password policy settings to Taiao Geotech network to ensure all users have strong passwords which are regularly changed.

In your virtual Windows Server 2016 machine using the Account Policies, create a few users and set up the following password policy settings which can be implemented in Taiao Geotech.

Provide relevant screenshots of the settings as evidence. Also provide the evidence in the

case where user doesn’t try follow the policy. (1 marks per setting, 8 marks max)

1. Traffic filtering and blocking unauthorised network traffic also plays a huge role in network Windows Defender Firewall with Advanced Security provides host-based, two-way network traffic filtering and blocks unauthorised network traffic flowing into or out of the local device.

You can implement traffic filtering by blocking ports, pings and IP addresses in order to apply additional security to Taiao Geotech network by configuring your Windows Firewall based on the best practices can help optimize protection for devices in the network.

In your virtual Windows Server 2016 machine, using Windows Defender Firewall with Advanced Security, implement traffic filtering by conducting the following tasks:

1. Block the FTP traffic coming in and going out of your
2. Block the pings from all local IP and remote IP

• Block the following IP addresses from your local network – 168.1.5, 192.168.1.6 and 192.168.1.7 and any three common active IP addresses for Facebook.com.

Provide relevant screenshots of the settings as evidence. Also provide the evidence for your end results. (3 marks per filtering settings, 9 marks max)

1. Scanning for vulnerabilities and identifying the threats and risks of the system is another key element to have a secured

There are numerous tools to check the vulnerabilities of the system. Microsoft Baseline Security Analyser (MBSA) is one of the tools provided by Microsoft. There are other tools from third parties like Paessler PRTG, SolarWinds Network Security, ManageEngine Vulnerability Manager Plus etc which does the vulnerability testing of the individual system and the entire network.

The MBSA is an easy-to-use tool designed for IT professionals and helps small and medium- sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It is a standalone security and vulnerability scanner designed to provide a streamlined method for identifying common security misconfigurations and missing security updates.

You could implement vulnerability scanning tools at Taiao Geotech to assess the security threats within their network.

1. Using MBSA in your virtual Windows server machine, perform a vulnerabilty scan to assess the security threats of your system. Explain the results of your scan and provide relevant screenshots of the scan as (5 marks)

1. Using a third party tool, perform a vulnerabilty scan to assess the security threats of your system. You can use any one of these tools - Paessler PRTG, SolarWinds Network Security, ManageEngine Vulnerability Manager Plus. Explain the results of your scan and provide relevant screenshots of the scan as (5 marks)

1. An intrusion prevention system (IPS) is another form of network security that works to detect and prevent identified threats. Intrusion prevention systems continuously monitor the network, looking for possible malicious incidents and capturing information about them. The IPS reports these events to system administrators and takes preventative

The Cisco IOS Intrusion Prevention System (IPS) acts as an in-line intrusion prevention sensor that scans packets and sessions as they flow through the router to match any Cisco IOS IPS signature.

You could implement Cisco IOS IPS at Taiao Geotech to scan packets and sessions as they flow

through the company’s main router.

1. Create the network setup of the company’s wired network in a Network Simulator. The company network setup should have 5 PCs, 3 servers, a printer, a switch and a The company router is connected to the ISP router through a serial link. The ISP has a PC connected to the router at their end. Ensure there is full connectivity between the PCs in the company’s network annd the PC in ISP network.

Provide relevant screenshots of the simulation as evidence. (5 marks)

1. Enable IOS IPS on the router of the You can do this by the following process

– creating an IOS IPS, configuring IPS signature storage location, creating IPS rule, enabling logging, configuring IOS IPS to use signature categories and applying the IPS rules to an interface.

Provide relevant screenshots of the simulation as evidence. (10 marks)

• Now modify the signature and verify if the IPS is working You can do this by the following process – changing the event-action of a signature and verifying the if the IPS is correctly working.

Provide relevant screenshots of the simulation as evidence. (8 marks)

1. Information security is also very important in any kind of network. One way to secure the information is by using cryptography. Cryptography is the science of transforming information into a secure form so that unauthorized persons cannot access

You could implement cryptography at Taiao Geotech to encrypt various important documents, files and folders.

In virtual Windows Server 2016 machine, download and run Cryptool ( an application for cryptograpghy) and perform encryption and decryption conducting the following task.

4. Use simple symmetric encryption “Caesar” to encrypt the following letter from Marama Smith with the Key entry as to Number value 4. Explain how is this encryption done.

Analyse the encryption and making some good guesses, decrypt the ecrypted letter to plaintext.

Provide relevant screenshots of the encryption and decryption process as evidence.

(3 marks)

1. Now use Rijndael (AES) symmetric encryption to encrypt a file attached to this You will be provided with the text file Secret.txt with this assessment.

Encrypt the content of the file with the key generated by a password “Mysecret”. Use

MD5 hashing to generate the key for the password.

Provide relevant screenshots of the encryption process as evidence.

(3 marks)

• Assuming you have no idea about the password or its hash, use Brute-force analysis to analyse the encryption of the text file Secret.txt. Specify how long will it take to decrypt the

Provide relevant screenshots of the decryption process as evidence.

(2 marks)

1. Now, assuming you somehow know the first 28 hexadecimal numbers of the MD5 hash, use Brute-force analysis to decrypt the content of the

Provide relevant screenshots of the decryption process as evidence.

(2 marks)

Report Structure, English Writing and APA references

The academic report needs to be presented in formal report writing format with a word limit of 3000 (±10%).

The document needs to be presented in proper structure following the requirement specified in English Writing and Layout Requirements found in page 3. Aim for grammatical/and spelling error-free. Apply APA 7th edition as referencing styles to both in-text citation and reference list.

Note: Check the marking criteria on pages 10– 15 for the marks allocation and marking guideline to ensure you gain optimum marks.

DNCT703 Network and Cloud Security

Assessment 2 – Project Portfolio Marking Criteria

LO 1: Analyse risks and attacks to networking services and recommend strategies for enhancing security

LO 3: Apply advanced skills to analyse security events and incidents to recommend security solutions for businesses

LO 4: Apply advanced skills to secure a network and its applications by utilizing advanced security architecture, tools, and processes