Cyber Security Threat Assessment and Network Design Implementation ICTNWK509
- Subject Code :
ICTNWK509
STUDENT - PRODUCT ASSESSMENT TASK
PRODUCT ASSESSMENT TASK
|
Task Number |
2 of 3 |
Task Name |
Identify network security threats |
|
National unit/s code |
VU21991 ICTNWK509 |
National unit/s title |
Implement network security infrastructure for an organisation Design and implement a security perimeter for ICT networks |
|
National qualification code |
22334VIC |
National qualification title |
Certificate IV in Cyber Security |
|
RMIT Program code |
TBC |
RMIT Course code |
TBC |
Section A- Assessment Information
|
Assessment duration and/or due date |
Teaching staff to confirm duration and date. |
|
|
Task Instructions |
||
|
Type of Product (tick which applies) Project ?Report ?Portfolio ?Case study
Summary and Purpose of Assessment This assessment is designed to allow the student to demonstrate their skills and knowledge in the undertaking of a security threat assessment for an existing network architecture. This requires the student to demonstrate the following:
Assessment Instructions Students are required to review existing network topologies and security solutions and to identify the range of security risks to the organisation, and to design and implement a Wireless Local Area Network (WLAN) proxy server implementing Application Service Redirection (ASR).
What The following tasks must be completed in this assessment: You have recently been employed as a Cyber Security Consultant for IT Assurance Services. IT Assurance Services specialises in the provision of ICT services to a range of small and medium enterprises, including the conduct of cyber security vulnerability assessments and the subsequent design and implementation of risk mitigation solutions to secure client systems. Task 1 Your employer has asked you to review the existing network infrastructure for their client Koko Pty Ltd, to identify security issues with their existing network infrastructure. Koko Pty Ltd have also identified that they have a risk relating to continuity of services during upgrades and device failure. In addition to the detailed threat report, they have requested that you update their network topology to allow for secure fallover and redundancy. For your submission you will provide the following files:
You will need to download the Packet Tracer file provided in CANVAS for the existing network topology. 1.Review the below network design for Koko Pty Ltd and complete a threat report based on the existing network topology and configuration: a.Identify the network security architecture in place within the existing topology and identify at least 10 security issues associated with the existing network setup. For each of these security issues you must provide a recommended solution for rectifying the security vulnerability. This must include a combination of tools and procedures to mitigate the vulnerabilities. b.Provide an overview of the following types of security threats and attacks. For each of these threats and attacks provide an explanation of what they are, how they can impact on the organisation, and any vulnerabilities within the existing network infrastructure and configuration that provide a risk exposure to the organisation:
c.For each of the threats and attacks identified in 1b, provide recommended solutions for how these can be mitigated. These recommendations do not need to be limited to the existing network infrastructure and configuration as you will be redesigning this in future steps. Ensure that you identify the tools and procedures that will need to be implemented to minimise the risk. Task 2 Your employer has asked you to review the existing network infrastructure for their client Koko Pty Ltd, to identify security issues with their existing network infrastructure. Koko Pty Ltd have also identified that they have a risk relating to continuity of services during upgrades and device failure. In addition to the detailed threat report, they have requested that you update their network topology to allow for secure fallover and redundancy. For your submission you will provide the following files: CISCO Packet Tracer Files 2.Setup a secure fallover and redundancy system to ensure continuity of services for Koko Pty Ltds network. a.Setup Hot Standby Router Protocol (HSRP) by adding two 1941 routers in between the main router and the customer network switch as shown in the topology below: On both routers configure a Virtual IP of 192.168.30.1. On HSRP1 configure the HSRP priority value to 110. Ensure that you share new networks under OSPF10. Test failover by using a continuous ping (ping-t) from Customer Web Server to Main Office Router and removing the cable from int G0/0 on HSRP1. b.Ensure that you save all of the changes that you have made to the Packet Tracer File to backup the amended network configuration to enable restoration as required. Note:The threat report must be presented in a workplace suitable format. You must ensure that the information presented can be clearly understood and interpreted by a range of stakeholders including senior management and the information technology department. Task 3 Now that the threat report has been completed, Koko Pty Ltd want to implement a solution to allow for visitors and guests to the site office to connect to a wireless internet service. For security reasons your employer has specified that you are required to set this up using a proxy server implementing Application Service Redirection (ASR). For your submission you are required to provide the following files: CISCO Packet Tracer Files WLAN Proxy Server Specifications document 3.Build the WLAN proxy server environment incorporating ASR which allows for secure guest access to Koko Pty Ltds internet service whilst protecting organisational data. a.Using CISCO Packet tracer, create the WLAN architecture for implementation within the Koko Pty Ltd network environment. Within your WLAN Proxy Server Specifications document provide a description of the WLAN architecture and how it fits within the existing network topology. b.Using the physical equipment in the lab environment, configure a WLAN device to allow for guest access. Within your WLAN Proxy Server Specification document describe the types of authentication and association methods used to secure the WLAN device. Outline the strengths and weaknesses of implemented authentication. c.Using the physical equipment in the lab environment, configure the proxy and build the environment. This service must be configured to block certain websites from being viewed. Within your WLAN Proxy Server Specifications document provide an overview of the operation of the proxy server as well as the server vulnerabilities associated with proxy services and the mitigation strategies which have been implemented to address these vulnerabilities. Note:This WLAN Proxy Server Specifications document must be presented in a workplace suitable format. You must ensure that the information presented can be clearly understood and interpreted by a range of stakeholders including senior management and the information technology department. Tasks 2b and 2c are to be completing using the physical equipment available in the lab environment. For the purposes of these steps only the topology for the WLAN Guest Access and Proxy Server need to be created. There is no need to physically recreate the entire network topology of Koko Pty Ltd. Task 4 Now that the WLAN Proxy Server has been implemented, you are required to conduct a test of a colleagues setup and configuration. This is comprised of two parts, the development of a WLAN security checklist and the use of tools to discover and interrogate the WLANs implemented by colleagues. For your submission you are required to provide the following files: Completed WLAN Security Checklist Findings from use of WLAN interrogation tools 4.Conduct an evaluation and test of a colleagues WLAN and proxy configuration. a.Create a WLAN security checklist. Use it to check the security of the WLAN and proxy configuration. This will require that you observe the setup and configuration and that you ask questions of your colleague to complete the security assessment. b.Interrogate the WLAN setup by your colleague using at least one of the following tools: i.Netstumbler ii.Aerosol iii.Airsnort Provide screen shots of the output from each of these tools to supplement the findings of the WLAN checklist. Note:You must submit the complete WLAN security checklist with the findings of your security assessment. This must be completed in full with accurate findings. The screenshots from the WLAN interrogation tools can be supplied as appendices to the WLAN security checklist or they can be provided separately. Where This assessment will be completed during classroom time and outside classroom time. The classroom will be a standard lecture or computer lab environment. Students must successfully complete all parts of this assignment to achieve a satisfactory result.
How Students will be assessed against the criteria listed in the marking guide in Section B of this task. To achieve a satisfactory result, students will need to address all criteria satisfactorily.
Instructions on submitting students Product Assessment Students need to submit this assignment through CANVAS with the naming convention of: Additional Instructions: 1.Attempt ALL the questions/tasks in this Assignment. 2.Performance requirement: a.Satisfactory (S) performance- met the minimum requirement of all the tasks listed for the Assignment Task. b.Not Yet Satisfactory (NYS) performance- did not meet the minimum requirement of all the tasks listed for the Assignment Task. 0.Students need to achieve satisfactory (S) results in all two (2) assessments to be deemed Competent (CA). |
||
|
Conditions for assessment |
||
|
You will be observed undertaking this assessment task by a qualified assessor. You can negotiate a suitable time and location for assessment at least one week prior to the assessment taking place. You must complete the task within the maximum allowed duration as directed by the assessor. This is an individual assessment task. You will be assessed individually against all assessment criteria. You can make arrangements with the assessor at least one week prior to the assessment due date if they require special allowance or allowable adjustment to this task. Students found in breach of assessment conditions can be charged with academic misconduct, have their results cancelled, be excluded from the program and receive other penalties. Penalties can also apply if a students test material is copied by others. Plagiarism is the presentation of the work, idea or creation of another person as though it is ones own. It is a form of cheating and is a very serious academic offence that may lead to expulsion from the University. Plagiarised material can be drawn from, and presented in, written, graphic and visual form, including electronic data, and oral presentations. Plagiarism occurs when the origin of the material used is not appropriately cited. RMIT special consideration is to enable you to maintain your academic progress despite adverse circumstances. The process for special consideration can be found athttp://www.rmit.edu.au/students/specialconsideration Students with a disability or long-term medical or mental health condition can apply for adjustments to their study and assessment conditions (Reasonable Adjustments and Equitable Assessment Arrangements) by registering with the Equitable Learning Services (ELS) athttps://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services Please ensure your full and correct name is written on the student version of this assessment task (do not use nicknames or abbreviations). You can appeal the assessment decision according to theRMIT Assessment Appeal Processes You will have the opportunity to resubmit any tools that are deemed unsatisfactory (one resubmission allowed per unit, so that means you have two opportunities to submit) |
||
|
Equipment/resources students must supply: |
Equipment/resources to be provided by RMIT or the workplace: |
|
|
Pens Notebook Laptop (optional) |
Onsite computers with internet connectivity Canvas access |
|
Section B Assessment Guide
|
TASK:
|
Students need to complete all the tasks listed below. Students must be deemed satisfactory in all the tasks to successfully complete this assessment. |
|
Key Criteria that must be demonstrated |
|||
|
Criteria for assessment |
Satisfactory |
Marking Guide
|
|
|
Y |
N |
||
|
1.Completed threat report for existing network topology and configuration. |
? |
? |
|
|
a.Identified the network security architecture in place within the existing topology and identified at least 10 security issues associated with the existing network setup. Provided recommendations for addressing the security vulnerabilities including tools and procedures. |
? |
? |
|
|
b.Provided an overview of the range of security threats and attacks, including a description of what they are, how they can impact on the organisation and any vulnerabilities within the existing network infrastructure and configuration that provide a risk exposure to the organisation: i.Malware ii.Trojans iii.Spoofing iv.Password attacks v.Ransomware |
? |
? |
|
|
c.Provided recommended solutions for the mitigation of the identified security threats and attacks. |
? |
? |
|
|
1.Setup a secure fallover and redundancy system to ensure continuity of services in the event of device upgrade or failure. |
? |
? |
|
|
a.Setup Hot Standby Router Protocol (HSRP) by adding two 1941 routers between the main router and the customer network switch ensuring that the correct configuration as specified is utilised to ensure correct fallover and redundancy operation. |
? |
? |
|
|
b.Backed up the network topology and configuration for easy restoration. |
? |
? |
|
|
2.Built the WLAN Proxy Server environment incorporating ASR to allow for secure guest access to Koko Pty Ltds internet service whilst protecting organisational data. |
? |
? |
|
|
a.Used CISCO Packet Tracer to create the WLAN architecture for implementation within the network environment, and provided a description of the designed WLAN architecture and how it fits within the existing network topology. |
? |
? |
|
|
b.Configured the WLAN to allow for guest access and described the types of authentication and association methods to secure the WLAN device including the strengths and weaknesses. |
? |
? |
|
|
c.Configured the proxy server and built the ASR environment to redirect http, SSH, Telnet and ftp network traffic to the redirection server. Provided an overview of the operation of the proxy server as well as the server vulnerabilities and the mitigation strategies implemented to address the vulnerabilities. |
? |
? |
|
|
3.Conducted an evaluation and test of a colleagues WLAN and proxy configuration. |
? |
? |
|
|
a.Created a WLAN security checklist and completed it for a colleagues WLAN and proxy setup using observation, questioning and active listening to ensure accurate results. |
? |
? |
|
|
b.Interrogated colleagues WLAN setup using either Netstumbler, Aerosol or Airsnort and provided screenshots of the output of the tool selected. |
? |
? |
|
Section C Feedback to Student
|
Has the student successfully completed this assessment task? |
Yes |
No |
|
|
|
|
||
|
Feedback to the student |
|||
|
Student signature
|
|
||
|
Assessor name and signature |
|
||
|
Date |
|
||
