Assignment Task
Task
Network Security
A-Plus Writing Help For University Students
Get expert assistance in any academic field. All courses and programs covered.
Get Help Now!Overview
The following assignment will require you to demonstrate skills you have learnt in the course INFT 3015 Network Security. The case study has you as a network consultant brought in to work on a new network design for Fully Unreal Reality. Each deliverable has been listed below to assist you in planning the report. For full marks, a professional report meeting all deliverables must be submitted before the due date. In summary, this assignment requires you to create a report for a particular penetration/testing tool, along with a suitable network design for the given case study, you will then implement your security policies using Netlab. This is a large assignment and will require significant time investment on research and writing. Do not start this assignment late. It is important you justify your choices in each deliverable.
Deliverables
This assignment requires you to complete multiple deliverables:
• Penetration/Testing Tool Report (Word/PDF),
• Demonstration Video (MP4/AVI/MKV),
• Logical Network Diagram (PNG file),
• Security Policies (Firewall Policies) Document (Word/PDF),
• Traffic Flow Diagrams (PNG files),
• Traffic Flow Support Document (use cases, other justification) (Word/PDF),
• Equipment List (Word/PDF),
• IP addressing scheme (IP assignment table + VLAN table) (Word/PDF/Excel).
Some of these should be combined, such as the Word documents. It is up to you to make this work in a professional manner. You will be partially marked on professionalism of your reports. Justifications and assumptions for the deliverables should be included when relevant.
Your Learnonline submission should contain:
• Word Documents/PDFs,
• Excel file,
• Video file,
• Diagram files (PNGs).
Part 1 – Investigate Penetration/Testing Tools
The first part of this assignment focusses on research. Cybersecurity tools for red/blue teams. The first step is to pick the tool you will investigate. The list of tools available to use is on the Learnonline site. Up to 4 people can pick the same tool, you MUST join the team for the tool to use it in this part of your assignment. If you use a different tool that is not listed or do not join a team for a tool you will receive a zero (0) for this section of the assignment.
Assignment: Updated Security Policy Essay
Tool Overview and Comparison
The next step is to outline the tool, its primary functions, and features and why it is an important tool for red/blue teaming. Include the target audience for the tool (red/blue/purple) and the MITRE ATT&CK Enterprise tactic(s) for the tool. Further to this, discuss how this tool may impact a business if used unethically by malicious actors. Compare the tool to two other tools available to cybersecurity teams, use the primary tactic to research other tools that exist. Your comparison should be based on relevant factors to that tactic (the techniques and sub-techniques), and other factors you deem reasonable. You can find the tactics to techniques ATT&CK Matrix for Enterprise.
Demonstration of Tool
The final task for this section is to record a (at maximum) 10-minute video demonstrating the tool in a secure and offline virtual environment. You may find TryHackMe’s AttackBox to be of assistance with this step. You may also build your own virtual environment using VirtualBox/VMware if you wish to. If you are opting to build your own virtual environment, you should know how to secure it and prevent access to the Internet.
Your demonstration should include:
- An overview of what the demonstration will cover,
- A live demonstration against a virtual target (not your computer or someone else’s computer, remember your ethics). This should also include you explaining what is happening during the demonstration.
Part 2 – Case Study
Fully Unreal Reality (FUR) is a growing enterprise in need of a new design for their network. FUR now specialises in virtual reality headsets and is an industry leader in this field. Along with this, FUR has branched out further into VR games, becoming an industry leader in using haptic feedback to imitate human touch in games. They have excelled in creating cheap, but high quality, virtual reality headsets and haptic suits for gaming consoles and PC gamers. FUR have decided to move their headquarters, opting for a more modern and liveable location: Mawson Lakes Technology Park (Tech Park). This has put them in the difficult position of needing a network built for their new headquarters and their branch offices to be upgraded. FUR’s previous head office in Sydney will become a branch office. Their Adelaide CBD branch office will move to Tech Park and will require significant upgrades to support the number of staff and devices.
FUR has a few servers at each company location: Web, File and Email. Servers should all have externally accessible IP addresses. Servers and printers should also have an internal (private RFC 1918) static IP address. Other end devices will retrieve their IP configuration from DHCP. Servers should be in a DMZ zone; this means that a server should not be able to ping/access internal devices unless the internal device initiates the connection.
Certain teams should also not be able to contact other teams. A list of general security policies (not business policies, firewall policies) include:
HR should not be accessible by any team.
The entire Virtual Reality (VR) department should not be contactable from any other team.
- Teams inside the VR department should be able to contact each other.
VR Game Design team should be accessible to only the Game Design team.
- The Game Design team should still have access to everything else.
All departments should have access to the Internet. Certain limitations apply:
- The VR department should have no access to Bandwidth Consuming, Potentially Liable, Security Risk, and Unrated web filter categories.
- The Art department should have no access to Social Networking.
- The entire company should have no access to: Adult/Mature Content, Security Risk categories.
- Social networking should be restricted to 30 minutes a day for every department except Art.
Virtual Reality is high-bandwidth capable and as a result, traffic from the Virtual Reality department to anywhere should be limited to 100Mbps.
Your role in this is to be the network consultant, providing a new network design, equipment list, security policies and traffic flow diagrams. This new design should support the expected growth in 5 years, as shown above. You need to calculate the new headquarter staff numbers. Staff are not expected to be made redundant in the transition to Tech Park. You are free to base the Sydney branch office staffing levels off Adelaide/Melbourne’s current staffing levels.
Network Design
You are required to create a logical network diagram and IP addressing scheme (IP assignment table + VLAN table) for the entire new network. This means that Sydney will be a branch office in your diagram and Tech Park will exist. Use your knowledge of network design learned in other courses and the workshops to assist you in creating a logical diagram suitable to the new network. Remember, you are marked on suitability, scalability, security, redundancy, and all the other network design factors that you have learnt. You may want to go back to previous course Learnonline sites to assist you with implementing network design factors appropriately. You can also view the Network Design video on the course website.
Your logical diagram should be drawn using Draw.IO
You are given significant freedom in what you choose to do in terms of design, link speeds and hostnames. Keep all decisions appropriate to the case study, include justifications and assumptions. Draft Security Policies & Traffic Flow for Tech Park Headquarters After you have decided on your new design it is time to write your draft security policies and illustrate how the network will work with the draft security policies implemented. You only need to create these policies, use cases, and traffic flow diagrams for the new Tech Park Headquarters. Your draft security policies should be written like how you would write a firewall policy (they will be implemented as firewall policies in Part 3). These draft security policies should take the form of a table. The format of the table is up to you to decide on and make. All policies should use the same table format.
Traffic flow diagrams should clearly illustrate how traffic will move throughout the network in different use cases. At the very least a traffic flow diagram should show:
• Who initiated the connection in the use case,
• Where the traffic flow is allowed to go,
• Where the traffic flow is not allowed to go.
You will need to create more than one traffic flow diagram. You may find it easiest to write several use cases to show network activity (“HR connects to the Internet”, “VR connects to the Art department”) and then draw traffic flow diagrams based off the use cases. Ensure the use cases are included in your traffic flow supporting document.
Equipment List
The second task in this part is to create an equipment list. This may take the form of paragraphs for each device or a table which cleanly outlines the equipment that has been chosen for the new network design.
Equipment for this new network should include:
Networking devices (NOT consumer-based devices, enterprise vendors only):
- Routers,
- Layer 3 switches,
- Layer 2 switches,
- Access Points,
- Wireless LAN Controllers.
Firewall appliances (these MUST be Fortinet).
Prices for the above
- Licensing
- Hardware
The equipment list should not include:
• Printers,
• Servers,
• Other end devices.
All equipment choices should be justified and compared to other potential solutions. All choices should also be researched, particular attention should be paid to the port speeds, density, and compatibility with Fortinet. It is not appropriate to state, “Because it will work well for this company”. Your equipment list should include references, you might find footnotes to be particularly suitable. A footnote should include a link to the website/resource and the date you viewed it.
Part 3 – Implementation using Netlab/Remotelab
As a part of the new design FUR wants to see the implementation of your security policies on a simulated environment. For this we will use Netlab/Remotelab which you have all used for your practicals. Your implementation will be different depending on your design you have created above. You will be marked by the consistency between your security policies (firewall policies) that you have implemented on Netlab and the listed policies in Part 2 of the assignment. Netlab has a standardised pod design that cannot be changed. As a result of this, you are not required to create a complete, functioning network. You will, however, implement certain aspects of your design.
You should use the Local-FortiGate device (access through the Local-Client machine) to implement the following:
• The security policies you have created in Part 2 (as firewall policies),
• Web filter profile(s) – these should be applied to the appropriate firewall policy as well,
• App control profile(s) – these should be applied to the appropriate firewall policy as well,
• Traffic shaping profile(s),
• Relevant IP address objects,
• SNAT/DNAT.
You are required to create screenshots of your implementation (GUI and/or CLI) and organise them in a Word document for submission. Be careful to include all details in your screenshots, you may need to take more than one screenshot for the feature implemented. A short description for each screenshot or section should clearly tell the reader what part is being implemented.
This INFT 3015–IT Computer Science Assignment has been solved by our IT Computer Science Expert at TV Assignment Help. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing Style. Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered.
You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turn tin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction
Welcome to our Online Essay Writing Agency. Securing higher grades costing your pocket? Order your assignment online at the lowest price now! Our online essay writers are able to provide high-quality assignment help within your deadline. With our homework writing company, you can order essays, term papers, research papers, capstone projects, movie review, presentation, annotated bibliography, reaction paper, research proposal, discussion, or another assignment without having to worry about its originality – we offer 100% original content written completely from scratch
We write papers within your selected deadline. Just share the instructions