Evaluate a current system’s network security

Evaluate a current system’s network security

Learning outcomes (Awarding body Specification)

Understand the impact on the social and commercial environment of network security design.
Be able to design network security solutions.
Be able to implement network security solutions.
Be able to manage network security solutions.
Assessment Criteria (Awarding body Specification)

Evaluate a current system’s network security
Discuss the potential impact of a proposed network design
Discuss current and common threats and their impact
Design a network security solution to meet a given specification
Evaluate design and analyse feedback
Using a design, implement a complex network security solution
Systematically test the complex network security solution
Document and analyse test results
Manage a network security solution
Analyse ongoing network security policies and practices
Recommend potential change management
Assignment Scenario

In today’s world of the internet and ecommerce, many companies lack the expertise and training to secure their critical network infrastructure and data. Because of this fallacy, many companies’ infrastructures are subject to being compromised. With extortion, cyber theft, malicious attacks and internal theft occurring at an unprecedented pace, many companies are just becoming aware of the aforesaid problems. While a few companies and corporations awaken to a new world of problems, many continue to sleep, totally oblivious to what is happening as they go about their daily work.

Video and Audio Components Ltd (VAC) is a small company which specialises in the sourcing and distribution of high-end video and audio components for audiophiles and organisations which have large-scale, and sometimes complex, requirements for the components that they stock or can procure, including large flat panel TVs, surround sound systems of varying scale and complexity, and a huge range of accessories which can be connected to these.

Currently, VAC has an internal chain of supply that is networked using a local area network (LAN). So far, this has helped the company reduce costs and respond to customer orders quickly. Company communications and data relating to component stock planning, distribution, and support are increasingly being undertaken using this network, which the company is constantly upgrading to increase sales performance.

Although VAC’s supply chain data and company communications have been secure so far in accordance with its current size as a local area network, the company plans to significantly increase the size of its supply chain to include outside suppliers and customers, with whom it wishes to communicate using its current network and the new Wide Area Network (WAN) which will give it connectivity nationally.

Assignment Tasks

Task 1 –

This task concerns you understanding the impact on the social and commercial environment of managing a complex network security solution.

The general manager has requested that you discuss the impact on social and commercial environment of network security on VAC Ltd. (about 1500 words).

Section A: Your answer should include the discussion of the following:

Threats: Management of threats eg awareness, current threats, access policies

Social impact: Organisation trust eg data credibility, corporate trust, financial trust; social engineering; law enforcement involvement

Security policy: Review and management eg access to systems, forensic analysis of systems

Impact on productivity: Loss e.g., systems recovery, data recovery, loss of services; legal proceedings

Estimating risk: Penetration testing; audits eg internal and external; procedures eg contingency planning

Further compare and contrast 5 of the above elements

Material should be of appropriate levels and presented in a logical and accurate manner matching the stated requirements for each task. Some use of referencing is made.

Make 3 recommendations for the importance of the Network Security

Independent research, outside that provided in course materials, has been utilised to prepare the work and appropriate assumptions are made and justified where detailed scenario information is not available

Task 2 –

This task concerns you being able to design complex network security solutions.

The general manager has requested that you use the following principles to design a network solution for VAC Ltd using CISCO Packet Tracer. (About 1500 words).

Section B: Your answer should include the discussion and design and implementation of the following:

LAN design: Technical response eg, MAC control, VLAN (Virtual Local Area Network) security, ARP (Address Resolution Protocol) poisoning, VLAN design; trunk design

WAN design: Technical response eg, access control lists, traffic filters, DMZ (Demilitarised Zone) management

Server deployment: Security needs according to server specification eg printer access, file management, data management, email

Border systems: Intrusion Detection Systems (IDS) eg firewalls filters and rules, application and packet monitoring, trust

User access: User group e.g., group membership, user group allocation, attribution of rights; rights eg file, server, service, data, hardware, printer, email

Physical security: Power resilience and supply; physical access control eg lock and key, electronic access control, biometrics; backup eg data, configuration, imaging; recovery policies

Implement IP Addressing on all your Devices

Material should be of appropriate levels and presented in a logical and accurate manner matching the stated requirements for each task. Some use of referencing is made. Using annotated screen shots.

Implement Router Security and Wireless security on your devices

Independent research, outside that provided in course materials, has been utilised to prepare the work and appropriate assumptions are made and justified where detailed scenario information is not available using annotated screenshots.

Task 3 –

This task concerns using a given design to implement and manage a complex network security solution.

The general manager has requested some aspects of the network security applied to devices and troubleshooting process to be documented as a guidance for their technician. In this task you are given a copy of VAC’s current network on a USB (see below the diagram). This is fully set up and configured in Cisco Packet Tracer virtual tool. All branches are operational but configurations alone do not completely secure a network. You are required to secure some critical areas of this network and its devices as listed below under section A. After applying these security solutions, the outcome needs to be checked, reviewed and fully documented (about 1500 words).

Section C:

Device hardening

Apply encrypted passwords to all routers and switches in VAC’s network. List commands used and produce screen shots of configuration files and enable access mode to show the outcome.

Configure Packet filtering

Currently everyone in Branch 1 has access to the FTP server in the server farm. This needs to be limited to only Branch1 admin Laptop. Use an ACL to allow access only from the Admin laptop while denying everyone else in that subnet. List the commands used and take screenshots to show the process involved in both access and fail connections to the FTP server.

Setup a remote secure tunnel

Use SSH to establish a secure remote access to one of the routers. List the commands used and take screenshots to show the process involved while attempting secure connection.

Section D: Configure a packet inspection security

The company has recently purchased a Cisco’s Adaptive Security Appliance (ASA5505) as a firewall and the general manager would like you to provide them with information, showing how to set it up with a packet inspection security between 2 VLANS. Use the following diagram to set it up in Packet Tracer, configure and document the results and any troubleshooting aspects.

• Provide some guidance on Software Restriction Policy

Research and list some potential vulnerabilities that could be exploited in a network environment.
Section E:

Evaluate one specific policy on the periodic review of user access (physical and system level).
Evaluate 2 commercial security audits e.g. source code analysers, password and encryption crackers, proxy tools.
Evaluate 2 changes in infrastructure/procedural management e.g. network device removal/addition and/or service/user group addition/removal.
Use a segment of your network security solution in Section B to deploy an IP management tool to monitor traffic, peak flow and user access patterns. Troubleshoot the process and produce relevant documentation.
Present and Communicate Findings

Material should be of appropriate levels and presented in a logical and accurate manner matching the stated requirements for each task. Some use of referencing is made.

Take responsibility for managing and organising activities.

Independent research, outside that provided in course materials, has been utilised to prepare the work and appropriate assumptions are made and justified where detailed scenario information is not available.

3000 words

10 references

Order from us and get better grades. We are the service you have been looking for.