| Assessment Details and Submission Guidelines | |
| Trimester | T1, 2019 |
| Unit Code | BN200 |
| Unit Title | Network Security Fundamentals |
| Assessment Type | Group Assignment (3 Students in a group) |
| Assessment
Title |
Security Threats and Countermeasures in Networked Systems (Assignment 2) |
| Purpose of the assessment
(with ULO Mapping) |
The purpose of this assignment is to develop skills to independently think of innovation. Students will be able to complete the following ULOs:
c. Explain the major methodologies for secure networks and what threats they address; d. Identify and report network threats, select and implement appropriate countermeasures for network security. |
| Weight | 20% |
| Total Marks | 60 |
| Word limit | 1500 – 2000 |
| Due Date | 23:55PM, Tuesday 28/05/2019 |
| Submission Guidelines | • All work must be submitted on Moodle by the due date along with a title Page.
• The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2.54 cm margins on all four sides of your page with appropriate section headings. • Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. |
| Extension | If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School’s Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment.
Further information is available at: http://www.mit.edu.au/about–mit/institute–publications/policiesprocedures–and–guidelines/specialconsiderationdeferment |
| Academic
Misconduct
|
Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about–mit/institute–publications/policiesprocedures–and–guidelines/Plagiarism–Academic–Misconduct–PolicyProcedure. For further information, please refer to the Academic Integrity Section in your Unit Description. |
SM Farhad April, 2019
Assignment Description
New World Consulting Services (NWCS) provides security consulting and services to over 200 clients across a wide range of enterprises in Australia. A new initiative at NWCS is for its two offices in Sydney and Melbourne to provide internships to students who are pursuing their studies in reputed institutes in Sydney and Melbourne in the field of Networking.
To evaluate suitable candidates for this prestigious internship program, NWCS has asked applicants to prepare a detailed report and a presentation addressing the following sections:
A. Preventing Vishing Attacks (maximum 500 Words)
Vishing, or voice phishing, continues to increase as an attack against users. What would you do to help prevent users from becoming victims? First, access the online SoundCloud repository by NumberCop that contains several different recordings for vishing attacks (https://soundcloud.com/numbercop). After listening to several of the recordings, based on your analysis address following:
- What attackers typically ask and how they craft their attacks?
- What messages do the attacker commonly use?
- How do they trick users into entering the information?
- Write your recommendations that would help users resist these attacks.
B. Lightweight Cryptography (maximum 500 Words)
Cryptography can provide protection to data in three states: data-in-use, data-in-transit and data-at-rest. Due to the importance of incorporating cryptography in low-power devices, a new “subfield” of cryptography is being developed called lightweight cryptography. This has goal of providing cryptographic solutions that are uniquely tailored for low power devices that need to manage resource vs. security constraints. Research lightweight cryptography and address following:
- What are its goals? Who is behind it?
- Will it be standardised? When will it appear?
- One practical networked application area that will use lightweight cryptography.
C. Network Firewall Comparison (maximum 500 Words)
Research two network firewalls. Your discussion must include
- the importance of the Firewall from information security point of view.
- comparison of features of selected firewalls (using Table)
- additional features they include (IDS, content Filtering, etc.)
- your recommendation based on your analysis
D. Compare Port Scanners (maximum 500 Words)
Most communication in TCP/IP networks involves the exchange of information between a program running on one system (known as a process) and the same, or a corresponding process, running on a remote system. TCP/IP uses numeric value as an identifier to the application and services on these systems. This value is known as the port number.
Use the library resources to locate two port scanner applications that you can download to your/lab computer on Virtual machine (Kali Linux /Windows 8.1 Professional) in Virtual Box. Install and run each application and examine the results. Based on your study, address following in this report
- Analyse and discuss the importance of port scanners
- Include the snap shots related to port scanning using both applications
- Identify and discuss the strengths and weakness of each scanner
- Which scanner would you recommend? Justify your recommendation.
E. References
Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style.
Note: Every group will create a 7-10 minutes presentation and present their work front of your class fellows and tutor during the Lab in Week 12.
[Source: M. Ciampa, Security+ Guide to Network Security Fundamentals, 6th ed. Cengage, 2018.]
Submission Guidelines
- The assignment should be submitted on the Moodle in two separate files:
o The report should be submitted as a Word file o The presentation should be submitted as a PPT file Do not use Wikipedia as a source or a reference.
- Make sure you properly reference any diagram/graphics used in the assignment.
Marking criteria for Assignment #2
| Section to be included | Description of the section | Marks |
| Preventing Vishing
Attacks
|
Based on your analysis address following:
1. What attackers typically ask and how they craft their attacks? 2. What messages do the attacker commonly use? 3. How do they trick users into entering the information? 4. Write your recommendations that would help users resist these attacks. |
12 |
| Lightweight Cryptography | Research lightweight cryptography and address following:
1. What are its goals? Who is behind it? 2. Will it be standardised? When will it appear? |
12 |
| 3. One practical networked application area that will use lightweight cryptography.
|
||
| Network Firewall Comparison | Research two network firewalls. Your discussion must include
1. the importance of the Firewall from information security point of view. 2. comparison of features of selected firewalls (using Table) 3. additional features they include (IDS, content Filtering, etc.) 4. your recommendation based on your analysis |
12
|
| Compare Port Scanners | Based on your study, address following in this report
1. Analyse and discuss the importance of port scanners 2. Include the snap shots related to port scanning using both applications 3. Identify and discuss the strengths and weakness of each scanner 4. Which scanner would you recommend? Justify your recommendation. |
12 |
| References | Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style. | 2 |
| Oral Presentation | Delivery of the presentation (quality of the presentation, depth of knowledge on the material presented and ability to answer questions asked by the audience) | 10 |
| Total Marks | 60 |
Marking Rubric for Assignment #2
| Grade Mark | HD 80% + | D 70%-79% | CR 60%-69% | P
50%-59% |
Fail
<50% |
| Excellent | Very Good | Good | Satisfactory | Unsatisfactory | |
| Preventing
Vishing Attacks /12 |
A very detailed and very clear discussion | A well written and clear discussion . | Generally good discussion . | Very brief discussion. | Poor discussion with irrelevant details |
| Lightweight
Cryptography /12 |
A very clear and in-depth discussion about Lightweight cryptography | Very clear discussion about Lightweight cryptography | Generally good discussion about Lightweight cryptography | Brief discussion about the Lightweight cryptography | Poor discussion about Lightweight cryptography with irrelevant information |
| Network
Firewall Comparison |
A very detailed and very clear discussion | Very clear discussion about
Network |
Generally good discussion about
Network |
Brief discussion about Network
Firewall |
Poor discussion with irrelevant information |
| Grade Mark | HD 80% + | D 70%-79% | CR 60%-69% | P
50%-59% |
Fail
<50% |
| /12 | about Network Firewall comparison | Firewall comparison | Firewall comparison | comparison | |
| Compare Port
Scanners /12 |
An in-depth and very clear discussion about the Port scanners | Very clear discussion about the Port scanners | Generally good discussion about the Port scanners | Brief discussion about the Port scanners | Irrelevant discussion about the Port scanners |
| References
/2 |
Clear styles with excellent source of references. | Clear
referencing style |
Generally good referencing style | Unclear referencing style | Lacks consistency with many errors. |
| Oral
Presentation /10 |
Good delivery, easy to follow and good interaction | Delivered, easy to follow and provided a level of interaction | Delivered and provided a level of interaction | Delivered | No oral presentation |