Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May 2020
| Assessment Details and Submission Guidelines | |
| Trimester | T1, 2020 |
| Unit Code | BN223 |
| Unit Title | Cyber Security Principles |
| Assessment Author |
Dr Ghassan Kbar |
| Assessment Type | Group (of 4 students) (Assignment 2) |
| Assessment Title | Assignment 2 – Cyber Security Network Design and Assessment |
| Unit Learning Outcomes covered in this assessment |
Students should be able to demonstrate their achievements in the following unit learning outcomes: a. Understand the Common Security Countermeasures b. Managing security programs, and design a secure Network Topology |
| Weight | 25% of Total Assessment |
| Total Marks | 100 |
| Word limit | See instructions section |
| Due Date | 7 June 2020, Week 11 |
| Submission Guidelines |
All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using APA or IEEE referencing style for School of Business and School of Information Technology and Engineering respectively. |
| Extension | If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School’s Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment. Further information is available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and guidelines/specialconsiderationdeferment |
| Academic Misconduct |
Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute publications/policies-procedures-and-guidelines/AcademicintegrityPolicyAndProcedure. For further information, please refer to the Academic Integrity Section in your Unit Description. |
BN223 Cyber Security Principles Page 2 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
Assignment Description
Tasks:
There are two parts to this assignment, i.e. part A and part B.
A. Write a review article for the topic described below. Note that final mark of part A would be affected
by the presentation result of part B. This is to assure that students understand the work presented in
part A. 90 marks
B. Presentation (to present a maximum of 6 slides in 5 minutes) 10 marks
Part A description:
Topic – infrastructure can be limited to one location or, widely distributed, including branch locations
and home offices. Access to the infrastructure enables the use of its resources. Infrastructure access
controls include physical and logical network design, border devices, communication mechanisms,
and host security settings. Because no system is perfect, access must be continually monitored; if
suspicious activity is detected, a response must be initiated.
Figure 1 shows the topology of a network that has not been properly segmented.
The network topology consists of a Call center, a Branch, a Warehouse, and a Data center.
BN223 Cyber Security Principles Page 3 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
| | The Call center shows two file servers, one application server, and a database server that is connected together directly and diagonally. The file server on the left is connected to two |
laptops and the file server on the right is connected to a telephone. The application server is
connected to two servers on the right and left and to a switch.
The Branch consists of a file server that is connected to a laptop, telephone, and to a switch
that is further connected to a credit card reader at the top and to a server on the right and to a
database server at the bottom.
| | The Warehouse consists of a file server that is connected to a laptop and a telephone at the top, an application server at the bottom that is further connected to a database server at the bottom. |
The database server of the call center, branch, and the warehouse are connected to the two
database servers of the data center.
The data centers are connected to two application servers directly and diagonally. The
application servers are connected to two database servers at the bottom and to a firewall on the
right that is further connected to a switch. The application servers are connected to the “POS
Application” consisting of a set of two servers that are connected to each of the application
servers. Each server is again connected to the “Identity and Authentication System” consisting
of two application servers on the right and two servers on the left. The two application serves
on the left and right are connected to two servers. The switch at the top is connected to a service
provider that is further connected to acquiring banks.
You need to cover the following topics
A- Why Segment a Network?
Working from the inside out, network segments include the following types:
| |
Enclave network: A segment of an internal network that requires a higher degree of protection. Trusted network (wired or wireless): The internal network that is accessible to authorized users. Semi-trusted network, perimeter network, or DMZ: A network that is designed to be Internet accessible. Hosts such as web servers and email gateways are generally located in the DMZ. Guest network (wired or wireless): A network that is specifically designed for use by visitors to connect to the Internet. Untrusted network: A network outside your security controls. The Internet is an untrusted network. |
| | |
| | |
| |
1. Security Consideration when segmenting a network:
a. Apply security measures to secure the access of internal network.
BN223 Cyber Security Principles Page 4 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
b. Apply security measures to secure the access of external network.
c. Apply security measures to secure the access of perimeter network.
d. Apply security measures to secure the access of guest network.
e. Apply security measures to secure the access of data sent over public network.
B- Securing the Network Topology: The network topology in Figure 1 shows an enterprise that
has a call center, a branch office, a warehouse, and a data center. The branch is a retail office
where customers purchase their goods and the enterprise accepts credit cards. Users in the call
center and the warehouse have access to the resources in the Branch office and vice versa. They
also have access to resources in the data center. If any device is compromised, an attacker can
pivot (or move laterally) in the network.
1. List all assets at the branch and call centre, and assess the vulnerability associated with these
assets assuming that database server is based on SQL, and file servers and application servers
are running at Window server platform.
2. You need to redesign this network by adding relevant Firewalls to allow the traffic from the
credit card readers to communicate only with specific servers in the data center. Draw a
diagram to show the location of the proposed firewalls and explain their roles. (Note you need
to consider securing the access at different levels as described in network segmentation above)
a. Firewall can be based on content filtering or other techniques. Explain the role of
Content Filtering and Whitelisting/Blacklisting. Comment on which section (call
centre, branch, and warehouse) this content firewall would be helpful.
3. Explain the role of Border Device Administration and Management that can be used to
enhance the network security.
4. Different role of security team such as Blue, Red, and Purple can have impact of the network
security.
5. Creating a Request for RFP for Penetration Testing
You have been asked to send out a red team penetration testing Request for Proposal (RFP)
document.
a) Explain what is often referred to as a “red team.”
b) Explain the difference between a red team and a blue team.
c) Find three companies to send the RFP to. Explain why you chose them.
d) The selected vendor will potentially have access to your network. Describe the due
diligence criteria that should be included in the vendor selection process. Select one of
the companies from the previous step and find out as much as you can about them (for
example, reputation, history, credentials).
6. Access Control:
a. Explain the role of Border Device Security Access Control Policy
b. Explain the remote access security policy.
c. Develop a relevant User Access Control and Authorization Policy
d. The following example Role-based access controls (RBACs) (also called
“nondiscretionary controls”) are access permissions based on a specific role or
function. Administrators grant access rights and permissions to roles. Users are then
associated with a single role. There is no provision for assigning rights to a user or
group account.
Let’s take a look at the example illustrated in Figure 2
BN223 Cyber Security Principles Page 5 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
In the sample “Omar (Engineer)” is shown at the top right and “Jeannette (Sales)” is shown at
the bottom right. The Access is granted to three Engineering Servers and Applications at the
top left from the Omar. From Jeannette, the Access is granted to the Sales Applications at the
bottom left and the Access is denied to the Engineering Servers and Applications.
i. Explain why Omar can access the Engineering servers and applications but not
Jeannette.
ii. Give examples on how to implement Role-based access controls in Windows and Linux
7. Explain a relevant Monitoring System Access and Use Policy
Reviewing user access permissions can be a time-consuming and resource-intensive process
and is generally reserved for applications or systems that have information classified as
“protected” or “confidential.”
a) Comment if student portal at your school would be subject to an annual user access
permission audit or not and why.
b) Automating review processes contributes to efficiency and accuracy. Research options for
automating the user access review process and make a recommendation.
8. Researching a DDoS Attack:
a. Find a recent news article about DDoS attacks.
b. Explain who were the attackers and what was their motivation.
c. Describe the impact of the attack, and what should the victim organization do to mitigate
future damage.
9. Analyze the network availability at the Datacenter and develop a Business Continuity plan to
handle a possible crisis associated with flood or earthquake.
Reference: Sari Greene, Omar Santos, “Developing Cybersecurity Programs and Policies, Third
Edition”, Pearson IT Certification, July 2018.
Instructions:
Prepare your article as below
BN223 Cyber Security Principles Page 6 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
1. Go to the IEEE website and download the WORD template for the format.
https://www.ieee.org/publications_standards/publications/authors/author_templates.html
2. Another link for the template:
https://www.ieee.org/publications_standards/publications/journmag/ieee_tj_template_17.pdf
3. Read and familiarize yourself with the instructions carefully.
4. Prepare a paper using the IEEE format and the example attached. Follow the template if there are any
confusions. Also, refer to the link below to have ideas how to start (see section 6).
(https://www.ieee.org/publications_standards/publications/authors/author_guide_interactive.pdf)
5. Complete the assignment (minimum 5 and maximum 10 pages) including all the sections below
except references. The number of words will be counted thoroughly and you must keep the
minimum number of words to avoid any penalties.
| | Title | (maximum 15 words) |
| | Declaration: stating the names of students and their contribution in the paper | |
| |
Abstract Introduction Literature Review Main body Conclusion References |
(200 – 250 words) (500 – 1000 words) (500 – 1000 words) (1000 – 1500 words) (200 – 300 words) (minimum 10 references) |
6. The article must be a ‘Review’1 article including at least 10 references and not more than 25.
7. Strictly follow the IEEE reference format for in-body citations and the references section.
8. See the files listed in 4 for guidance on how to prepare a review paper. You can also find thorough
instructions from IEEE and the Internet.
9. Contents must include:
| |
History and background of the topic What are the challenges and drawbacks, what solutions and workouts they found Possible options (solutions) and future research areas proposed Scopes of topic, progress of developments such as requirements, benchmarking, purposes & objectives, stakeholders, owners, roles and responsibilities where applicable. Flowchart Include a minimum of two (2) figures to show the overall concept and summarized overview of the topic from the review of minimum 10 – 15 (but not limited to) papers. Include some tables to summarize the result of findings |
| |
|
| |
1 See http://www.editage.com/insights/6-article-types-that-journals-publish-a-guide-for-early-career-researchers
BN223 Cyber Security Principles Page 7 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
| | How each organization approaches, initiates, develops procedures and ownerships, and what results they got, and how it affected their businesses. What you conclude in terms of the topic/solutions to implement in an organization. Consider other aspects to include for a good review paper. |
| |
10. Remember to strictly follow the template and the instructions above to avoid penalties.
Part B description:
Prepare 5-6 slides for presentation during the lab class. Read the instruction attached carefully.
BN223 Cyber Security Principles Page 8 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
Marking criteria:
Example of marking criteria is shown in following table. Marks are allocated as follows:
Note: The marking criteria varies for each assignment
| Section to be included in the report |
Detailed Description of the Criteria | Marks |
| Conforming to the template and format |
No marks will be given and severe penalties will apply for any breach of the format and template. Fonts, sizes, spacing, captions, headings, page size limitation etc. will also be checked thoroughly. Be thorough and follow fully when using the template and format instruction to avoid penalties. |
10 |
| Figures and tables created |
They should be created yourself and not copied from elsewhere. For full marks you should create at least 2 figures and 2 tables. Any other figures or tables taken from references must be cited correctly in the assignment. |
10 |
| Literature review | Severe penalties apply for simple listing and describing. It should be a logically support analysis that reaches the review conclusion that should be included at the end of the section. Check word limit. This section should cover topics related to Securing the Network Topology and the use of multiple layers of security. |
10 |
| Main sections | Main body structures and contents quality including word limit. Can add multiple sections to address each topic as required and listed in the topic description above. The content must address the issue properly by writing your own conclusion of the topic. This should include the topics and explanation to consideration listed in part A. Topics: (1 and 2 for substituting the In-class test) 1. Security Consideration when segmenting a network 2. Vulnerability assessment 3. Securing the Network Topology using: Firewalls Penetration test & role of security team Access policies Monitoring System Access and Use Policy DOS Attacks Availability and Business Continuity |
10 10 30 |
| In body citation | Strictly follow the order and instruction by IEEE. Check when/where to put the citation. See attached files and search the internet for guidelines |
5 |
| References section | Check whether they follow the instruction. Otherwise, no marks will be provided. You need to have a reference to at least 5 reputed conferences/journals such as IEEE, and cited them correctly on the assignment section. |
5 |
| Presentation | Presentation skills and materials quality | 10 |
| Total | 100 |
BN223 Cyber Security Principles Page 9 of total pages
Prepared by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
Example Marking Rubric for Assignment #: Total Marks 100
Note: The marking criteria varies for each assignment
| Marking Rubric Criteria/ Grades |
High Distinction (HD) [Excellent] >80% |
Distinction (D) [Very Good] 70%-80% |
Credits (C) [Good] 60%-70% |
Pass (P) [Satisfactory] 50%-60% |
Fail (N) [Unsatisfactory] <50% |
| Criteria 1 | Concise and specific to the project |
Topics are relevant and soundly analysed. |
Generally relevant and analysed. |
Some relevance and briefly presented. |
This is not relevant to the assignment topic. |
| Criteria 2 | Demonstrated excellent ability to think critically and sourced reference material appropriately |
Demonstrated excellent ability to think critically but did not source reference material appropriately |
Demonstrated ability to think critically and sourced reference material appropriately |
Demonstrated ability to think critically and did not source reference material appropriately |
Did not demonstrate ability to think critically and did not source reference material appropriately |
| Criteria 3 | Demonstrated excellent ability to think critically and sourced reference material appropriately |
Demonstrated excellent ability to think critically but did not source reference material appropriately |
Demonstrated ability to think critically and sourced reference material appropriately |
Demonstrated ability to think critically and did not source reference material appropriately |
Did not demonstrate ability to think critically and did not source reference material appropriately |
| Criteria 4 | All elements are present and very well integrated. |
Components present with good cohesive |
Components present and mostly well integrated |
Most components present |
Proposal lacks structure. |
| Criteria 5 | Logic is clear and easy to follow with strong arguments |
Consistency logical and convincing |
Mostly consistent logical and convincing |
Adequate cohesion and conviction |
Argument is confused and disjointed |
| Criteria 6 | Clear styles with excellent source of references. |
Clear referencing style |
Generally good referencing style |
Sometimes clear referencing style |
Lacks consistency with many errors |
The post BN223 Cyber Security Principles appeared first on My Assignment Online.
