| Assessment Details and Submission Guidelines | |
| Trimester | T1, 2019 |
| Unit Code | MN502 |
| Unit Title | Overview of Network Security |
| Assessment Type | Group Assignment (Maximum 3 Students in a group) |
| Assessment
Title |
Security in Networked Systems (Assignment 2) |
| Purpose of the assessment
(with ULO Mapping) |
The purpose of this assignment is to develop skills to independently think of innovation. Students will be able to complete the following ULOs:
c. Explain the major methodologies for secure networks and what threats they address; d. Identify and report network threats, select and implement appropriate countermeasures for network security. |
| Weight | 20% |
| Total Marks | 65 |
| Word limit | 1800 – 2200 |
| Due Date | 05:00PM, Thursday 30/05/2019 |
| Submission Guidelines | • All work must be submitted on Moodle by the due date along with a title Page.
• The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2.54 cm margins on all four sides of your page with appropriate section headings. • Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. |
| Extension | If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School’s Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment.
Further information is available at: http://www.mit.edu.au/about–mit/institute–publications/policiesprocedures–and–guidelines/specialconsiderationdeferment |
| Academic
Misconduct
|
Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about–mit/institute–publications/policiesprocedures–and–guidelines/Plagiarism–Academic–Misconduct–PolicyProcedure. For further information, please refer to the Academic Integrity Section in your Unit Description. |
SM Farhad April, 2019
Assignment Description
Royal Consulting Services (RCS) provides security consulting and services to over 300 clients across a wide range of enterprises in Australia. A new initiative at RCS is for its two offices in Sydney and Melbourne to provide internships to students who are pursuing their postgraduate studies in reputed institutes in Sydney and Melbourne in the Networking domain.
To evaluate suitable candidates for this prestigious internship program, RCS has asked applicants to prepare a detailed report and a presentation addressing the following sections:
- Google Dorking (maximum 600 Words)
Google Dorking, or using advanced Google search techniques to find sensitive information, has been linked to “online dumpster diving.” Use Library/Internet resources to research Google dorking. Based on your research address following:
- How the following advanced Google search engine operators are used:
allintext, allintitle, allinurl, cache, filetype, inanchor, intest, intitle, link, site, +, |, and *
- Use at least four of the operators to create potential Google dorking searches and provide discussion with snapshots.
- Identify and discuss how easy is it for a threat actor to use Google dorking?
- Provide recommendations for users and organisations to combat Google dorking.
B. Recommended Cryptoperiods (maximum 600 Words)
A cryptographic key is a value (essentially a random string of bits) that serves as input to an algorithm, which then transforms plain text into ciphertext (and vice versa for decryption). One of the important characteristic that determines key strength is its cryptoperiod. Or the length of time for which the key is authorised for use.
- From current literature survey, critically analyse and discuss cryptoperiods for hash, symmetric, and asymmetric algorithms. Find at least three sources for each of the algorithms (select two algorithms from each category).
- Draw a table to list the algorithms and the recommend time, and then calculate the average of each.
- Provide recommendation on the cryptoperiods for each selected algorithm.
- Cloud Computing (maximum 600 Words)
Cloud computing is a pay-per-use computing model in which customers pay only for the online computing resources they need. It is a model for enabling convenient, on demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provide interaction. Based on your research and analysis
- Discuss the importance of cloud computing in today’s world. Explain four service models in the cloud computing.
- Explain one security protection for cloud computing used in an organization.
- Compare Microsoft Azure with Amazon Web Services (AWS). Create a table that lists at least five options. Include the advantages and disadvantages of each. Which would you recommend? Why?
- Would you recommend the cloud computing for your school? Justify your recommendation.
D. Compare Protocol Analysers (maximum 600 Words)
A protocol analyser is a hardware or software that captures packets to decode and analyse their contents. Network traffic can be viewed by a stand-alone protocol analyser device or a computer that runs protocol analyser software.
- Analyse and discuss the importance of protocol analysers from an enterprise point of view.
- Research any two protocol analysers (such as Wireshark, Colasoft Capsa, and Microsoft message Analyser) and compare their features.
- Download and install each selected product on your personal /lab computer using Virtual machine (Kali Linux /Windows 8.1 Professional) in Virtual Box. Perform protocol analysis (provide snapshots)
- Which analyser would you recommend? Justify your recommendation.
E. References
Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style.
Note: Every group will create a 7-10 minutes presentation and present their work front of your class fellows and tutor during the Lab in Week 11.
[Source: M. Ciampa, Security+ Guide to Network Security Fundamentals, 6th ed. Cengage, 2018.]
Submission Guidelines
- The assignment should be submitted on the Moodle in two separate files:
o The report should be submitted as a Word file o The presentation should be submitted as a PPT file Do not use Wikipedia as a source or a reference.
- Make sure you properly reference any diagram/graphics used in the assignment.
Marking criteria for Assignment #2
| Section to be included | Description of the section | Marks |
| Google Dorking | Based on your research address following:
1. How the following advanced Google search engine operators are used: |
12 |
| allintext, allintitle, allinurl, cache, filetype, inanchor, intest, intitle, link, site, +, |, and *. | |||
| 2. | Use at least four of the operators to create potential Google dorking searches and provide discussion with snapshots. | ||
| 3. | Identify and discuss how easy is it for a threat actor to use Google dorking? | ||
| 4. | Provide recommendations for users and organisations to combat Google dorking. | ||
| Recommended
Cryptoperiods |
1.
2. 3. |
From current literature survey, critically analyse and discuss cryptoperiods for hash, symmetric, and asymmetric algorithms. Find at least three sources for each of the algorithms (select two algorithms from each category).
Draw a table to list the algorithms and the recommend time, and then calculate the average of each. Provide recommendation on the cryptoperiods for each selected algorithm. |
12 |
| Cloud Computing | 1.
2. 3. 4. |
Discuss the importance of cloud computing in today’s world. Explain four service models in the cloud computing.
Explain one security protection for cloud computing used in an organization. Compare Microsoft Azure with Amazon Web Services (AWS). Create a table that lists at least five options. Include the advantages and disadvantages of each. Which would you recommend? Why? Would you recommend the cloud computing for your school? Justify your recommendation. |
12 |
| Compare Protocol Analysers | 1.
2. 3. |
Analyse and discuss the importance of protocol analysers from an enterprise point of view.
Research any two protocol analysers (such as Wireshark, Colasoft Capsa, and Microsoft message Analyser) and compare their features. Download and install each selected product on your personal /lab computer using Virtual machine (Kali Linux /Windows 8.1 |
12 |
| Professional) in Virtual Box. Perform protocol analysis (provide snapshots)
4. Which analyser would you recommend? Justify your recommendation. |
|||
| References | Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style. | 5 | |
| Oral Presentation | Delivery of the presentation (quality of the presentation, depth of knowledge on the material presented and ability to answer questions asked by the audience) | 12 | |
| Total Marks | 65 | ||
Marking Rubric for Assignment #2
| Grade Mark | HD 80% + | D 70%-79% | CR 60%-69% | P
50%-59% |
Fail
<50% |
| Excellent | Very Good | Good | Satisfactory | Unsatisfactory | |
| Google
Dorking /12 |
A very detailed and very clear discussion | A well written and clear discussion . | Generally good discussion . | Very brief discussion. | Poor discussion with irrelevant details |
| Recommended
Cryptoperiods /12 |
A very clear and in-depth discussion about
Cryptoperiods |
Very clear discussion about Cryptoperiods | Generally good discussion about Cryptoperiods | Brief discussion about the Cryptoperiods | Poor discussion about
Cryptoperiods with irrelevant information |
| Cloud
Computing /12 |
A very detailed and very clear discussion about Cloud Computing | Very clear discussion about
Cloud Computing |
Generally good discussion about
Cloud Computing |
Brief discussion about Network Cloud Computing | Poor discussion with irrelevant information |
| Compare
Protocol Analysers /12 |
An in-depth and very clear discussion about the Protocol
Analysers |
Very clear discussion about the Protocol Analysers | Generally good discussion about the Protocol Analysers | Brief discussion about the Protocol
Analysers |
Irrelevant discussion about the Protocol Analysers |
| References
/2 |
Clear styles with excellent source of references. | Clear
referencing style |
Generally good referencing style | Unclear referencing style | Lacks consistency with many errors. |
| Oral
Presentation /10 |
Good delivery, easy to follow and good interaction | Delivered, easy to follow and provided a level of interaction | Delivered and provided a level of interaction | Delivered | No oral presentation |