Network Security and Mitigation Strategies Answers

Edith Cowan University

Assessment 2: Report

Outcomes

The purpose of this assessment task is to apply the student’s understanding and knowledge gained from the weekly content in articulating and writing a report that:

analyses contemporary network security issues and develops appropriate mitigation strategies, and
evaluates a contemporary network for vulnerabilities.

Overview

Internet of Things (IoT) devices can be used to sense and share data from its surrounding environment for various purposes that can be useful for both humans and machines. These can be as simple as measuring the temperature of a room or more critical tasks such as monitoring the heart-rate of a sick patient in a hospital. The advances in hardware design, communication protocols, and computing technologies have created an ecosystem of a variety of IoT devices by numerous vendors and underlying infrastructure.

The network diagram provided (Figure 1 - see below) illustrates the various IoT devices integrated in a medium sized organisation’s IT network. Table 1 (see below) provides detailed specifications of the devices including hardware, software, and firmware details. Although the network is already secured with various defences, there are several problems that can lead to the organisation being compromised by cyber criminals.

Instructions

You have been hired as an external cyber security consultant to analyse the network for security issues and recommend solutions to mitigate these risks in the form of a technical report. The report is intended to be submitted to the management committee of the organisation. Therefore, highly technical concepts must be further described to a level understood by a novice audience.

Your report should consist of the following:

Identify and contextualise two (2) security issues related to the IoT devices and two (2) security issues related to the IT infrastructure. You may consider aspects related to hardware, software, firmware, and protocols.
Further support the above security issues by describing an actual attack that has occurred for both IoT and IT.
Explain two vulnerabilities including the CVE that exist in this organisation.
Propose and justify solutions to address the issues that you have identified in the task (1).

Please note that discussions related to security policies are beyond the scope of this assessment and therefore should be excluded from your report.

Marking Criteria

Each of the following criteria are worth 8 marks, with a total of 40 marks for the whole assessment.

Identification of security issues (two for IoT and two for IT)
Actual attacks described for IoT and IT
Two vulnerabilities/CVE explained
Solutions proposed and justified to address the four security issues identified
Quality of report based on sources and referencing, depth of research, critique, and writing

Resources

PDF/SVG/draw.io File
Report template

Table 1

Device	Details
Cisco ASA 5585-X	Used as the edge firewall for the organisation. Last software/firmware update unknown.
Netgear GS116PP-100AJS	Unmanaged network switch.
Linksys WRT1900AC	Wireless router using WEP shared key authentication.
Wireless Temperature Sensor	Custom built temperature sensor. Waterproof DS18B20 Digital temperature sensor connected to an ESP8266 board . Using MQTT to communicate to an Ubuntu desktop installed in LAN1.
File Server	Windows Server 2016
Directory Server	Windows Server 2016
Proxy Server	Ubuntu Server 16.04 LTS Squid proxy
Mail Server	Ubuntu Server 16.04 LTS Postfix 3.2 SquirrelMail 1.4.23 Apache 2 PHP 5
LAN 1	Various Desktop configurations 9 x Windows 10 PCs 1 x Ubuntu Desktop 18.10 running the MQTT broker software for the temperature sensor
LAN 2	Various Desktop configurations 15 x Windows 10 PCs

network diagram for medium sized organisations IT network

Report Template

The report should be properly word processed and formatted accordingly to a professional standard and suitable to the target audience. As a minimum, the report should have the following sections. You may add sub-headings or other content as required.

Cover Page
Table of Contents
Introduction
Security Issues
Attack Scenarios
Vulnerabilities
Proposed Countermeasure(s)/Solution(s)
References
Appendices (as needed)

Question 1: Hubs are no longer in common use. Why is this and what have they been replaced with in organisations? What could a hub be used for in modern networking?

Question 2: What is a router used for? How is this different from what a switch is used for?

Question 3: Use Cisco Packet Tracer to connect three computers via a hub (see the following image) and configure them with static IP addresses.

What happens when two PDUs are sent at the same time (as in the following image)?

Week-5

You have been asked to design a solution for connecting two buildings with a cabled connection. Your design will lead to a project where a buried cable will be run between these two buildings. The buildings are 120m apart from basement wall to basement wall. What solution would you choose? Why? What factors would you consider when coming to this conclusion?

Week-6

Question 1: What is the primary purpose of a VPN? What are the differences between a PPTP VPN, an L2TP VPN and an OpenVPN VPN?

Question 2: What is the difference between PaaS and IaaS in cloud computing? What kind of businesses are most likely to use each?

Question 3: What does the “Asynchronous” part of the ADSL protocol refer to? How does this function?

Question 4: How do most network firewalls tell the difference between different kinds of network traffic? (eg. how could a firewall know to block RDP connections but not HTTP connections?)

Australia Universities

ACT

Australian Catholic University

Australian National University

Bond University

Central Queensland University

Charles Darwin University

Charles Sturt University

Curtin University of Technology

Deakin University

Edith Cowan University

Flinders University

Griffith University

Holmes Institute

James Cook University

La Trobe University

Macquarie University

Monash University

Murdoch University

Queensland University of Technology

RMIT University

Southern Cross University

Swinburne University of Technology

University of Adelaide

University of Ballarat

University of Canberra

University of Melbourne

University of Newcastle

University of New England

University of New South Wales

University of Notre Dame Australia

University of Queensland

University of South Australia

University of Southern Queensland

University of Sydney

University of Tasmania

University of Technology Sydney

University of the Sunshine Coast

University of Western Australia

University of Wollongong

Victoria University

Western Sydney University

Year 11 - 12 Certification Assignment

Australian Capital Territory Year 12 Certificate

HSC - Higher School Certificate

NTCE - Northern Territory Certificate of Education

QCE - Queensland Certificate of Education

SACE - South Australian Certificate of Education

TCE - Tasmanian Certificate of Education

VCE - Victorian Certificate of Education

WACE - Western Australia Certificate of Education