Network Security Page 1 of 12In-course Assignment Information Sheet This assignment consists of TWO (2) sections: Section A and Section B. Section A is individual that contributes 30% of total 100% while Section B is the remaining 70%, consisting of 60% individual and 40% group. Section A 1. Learning Outcomes This individual assignment carries 30% of your total module assessment marks. At the end of this assignment, student would be able to apply programming concepts with regards to Network Security 2. Assignment Questions You are required to conduct research, design and develop your assignment. 3. Project Title Each group is to propose an Assignment Title (1 printed page) and submit it to the lecturer for approval before starting your work. Deadline for Project Title approval is on 9th week. Students are expected to do the project independently with minimal supervision. Each student should have a unique title. The requirements of a title are that it should involve some network security research components. Some possible areas are (you can propose your own title or choose one below): 1. IDS/IPS: Challenges and Deployment 2. Honeypot 3. Bastion Host 4. Proxy Server 5. SIP and Secure VoIP 6. Scanning & Security Auditing 7. Smartphone Security 8. Web Security and SSL Any other suitable title can also be accepted. Guidelines for the Report: Document the results of your work in a professional and systematic manner, in the form of a computerized report. One (1) softcopy and hardcopy of your documentation is to be submitted. Your completed documentation should meet the following requirements (if applicable): 1. Marking Table 2. Introduction 3. Chapters / sections 4. Recommendations 5. Documentation of the configured device(s), if there is any 6. Conclusion 7. Appendices 8. Bibliography or References Level 2 Asia Pacific University of Technology and Innovation Your report must be typed using Microsoft Word with Times New Roman font and size 12. sub-sub sections etc. The report should have a consistent layout and be divided into enumerated sections. paying due regard to the following aspects: The report is to be written in the 3rd person. disorganised.Network Security Page 2 of 12 In your document the report is to be written in a professional manner. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper.000 words for 1 topic (excluding diagrams. inconsistent look. varying coloured paper and size) will not fare well when marks are allocated. The report should be fully referenced using the University standard. You need use to include a word count at the end of the report and it should be in 1.5 spaces. appendixes and references). Submission of reports that are unprofessional in its outlook (dirty. Expected length is 2. sub-sections. The report should have a one (1”) margin all around the page as illustrated below: 1 inch 1 inch 1 inch 1 inch The Typed Text 1 inch 1 inch 1 inch 1 inch Level 2 Asia Pacific University of Technology and Innovation . The marking table must be placed on a single page. Ensure you fill in the details of your team members’ full names and their respective student IDs. located as either the second or third page of your final assignment documentation. Marking Table Please note that during the preparation of your assignment.Network Security Page 3 of 12 Every report must have a front cover. The schedule for the presentation will be announced in due time. Submission requirements A CD containing an electronic version of the document and the hardcopy. o Date Assigned (the date the report was handed out). A transparent plastic sheet can be placed in front of the report to protect the front cover. Each team member’s name must only appear once. o Date Completed (the date the report is due to be handed in). Assessment Criteria: Documentation 10% Referencing 10% Research and Investigation 10% Diagrams & Figures 10% Critical Thinking and Applicability 20% Analytical 20% Explanation 10% Presentation 10% Level 2 Asia Pacific University of Technology and Innovation . The front cover should have the following details: o Name o Intake code. o Project Title. you must include the following marking table. o Subject. 4 3 2 1 Level 2 Network Security Names and Intakes Documentation (10) Referencing (10) Research and Investigation (10) Diagram/Figures (10) Asia Pacific University of Technology and Innovation Critical Thinking and Applicability (20) Individual (100%) Analytical (20) Explanation (10) Presentations (10) Grand Total (100) Page 4 of 12 . Engineering and Finance) must be able to access the web server at the DMZ over HTTP and HTTPS. A third interface on the firewall hosts a demilitarised zone (DMZ) hosting several servers. The company requires implementing FTP with user and password is essential for each transaction. (Solution and configuration) 2. Its office consists of 3 departments: IT. Clients should also be able to put and get files via FTP to the same server. These servers include web. The ISP completely manages this router and the APU main campus has no control over it. A group consist of maximum 4 students. (Solution and configuration. (Solution and configuration.) 4. Engineering and IT workstations must be able to access the Internet (to reach APIIT Sri Lanka) over HTTP and HTTPS with DNS. with 60% of the total contributed by an individual component. There are some requirements in the above scenario that must be considered in this security design.) Level 2 Asia Pacific University of Technology and Innovation . Kuala Lumpur. Scenario: APU main office is based in Technology Park. Zero (0) mark will be awarded for late submission. It has an IT office in Sri Lanka with 50 hosts for the employees. The firewall’s outside interface connects directly to the internet service provider (ISP) router. Client workstations (IT. then connected to a distributed switch and then to the router’s inside interface. (Solution and configuration. 1. As a network security specialist. The goal is to protect the internal and DMZ hosts from external threats. No marks will be awarded for the entire assignment if any part of it is found to be copied directly from printed materials or from another group. Client workstations must be able to check their e-mail on the e-mail server at the DMZ. No other protocol access is allowed to the Internet. All submissions should be made on or before the due date. (Minimum 2 students). The following topology illustrates the network architecture and topology of the Kuala Lumpur office of APU at Kuala Lumpur and APIIT at Sri Lanka. The Kuala Lumpur office has simple network architecture. unless extenuating circumstances are upheld. Clients workstations are connected to an access switch. Engineering and Finance.) 3.Network Security Page 5 of 12 Section B Instructions: This group assignment carries 70% of your total module assessment marks. email and FTP applications. The web server should be reachable from the external clients over HTTP and HTTPS only. you are required to provide a security solution for APU main campus at Kuala Lumpur and APIIT at Sri Lanka. Any late submissions after the deadline will not be entertained. (Solution. No client from sales. The e-mail server should be able to receive e-mail from external hosts over the simple mail transfer protocol (SMTP). you have to recommend.Network Security Page 6 of 12 5. 10. Implement VPN between Sri Lanka and Kuala Lumpur. (Configuration is required. in addition to the solution that you provide.) 8. (No Configuration is required.) 12. (Configuration is not required. (Solution on the techniques.) 9. You are required to explain the solution in detail. (Solution and configuration. what should be done in order to fulfil the company’s requirement. Bastion host works as an application proxy. you have to implement it by configuring the appropriate device with commands and setups.) 7. Provide the network diagram and show where to locate the IDS. Level 2 Asia Pacific University of Technology and Innovation . Implement SSL encryption between Sri Lanka and Kuala Lumpur. Provide the network diagram and show where to locate the bastion host. Layer two securities is a requirement in the APU main campus at Kuala Lumpur and APIIT (Sri Lanka) LAN. Connectivity between APU main campus in Kuala Lumpur and APIIT in Sri Lanka is a requirement. (Solution and configuration.) 6. (Configuration is not required). (Solution) Note: The “solution” in the parenthesis means that. Data transmitted over the network must be kept disguised and only intended recipient can read it. you do not have to configure any of the device(s) in the topology.) 13. engineering and finance department is able to access clients in the other departments. Hackers are unable to understand the content even they are able to wiretap the communication. In this case. no configuration is required) 11. What is the best solution? Elaborate on the solution. The company requires implementing intrusion detection systems (IDS). The “configuration” in the parenthesis means that. Network Security Page 7 of 12 Guidelines for the Report: Document the results of your work in a professional and systematic manner. One (1) softcopy and hardcopy of your documentation is to be submitted. in the form of a computerized report. Level 2 Asia Pacific University of Technology and Innovation . Marking Table 3. The report should have a one (1”) margin all around the page as illustrated below: 1 inch 1 inch 1 inch 1 inch The Typed Text 1 inch 1 inch 1 inch 1 inch Level 2 Asia Pacific University of Technology and Innovation . Chapters / sections 7. sub-sub sections etc. paying due regard to the following aspects: The report is to be written in the 3rd person. Table of contents for every detailed chapter/section. disorganised. Introduction 6. Conclusion 11. Appendices 13. varying coloured paper and size) will not fare well when marks are allocated. Detailed Work Breakdown Structure 5. The report should be fully referenced using the University standard. Submission of reports that are unprofessional in its outlook (dirty. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper. Recommendations 8. sub-sections. The report should have a consistent layout and be divided into enumerated sections. 2. Bibliography or References In your document the report is to be written in a professional manner. Your report must be typed using Microsoft Word with Times New Roman font and size 12 and it should be in 1. Network configurations 9. Documentation of the configured device(s) 10.5 spaces. Contribution of each member 12. Gantt Chart 4. inconsistent look.Network Security Page 8 of 12 Your completed documentation should meet the following requirements: 1. o Date Assigned (the date the report was handed out). located as either the second or third page of your final assignment documentation. Ensure you fill in the details of your team members’ full names and their respective student IDs. o Project Title. A transparent plastic sheet can be placed in front of the report to protect the front cover. o Subject. The marking table must be placed on a single page. Submission requirements A CD containing an electronic version of the document and video presentation (15 minutes) of group member. Marking Table Please note that during the preparation of your assignment. The schedule for the presentation will be announced in due time. you must include the following marking table. Assessment Criteria: Documentation 10% Group Referencing 10% Group Research and Investigation 10% Group Diagrams & Figures 10% Group Critical Thinking and Applicability 20% Individual Analytical 20% Individual Configurations 10% Individual Presentation 10% Individual Level 2 Asia Pacific University of Technology and Innovation .Network Security Page 9 of 12 Every report must have a front cover. The front cover should have the following details: o Name o Intake code. Each team member’s name must only appear once. o Date Completed (the date the report is due to be handed in). 4 3 2 1 Level 2 Network Security Names and Intakes Documentation (10) Referencing (10) Group (40%) Research and Investigation (10) Diagram/Figures (10) Asia Pacific University of Technology and Innovation Critical Thinking and Applicability (20) Analytical (20) Configurations (10) Individual (60%) Presentations (10) Grand Total (100) Page 10 of 12 . Outstanding evaluation of the requirements with evaluation of the requirement. contents. places. Level 2 Asia Pacific University of Technology and Innovation . and management. well formatted wrong usage of citation referencing with needed referencing with needed or not following proper citations in all required citations in all required referencing format. Poor Good evaluation of the problem. Including needed copyright sign needed copyright sign for used software. proper reasoning with requirements with proper project planning proper reasoning. or Proper. for used software and terms with proper referencing for each one. The document looks like a real world solution. Using a right bibliography 1 to 3 4 to 7 8 to 10 Research and Poor research and Well research and Very well analysis and Investigation (10) investigation of the investigation is done.Network Security Page 11 of 12 Marking Scheme Rubrics 1 to 3 4 to 7 8 to 10 Documentation (10) All submission All submission All submission requirements were not requirements were requirements were adhered or poor writing followed with well followed with very good or poor quality of writing and proper writing and formatting. Outstanding project planning and management with the screenshots of used tools. well formatted Proper. 1 to 3 4 to 7 8 to 10 Referencing (10) None. formatting of document The quality of the along with proper content is very good. quality of the content. investigation of the problem. Including places. very little. good use of the solution has been done. but voice is hard to be and able to attract Voice is hardly to be heard. 1 to 5 6 to 10 11 to 15 16 to 20 Critical Thinking and The judgment The judgment is The judgment is Provided relevant Applicability (20) criteria are not somehow relevant. Able to answer audience’s attentions. some of the configuration of all of devices are not the devices with configured properly. applicable.Network Security Page 12 of 12 1 to 3 4 to 7 8 to 10 Diagrams / Figures (10) Failed to attach any Few diagrams and Proper and relevant diagrams and figures. figures attached. Unable to answer produce confirmed Able to answer all the questions answers questions without referring to notes. complete documentation The documentation of of the configured the configured devices devices. techniques are used for forming the judgment. Level 2 Asia Pacific University of Technology and Innovation . Insufficient analysis tools and done. descriptions and and well described. 1 to 3 4 to 7 8 to 10 Presentations (10) Fail to attend the Attended presentation Attended presentation presentations. is not complete. diagrams and figures. heard. 1 to 3 4 to 7 8 to 10 Configurations (10) Failed to configure the Partial configuration is Proper and full required devices. question but failed to Voice is clear and loud. Proper descriptions on technique is usage of tools in analysis results made analyzing and testing the accuracy of the solution. labeling. The solution is making the solution is not solution is relevant though it judgment. applicable though lack of Applicable it lacks in some supporting methods or parts. Descriptions of Diagrams are lack of Diagrams are labeled diagrams are blurring. done. Sequence of diagrams is well organized. 1 to 5 6 to 10 11 to 15 16 to 20 Analytical (20) Very poor or Analysis done Analysis is Excellent minimal analysis with lack of tools accurate and analysis of the of the problem is and techniques. factors.The criteria for relevant and the relevant.