2 a, b, c ,d specfic write up of 1000 words with cisco packet tracer network design
IFN553 Introduction to Security and Networking Semester 1, 2020 Assessment task 1: Written Analytical Report Weighting: 60% Word Limit: 2000-word report (+/- 10%). Word count excludes the title page, executive summary, table of contents and references). Group/Individual: Group (Teams of 2 students. Unit coordinator to allocate students to teams.) Due Date: 5pm AEST Friday 5 June 2020 1. Background information You are a network administrator working for XYZ company. Your manager has received reports that the company’s website www.xyzcompany.com is not working. Users attempting to access the website report that they receive a ‘page cannot be displayed’ error in their browser. Your manager asks you to investigate the situation, analyse the potential cause or causes of the website service disruption, suggest solutions and outline their limitations. You must detail your findings in a report. 1.1 Preliminary investigation You confirm the interrupted service issue by visiting www.xyzcompany.com from your browser. The error message is displayed. Following this, you decide to perform some basic troubleshooting. You attempt to visit the website using the IP address 200.43.1.1 directly. You succeed in viewing the site using this method. Based on this preliminary investigation, you suspect there may be a problem with the Domain Name System (DNS) server. You wonder what has gone wrong, and whether an attack has taken place. You must investigate further, so that you understand what happened and can suggest appropriate solutions. 2. Assessment task This is a group assignment. Each group is a team of two people working in network administration for XYZ company. (The unit coordinator will allocate students to teams). Your team must complete an investigation and write a report for the XYZ company manager. 2.1 Phase 1: Extract a sample of the network traffic on the DNS server. Download the capture file Scenario capture file (PCAPNG 2.39 KB). It is in the same folder as this assessment task specification. Note that the capture file provided is only a very small sample of the total traffic captured from the server. For this assessment task, you can assume the rest of the capture shows the same trends, with patterns that are similar and consistent with those in the provided Scenario capture file. 2.2 Phase 2: Data examination and analysis What would you expect to see in a DNS server capture under normal operation? Provide a detailed and technical explanation of the DNS protocol, with a focus on the name resolution process. Examine the data in the Scenario capture file. Analyse the data, compare this with normal expected behaviour and determine what has taken place. Record your observations and make connections between the specific data items included in the file and your description of the events that likely occurred. Consider the security goals for the organisation that may have been compromised, the vulnerabilities (within the organisation and within the DNS protocol itself) that have contributed to the incident and the threats that acted on them. Has there been an attack? If so, what type of attack (active or passive)? Or is this problem caused by something else? Justify your claim. That is, refer to the data in the file to provide supporting evidence. What are the possible technical and organisational consequences of this incident for XYZ company? 2.3 Phase 3: Potential mitigation strategies Perform some independent research to identify mitigation strategies that could be applied in this scenario. Provide at least one strategy from each classification (preventative, detective and corrective), and discuss the strengths and limitations associated with it. If you decide that a certain class of strategy is not applicable, explain why. 2.4 Phase 4: Documentation Write up a report for the XYZ company manager. Details to assist in constructing your report are provided below. 2.4.1. Report structure and format Your report should be written in Word, with a header and footer on each page. Include student numbers and names of team members in the header, and the unit code IFN553 and page number in the footer. Use 12-point font. The report should have the following sections: · Title page · Executive Summary · Table of contents · Introduction · Discussion · Conclusion · Recommendations · References NOTE: Use the QUT APA style for citation and references. This requires citations within the written text of the report, as well as the list of references used. Information about the APA style of referencing is available from the cite|write page: https://www.citewrite.qut.edu.au/cite/qutcite.jsp#apa-general-how. The QUT librarians are also willing to assist with referencing; check the QUT Library homepage for links or ask HiQ. 2.4.2 Report content The Website Service Interruption Report must include at least the following content: a) A description of the problem that XYZ company has asked you to investigate, why this is important for the company and an overview of the process you followed in this investigation (the best place for this is in the Introduction) b) An explanation of network traffic associated with connection to a website and with the DNS protocol (the best place for this is in the Discussion). Include a detailed explanation of normal DNS Protocol behaviour c) Your observations based on your examination of the capture file (the best place for this is in the Discussion). Include · a description of the DNS Protocol behaviour you observed in the capture file · a comparison of the normal and observed behaviours. d) Your explanation of what has happened (the best place for this is in the Discussion). Include · A statement of the security goal or goals that may have been compromised. · Relevant vulnerabilities that may have contributed to this incident, and the threats that appear to have acted on them. · A determination on whether an attack has occurred, and if so, the type of attack, with appropriate justification. e) Possible consequences of this attack for XYZ company (the best place for this is in the Discussion). Include both technical and organisational consequences. f) Potential mitigation strategies that could be applied (the best place for this is in the Discussion). Include a discussion of their associated strengths and limitations. g) Recommendations (the best place for this is in the Recommendations). Include · The mitigation strategy or strategies you recommend that XYZ company apply. · A clear explanation of why this is an appropriate choice to deal with the service interruption issue. Don’t expect the manager to figure this out. 2.4.3 Report writing for assessment at QUT An important aspect of this assessment task is locating relevant information, either in online resources or in print media. However, it is important that the report is written in your own words. Do not just 'cut and paste' or copy information from any source into your report: that is considered plagiarism (a breach of academic integrity) and is not acceptable in Australian universities. If this is detected, the Unit Coordinator must notify the Faculty Academic Integrity Committee, and the penalties imposed may be severe (See the QUT MOPP for details). A useful guide to referencing, citation and report writing is available here: http://www.citewrite.qut.edu.au/. 2.5 Submitting your report 2.5.1 Submission process Your team should submit an electronic copy of your completed report for marking by the due date. Submission for final marking is through the Blackboard site; look for the Turnitin submission link below the report specification link. Only one member of the team needs to submit the report. Be sure you have decided on who will submit and confirm with your team-mate before the deadline that this has occurred. 2.5.2 Assessment declaration Be aware that in submitting your report for assessment · It is your responsibility to check that you have submitted the correct assignment file before the due date. · Any submission after the due date is considered a late submission and is subject to the Late Assessment Policy (See QUT’s MOPP for further details.) · You are representing the work as solely the effort of your team and declaring that it does not contain plagiarised material. · You are aware that students at QUT must maintain academic integrity as stated and explained in the QUT MOPP (http://www.mopp.qut.edu.au/C/C_05_03.jsp ). · You are aware that your report may be stored in the Turnitin reference database, becoming part of the bank of material that assignments will be checked against, in the current course and in the future. 3. Teamwork The report specification requires you to work in 2-person teams. This increases discussion opportunities and perhaps leads to exploring ideas that may not have otherwise occurred to you as an individual. However, as in any relationship, working together may become difficult if group members have very different expectations regarding the assessment task. Some difficulties may be avoided by discussing expectations with team-mates BEFORE starting work together. Here is a list of points you may want to discuss with your team-mate. There may be other points that are also important to you. If you discuss these honestly before you start, then you know where you stand, and that can help to make your work together more effective. Ask your team-mate about these things: 1. What are you hoping to achieve for this unit/assessment item? If one person is working for a high distinction and the other is happy with a pass, then there may be some conflict about the standard of the report submission. Understand your team-mate’s goal for this assessment task and be honest about your goal. Try to sort out the areas where you can each contribute to best effect. 2. How much time do you have available to work on this – when and where? We all have lives outside of university, and it can be challenging to coordinate times for different activities. Here are some questions you might ask your team-mate: · Are you a full-time student, or are you working full time and studying part time? · Do you have commitments (for example: work, sporting, family or religious commitments) that will impact on your availability? · Are you able to work on this during the day, at night, or over the weekend? · How will we meet (Skype? Zoom? Facetime?) and how often? How much can you do independently between meetings? 3. What are your skills or strengths related to report writing? Are you good at: · Data analysis, with technical knowledge of the networking protocols? · Tracking down information from a range of sources, summarizing information, and finding great examples to illustrate the points you make? · The write-up phase: structuring your report and writing clearly and concisely? · Citation and referencing? You don’t both need to be good at the same things to form a great report writing team. It can be very useful to have a team-mate whose strengths complement yours, so that together you form an effective team. 4. Marking Criteria The marking criteria outline the criteria your report will be assessed against. This is in a separate document, located in the same folder as this task specification. You can